Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / xsp / System / Web / Util / RequestValidator.cs / 1305376 / RequestValidator.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* * Base class providing extensibility hooks for custom request validation * * Copyright (c) 2009 Microsoft Corporation */ namespace System.Web.Util { using System; using System.Diagnostics.CodeAnalysis; using System.Threading; using System.Web; using System.Web.Configuration; public class RequestValidator { private static RequestValidator _customValidator; private static readonly Lazy_customValidatorResolver = new Lazy (GetCustomValidatorFromConfig); public static RequestValidator Current { get { if (_customValidator == null) { _customValidator = _customValidatorResolver.Value; } return _customValidator; } set { if (value == null) { throw new ArgumentNullException("value"); } _customValidator = value; } } private static RequestValidator GetCustomValidatorFromConfig() { // App since this is static per AppDomain RuntimeConfig config = RuntimeConfig.GetAppConfig(); HttpRuntimeSection runtimeSection = config.HttpRuntime; string validatorTypeName = runtimeSection.RequestValidationType; // validate the type Type validatorType = ConfigUtil.GetType(validatorTypeName, "requestValidationType", runtimeSection); ConfigUtil.CheckBaseType(typeof(RequestValidator) /* expectedBaseType */, validatorType, "requestValidationType", runtimeSection); // instantiate RequestValidator validator = (RequestValidator)HttpRuntime.CreatePublicInstance(validatorType); return validator; } internal static void InitializeOnFirstRequest() { // instantiate the validator if it hasn't already been created RequestValidator validator = _customValidatorResolver.Value; } private static bool IsAtoZ(char c) { return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z'); } [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", Justification = "This is an appropriate way to return multiple pieces of data.")] protected internal virtual bool IsValidRequestString(HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex) { if (requestValidationSource == RequestValidationSource.Headers) { validationFailureIndex = 0; return true; // Ignore Headers collection in the default implementation } return !CrossSiteScriptingValidation.IsDangerousString(value, out validationFailureIndex); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* * Base class providing extensibility hooks for custom request validation * * Copyright (c) 2009 Microsoft Corporation */ namespace System.Web.Util { using System; using System.Diagnostics.CodeAnalysis; using System.Threading; using System.Web; using System.Web.Configuration; public class RequestValidator { private static RequestValidator _customValidator; private static readonly Lazy_customValidatorResolver = new Lazy (GetCustomValidatorFromConfig); public static RequestValidator Current { get { if (_customValidator == null) { _customValidator = _customValidatorResolver.Value; } return _customValidator; } set { if (value == null) { throw new ArgumentNullException("value"); } _customValidator = value; } } private static RequestValidator GetCustomValidatorFromConfig() { // App since this is static per AppDomain RuntimeConfig config = RuntimeConfig.GetAppConfig(); HttpRuntimeSection runtimeSection = config.HttpRuntime; string validatorTypeName = runtimeSection.RequestValidationType; // validate the type Type validatorType = ConfigUtil.GetType(validatorTypeName, "requestValidationType", runtimeSection); ConfigUtil.CheckBaseType(typeof(RequestValidator) /* expectedBaseType */, validatorType, "requestValidationType", runtimeSection); // instantiate RequestValidator validator = (RequestValidator)HttpRuntime.CreatePublicInstance(validatorType); return validator; } internal static void InitializeOnFirstRequest() { // instantiate the validator if it hasn't already been created RequestValidator validator = _customValidatorResolver.Value; } private static bool IsAtoZ(char c) { return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z'); } [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", Justification = "This is an appropriate way to return multiple pieces of data.")] protected internal virtual bool IsValidRequestString(HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex) { if (requestValidationSource == RequestValidationSource.Headers) { validationFailureIndex = 0; return true; // Ignore Headers collection in the default implementation } return !CrossSiteScriptingValidation.IsDangerousString(value, out validationFailureIndex); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- SmtpMail.cs
- SrgsSemanticInterpretationTag.cs
- DataGridViewRowCancelEventArgs.cs
- UnknownWrapper.cs
- DependencyPropertyConverter.cs
- DesignerCategoryAttribute.cs
- DocumentApplicationJournalEntry.cs
- Activator.cs
- EntityProviderServices.cs
- VisualCollection.cs
- HyperlinkAutomationPeer.cs
- ZipIOCentralDirectoryBlock.cs
- TextServicesContext.cs
- UnsafeMethods.cs
- UTF8Encoding.cs
- CellLabel.cs
- FileNotFoundException.cs
- SiteMap.cs
- WebPart.cs
- DirectoryLocalQuery.cs
- ResourceDisplayNameAttribute.cs
- InputScopeConverter.cs
- FrameworkTextComposition.cs
- ItemPager.cs
- UrlMappingsSection.cs
- WebBrowserEvent.cs
- SimpleWorkerRequest.cs
- XhtmlBasicImageAdapter.cs
- RewritingPass.cs
- ChannelBinding.cs
- ContentType.cs
- SQLInt32.cs
- CryptoConfig.cs
- XmlSchemaComplexType.cs
- DataGridViewCellToolTipTextNeededEventArgs.cs
- CodeGenerator.cs
- ApplicationDirectoryMembershipCondition.cs
- Aes.cs
- TypeElementCollection.cs
- EventData.cs
- Event.cs
- QuaternionIndependentAnimationStorage.cs
- SiteMap.cs
- WebServiceAttribute.cs
- XmlRawWriter.cs
- HeaderCollection.cs
- Matrix.cs
- EnumValidator.cs
- SamlSubject.cs
- DataTemplateKey.cs
- CultureSpecificCharacterBufferRange.cs
- ImagingCache.cs
- UpdateException.cs
- StreamReader.cs
- MobileContainerDesigner.cs
- WebPartsPersonalization.cs
- Expression.DebuggerProxy.cs
- ItemCheckedEvent.cs
- StylusOverProperty.cs
- DataControlPagerLinkButton.cs
- HttpResponseWrapper.cs
- SapiRecoInterop.cs
- GlyphRunDrawing.cs
- SerializationInfo.cs
- RegexBoyerMoore.cs
- MetaColumn.cs
- XmlSerializableServices.cs
- FixedSOMPage.cs
- TrackingQueryElement.cs
- AutoGeneratedFieldProperties.cs
- SafeHandle.cs
- XPathDocumentIterator.cs
- ItemCollectionEditor.cs
- PropertyPathConverter.cs
- AdPostCacheSubstitution.cs
- SupportsPreviewControlAttribute.cs
- PrimitiveXmlSerializers.cs
- DataGridViewLinkCell.cs
- TypeInitializationException.cs
- RuleSettings.cs
- ExtensionSimplifierMarkupObject.cs
- DesignTimeType.cs
- HTTPRemotingHandler.cs
- Decimal.cs
- BitConverter.cs
- SqlNode.cs
- OleDbEnumerator.cs
- CompoundFileReference.cs
- OperationCanceledException.cs
- BuildProvidersCompiler.cs
- ColumnCollection.cs
- MetadataArtifactLoaderResource.cs
- RelationshipSet.cs
- Literal.cs
- OpenTypeMethods.cs
- XPathPatternParser.cs
- MessageQueueCriteria.cs
- TextSerializer.cs
- ServiceNotStartedException.cs
- SoapExtensionTypeElementCollection.cs