Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / xsp / System / Web / Util / RequestValidator.cs / 1305376 / RequestValidator.cs
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
/*
* Base class providing extensibility hooks for custom request validation
*
* Copyright (c) 2009 Microsoft Corporation
*/
namespace System.Web.Util {
using System;
using System.Diagnostics.CodeAnalysis;
using System.Threading;
using System.Web;
using System.Web.Configuration;
public class RequestValidator {
private static RequestValidator _customValidator;
private static readonly Lazy _customValidatorResolver =
new Lazy(GetCustomValidatorFromConfig);
public static RequestValidator Current {
get {
if (_customValidator == null) {
_customValidator = _customValidatorResolver.Value;
}
return _customValidator;
}
set {
if (value == null) {
throw new ArgumentNullException("value");
}
_customValidator = value;
}
}
private static RequestValidator GetCustomValidatorFromConfig() {
// App since this is static per AppDomain
RuntimeConfig config = RuntimeConfig.GetAppConfig();
HttpRuntimeSection runtimeSection = config.HttpRuntime;
string validatorTypeName = runtimeSection.RequestValidationType;
// validate the type
Type validatorType = ConfigUtil.GetType(validatorTypeName, "requestValidationType", runtimeSection);
ConfigUtil.CheckBaseType(typeof(RequestValidator) /* expectedBaseType */, validatorType, "requestValidationType", runtimeSection);
// instantiate
RequestValidator validator = (RequestValidator)HttpRuntime.CreatePublicInstance(validatorType);
return validator;
}
internal static void InitializeOnFirstRequest() {
// instantiate the validator if it hasn't already been created
RequestValidator validator = _customValidatorResolver.Value;
}
private static bool IsAtoZ(char c) {
return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z');
}
[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters",
Justification = "This is an appropriate way to return multiple pieces of data.")]
protected internal virtual bool IsValidRequestString(HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex) {
if (requestValidationSource == RequestValidationSource.Headers) {
validationFailureIndex = 0;
return true; // Ignore Headers collection in the default implementation
}
return !CrossSiteScriptingValidation.IsDangerousString(value, out validationFailureIndex);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ScrollItemProviderWrapper.cs
- GeometryHitTestParameters.cs
- BlurEffect.cs
- IdentifierCollection.cs
- FormatConvertedBitmap.cs
- WebEventTraceProvider.cs
- ResXDataNode.cs
- Interlocked.cs
- WebPartsSection.cs
- LogConverter.cs
- ObjectCloneHelper.cs
- XmlMemberMapping.cs
- MsmqTransportReceiveParameters.cs
- Statements.cs
- Button.cs
- DNS.cs
- DescendantBaseQuery.cs
- ItemType.cs
- AssociationSet.cs
- BCryptHashAlgorithm.cs
- ServiceReference.cs
- MessageQueueException.cs
- XmlChildNodes.cs
- MemberRelationshipService.cs
- FrameDimension.cs
- HostingEnvironmentSection.cs
- ObjectDataSourceStatusEventArgs.cs
- DiagnosticTraceRecords.cs
- DataMemberFieldConverter.cs
- SchemaTableColumn.cs
- MetaModel.cs
- Helpers.cs
- HwndSourceKeyboardInputSite.cs
- TextTreeUndo.cs
- ScrollableControl.cs
- EnumerableRowCollection.cs
- BaseTemplateCodeDomTreeGenerator.cs
- Error.cs
- AVElementHelper.cs
- ZipIOModeEnforcingStream.cs
- RemotingAttributes.cs
- AssemblyHelper.cs
- AutomationIdentifierGuids.cs
- UriParserTemplates.cs
- HtmlInputHidden.cs
- StatusBarItem.cs
- Rect3DValueSerializer.cs
- PrintingPermissionAttribute.cs
- InstanceNormalEvent.cs
- WebContext.cs
- TimeSpanHelper.cs
- SystemIcmpV4Statistics.cs
- NamespaceInfo.cs
- AssemblyResolver.cs
- RelationshipConverter.cs
- PointCollection.cs
- RawMouseInputReport.cs
- IncomingWebRequestContext.cs
- TimeEnumHelper.cs
- DataStreamFromComStream.cs
- AutoGeneratedFieldProperties.cs
- DateTimeOffset.cs
- MasterPageCodeDomTreeGenerator.cs
- Listbox.cs
- FontSource.cs
- ResourceProviderFactory.cs
- TemplatePropertyEntry.cs
- SafeRightsManagementHandle.cs
- RunWorkerCompletedEventArgs.cs
- KeyedHashAlgorithm.cs
- SqlDataSourceQueryEditorForm.cs
- MsmqProcessProtocolHandler.cs
- SingleKeyFrameCollection.cs
- BreakSafeBase.cs
- Tracking.cs
- XmlObjectSerializerWriteContext.cs
- ParallelTimeline.cs
- UpdatePanelControlTrigger.cs
- FormViewDeleteEventArgs.cs
- CultureSpecificCharacterBufferRange.cs
- HttpWriter.cs
- FunctionNode.cs
- WebConfigurationFileMap.cs
- SoapIncludeAttribute.cs
- ActiveXHost.cs
- DataGridViewRowPostPaintEventArgs.cs
- BitmapInitialize.cs
- IisTraceWebEventProvider.cs
- Globals.cs
- XmlSchemaSequence.cs
- DataSourceBooleanViewSchemaConverter.cs
- COM2AboutBoxPropertyDescriptor.cs
- CreateUserErrorEventArgs.cs
- InheritanceContextChangedEventManager.cs
- UIElement.cs
- ZipArchive.cs
- OutputCacheSettings.cs
- ObjectDataSourceStatusEventArgs.cs
- ModelChangedEventArgsImpl.cs
- TypeHelpers.cs