AccessViol after moving from 15.2.18 to 15.2.25

<< Click to Display Table of Contents >>

Navigation:  Forum >

AccessViol after moving from 15.2.18 to 15.2.25

Forum link

 

 

05-07-2021, 08:31 PM:

 

I am doing a check in TController.IWServerControllerBaseBrowserCheck( aSession: TIWApplication; var rBrowser: TBrowser);

 

var

 

  luas : String; // UserAgentString

 

begin

 

  luas := Lowercase(ASession.Request.UserAgent)

 

I now get an accessviolation when I try to access the UserAgent.

 

Any ideas?

 

 

05-10-2021, 01:05 PM:

 

Hi, try:

 

luas := Lowercase(WebApplication.Request.UserAgent);

 

 

05-10-2021, 02:25 PM:

 

Using Webapplication still causes the av.

 

Maybe there is a simpler way for what I am trying to do. See the code below. It is really just trying to do an additional check for crawlers.

 

else if (Pos('baidu', luas) > 0)

 

or (Pos('yandex' , luas) > 0)

 

or (Pos('naverbot' , luas) > 0)

 

or (Pos('yeti' , luas) > 0)

 

or (Pos('seznambot' , luas) > 0)

 

or (Pos('slurp' , luas) > 0)

 

or (Pos('teoma' , luas) > 0)

 

or (Pos('moget' , luas) > 0)

 

or (Pos('ichiro' , luas) > 0)

 

or (Pos('sogu' , luas) > 0)

 

or (Pos('bot' , luas) > 0)

 

or (Pos('spider' , luas) > 0) then

 

begin

 

ASession.Terminate('403 Forbidden. Crawling this site is not allowed!');

 

rBrowser.destroy;

 

rBrowser := TInternetExplorer.Create(9);

 

//Log this session including the uas so you have a record of it

 

end

 

 

05-11-2021, 10:20 AM:

 

(05-07-2021, 08:31 PM)joelcc Wrote: [ -> ]I am doing a check in TController.IWServerControllerBaseBrowserCheck( aSession: TIWApplication; var rBrowser: TBrowser);

 

var

 

  luas : String; // UserAgentString

 

begin

 

  luas := Lowercase(ASession.Request.UserAgent)

 

I now get an accessviolation when I try to access the UserAgent.

 

Any ideas?

 

You didn't show the call stack, but I'm sure that ASession is not assigned.

 

As a rule of thumb, all events in ServerController where a TIWApplication instance is passed as a parameter *must* be checked for a valid session.

 

It is not guaranteed that a session exists in many of them.

 

BTW this code is not necessary at all. All these crawlers are already blocked by IW as long as ServerController.SessionOptions.AllowSearchEngines is false. Also, if the browser is not recognized, a standard TChrome instance will be created (90%+ chance that a webkit browser is being used).

 

 

05-11-2021, 06:27 PM:

 

Thanks for the explanation. I will remove the old code since it is no longer necessary.