Code:
/ FXUpdate3074 / FXUpdate3074 / 1.1 / untmp / whidbey / QFE / ndp / fx / src / xsp / System / Web / HttpResponseHeader.cs / 3 / HttpResponseHeader.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* * Single http header representation * * Copyright (c) 1998 Microsoft Corporation */ namespace System.Web { using System.Collections; using System.Text; /* * Response header (either known or unknown) */ internal class HttpResponseHeader { private String _unknownHeader; private int _knownHeaderIndex; private String _value; private static readonly string[] EncodingTable = new string[] { "%00", "%01", "%02", "%03", "%04", "%05", "%06", "%07", "%08", "%09", "%0a", "%0b", "%0c", "%0d", "%0e", "%0f", "%10", "%11", "%12", "%13", "%14", "%15", "%16", "%17", "%18", "%19", "%1a", "%1b", "%1c", "%1d", "%1e", "%1f" }; internal HttpResponseHeader(int knownHeaderIndex, String value) { _unknownHeader = null; _knownHeaderIndex = knownHeaderIndex; // encode header value if if(HttpRuntime.EnableHeaderChecking) { _value = MaybeEncodeHeader(value); } else { _value = value; } } internal HttpResponseHeader(String unknownHeader, String value) { if(HttpRuntime.EnableHeaderChecking) { _unknownHeader = MaybeEncodeHeader(unknownHeader); _knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader); _value = MaybeEncodeHeader(value); } else { _unknownHeader = unknownHeader; _knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader); _value = value; } } internal virtual String Name { get { if (_unknownHeader != null) return _unknownHeader; else return HttpWorkerRequest.GetKnownResponseHeaderName(_knownHeaderIndex); } } internal String Value { get { return _value;} } internal void Send(HttpWorkerRequest wr) { if (_knownHeaderIndex >= 0) wr.SendKnownResponseHeader(_knownHeaderIndex, _value); else wr.SendUnknownResponseHeader(_unknownHeader, _value); } // Encode the header if it contains a CRLF pair // internal static string MaybeEncodeHeader(string value) { string sanitizedHeader = value; if (NeedsEncoding(value)) { // DevDiv Bugs 146028 // Denial Of Service scenarios involving // control characters are possible. // We are encoding the following characters: // - All CTL characters except HT (horizontal tab) // - DEL character (\x7f) StringBuilder sb = new StringBuilder(); foreach (char c in value) { if (c < 32 && c != 9) { sb.Append(EncodingTable[c]); } else if (c == 127) { sb.Append("%7f"); } else { sb.Append(c); } } sanitizedHeader = sb.ToString(); } return sanitizedHeader; } // Returns true if the string contains a control character (other than horizontal tab) or the DEL character. internal static bool NeedsEncoding(string value) { foreach (char c in value) { if ((c < 32 && c != 9) || (c == 127)) { return true; } } return false; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- CachedCompositeFamily.cs
- LinearGradientBrush.cs
- Misc.cs
- DataGridSortingEventArgs.cs
- ConfigXmlText.cs
- TextRange.cs
- TextRangeEditTables.cs
- CopyNodeSetAction.cs
- InvalidAsynchronousStateException.cs
- RawStylusInputCustomData.cs
- ThrowHelper.cs
- TextTreeUndo.cs
- ControlHelper.cs
- TileBrush.cs
- TextTreeUndoUnit.cs
- SizeAnimationClockResource.cs
- ManifestBasedResourceGroveler.cs
- Attributes.cs
- remotingproxy.cs
- SqlConnectionManager.cs
- TextElementEnumerator.cs
- IdentityReference.cs
- Paragraph.cs
- WebBrowserDocumentCompletedEventHandler.cs
- DataGridCommandEventArgs.cs
- DefaultAutoFieldGenerator.cs
- GeneralTransform.cs
- OutputCacheModule.cs
- Type.cs
- DataServiceRequestException.cs
- SafeIUnknown.cs
- CommandValueSerializer.cs
- InstalledVoice.cs
- PlainXmlDeserializer.cs
- TemplateKey.cs
- ToolStripComboBox.cs
- CatalogPartCollection.cs
- IssuedTokenServiceElement.cs
- WebServiceHostFactory.cs
- CustomAttributeFormatException.cs
- HashCryptoHandle.cs
- SqlFacetAttribute.cs
- BinaryConverter.cs
- versioninfo.cs
- Identity.cs
- FontWeights.cs
- DiscardableAttribute.cs
- ActiveXHelper.cs
- TileBrush.cs
- DoubleLink.cs
- ClonableStack.cs
- QuadTree.cs
- _BasicClient.cs
- TimeSpanStorage.cs
- SQLDateTime.cs
- StickyNote.cs
- TerminateDesigner.cs
- XamlGridLengthSerializer.cs
- PropertyNames.cs
- MethodBody.cs
- LostFocusEventManager.cs
- AmbientValueAttribute.cs
- SqlDataSourceCommandEventArgs.cs
- StrokeCollectionDefaultValueFactory.cs
- ManagedFilter.cs
- EventDescriptorCollection.cs
- RawStylusInput.cs
- XpsDocumentEvent.cs
- BeginEvent.cs
- DictionaryKeyPropertyAttribute.cs
- AuthorizationPolicyTypeElement.cs
- DEREncoding.cs
- Action.cs
- PopupRoot.cs
- StringComparer.cs
- DataRecordInternal.cs
- RsaSecurityTokenAuthenticator.cs
- SqlMultiplexer.cs
- SqlUnionizer.cs
- DesignerOptionService.cs
- CultureMapper.cs
- TagNameToTypeMapper.cs
- UIElementCollection.cs
- TemplatePropertyEntry.cs
- PingReply.cs
- SerializationSectionGroup.cs
- ExclusiveHandleList.cs
- ShapeTypeface.cs
- HttpSessionStateBase.cs
- DescriptionAttribute.cs
- XamlPathDataSerializer.cs
- StylusPointProperty.cs
- SaveFileDialog.cs
- Int64Storage.cs
- URLMembershipCondition.cs
- MimeTypeAttribute.cs
- SecureConversationSecurityTokenParameters.cs
- Vector3DConverter.cs
- TableRowGroup.cs
- RawKeyboardInputReport.cs