Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / xsp / System / Web / Routing / PageRouteHandler.cs / 1305376 / PageRouteHandler.cs
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
namespace System.Web.Routing {
using System;
using System.Web.UI;
using System.Web.Compilation;
using System.Web.Security;
using System.Security;
using System.Security.Permissions;
using System.Security.Principal;
public class PageRouteHandler : IRouteHandler {
public PageRouteHandler(string virtualPath)
: this(virtualPath, true) {
}
public PageRouteHandler(string virtualPath, bool checkPhysicalUrlAccess) {
if (string.IsNullOrEmpty(virtualPath) || !virtualPath.StartsWith("~/", StringComparison.OrdinalIgnoreCase)) {
throw new ArgumentException(SR.GetString(SR.PageRouteHandler_InvalidVirtualPath), "virtualPath");
}
this.VirtualPath = virtualPath;
this.CheckPhysicalUrlAccess = checkPhysicalUrlAccess;
_useRouteVirtualPath = VirtualPath.Contains("{");
}
///
/// This is the full virtual path (using tilde syntax) to the WebForm page.
///
///
/// Needs to be thread safe so this is only settable via ctor.
///
public string VirtualPath { get; private set; }
///
/// Because we're not actually rewriting the URL, ASP.NET's URL Auth will apply
/// to the incoming request URL and not the URL of the physical WebForm page.
/// Setting this to true (default) will apply URL access rules against the
/// physical file.
///
/// True by default
public bool CheckPhysicalUrlAccess { get; private set; }
private bool _useRouteVirtualPath;
private Route _routeVirtualPath;
private Route RouteVirtualPath {
get {
if (_routeVirtualPath == null) {
//Trim off ~/
_routeVirtualPath = new Route(VirtualPath.Substring(2), this);
}
return _routeVirtualPath;
}
}
private bool CheckUrlAccess(string virtualPath, RequestContext requestContext) {
IPrincipal user = requestContext.HttpContext.User;
// If there's no authenticated user, use the default identity
if (user == null) {
user = new GenericPrincipal(new GenericIdentity(String.Empty, String.Empty), new string[0]);
}
return CheckUrlAccessWithAssert(virtualPath, requestContext, user);
}
[SecurityPermission(SecurityAction.Assert, Unrestricted = true)]
private bool CheckUrlAccessWithAssert(string virtualPath, RequestContext requestContext, IPrincipal user) {
return UrlAuthorizationModule.CheckUrlAccessForPrincipal(virtualPath, user, requestContext.HttpContext.Request.HttpMethod);
}
public virtual IHttpHandler GetHttpHandler(RequestContext requestContext) {
if (requestContext == null) {
throw new ArgumentNullException("requestContext");
}
string virtualPath = GetSubstitutedVirtualPath(requestContext);
// Virtual Path ----s up with query strings, so we need to strip them off
int qmark = virtualPath.IndexOf('?');
if (qmark != -1) {
virtualPath = virtualPath.Substring(0, qmark);
}
if (this.CheckPhysicalUrlAccess && !CheckUrlAccess(virtualPath, requestContext)) {
return new UrlAuthFailureHandler();
}
Page page = BuildManager.CreateInstanceFromVirtualPath(virtualPath, typeof(Page)) as Page;
return page;
}
///
/// Gets the virtual path to the resource after applying substitutions based on route data.
///
///
///
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
namespace System.Web.Routing {
using System;
using System.Web.UI;
using System.Web.Compilation;
using System.Web.Security;
using System.Security;
using System.Security.Permissions;
using System.Security.Principal;
public class PageRouteHandler : IRouteHandler {
public PageRouteHandler(string virtualPath)
: this(virtualPath, true) {
}
public PageRouteHandler(string virtualPath, bool checkPhysicalUrlAccess) {
if (string.IsNullOrEmpty(virtualPath) || !virtualPath.StartsWith("~/", StringComparison.OrdinalIgnoreCase)) {
throw new ArgumentException(SR.GetString(SR.PageRouteHandler_InvalidVirtualPath), "virtualPath");
}
this.VirtualPath = virtualPath;
this.CheckPhysicalUrlAccess = checkPhysicalUrlAccess;
_useRouteVirtualPath = VirtualPath.Contains("{");
}
///
/// This is the full virtual path (using tilde syntax) to the WebForm page.
///
///
/// Needs to be thread safe so this is only settable via ctor.
///
public string VirtualPath { get; private set; }
///
/// Because we're not actually rewriting the URL, ASP.NET's URL Auth will apply
/// to the incoming request URL and not the URL of the physical WebForm page.
/// Setting this to true (default) will apply URL access rules against the
/// physical file.
///
/// True by default
public bool CheckPhysicalUrlAccess { get; private set; }
private bool _useRouteVirtualPath;
private Route _routeVirtualPath;
private Route RouteVirtualPath {
get {
if (_routeVirtualPath == null) {
//Trim off ~/
_routeVirtualPath = new Route(VirtualPath.Substring(2), this);
}
return _routeVirtualPath;
}
}
private bool CheckUrlAccess(string virtualPath, RequestContext requestContext) {
IPrincipal user = requestContext.HttpContext.User;
// If there's no authenticated user, use the default identity
if (user == null) {
user = new GenericPrincipal(new GenericIdentity(String.Empty, String.Empty), new string[0]);
}
return CheckUrlAccessWithAssert(virtualPath, requestContext, user);
}
[SecurityPermission(SecurityAction.Assert, Unrestricted = true)]
private bool CheckUrlAccessWithAssert(string virtualPath, RequestContext requestContext, IPrincipal user) {
return UrlAuthorizationModule.CheckUrlAccessForPrincipal(virtualPath, user, requestContext.HttpContext.Request.HttpMethod);
}
public virtual IHttpHandler GetHttpHandler(RequestContext requestContext) {
if (requestContext == null) {
throw new ArgumentNullException("requestContext");
}
string virtualPath = GetSubstitutedVirtualPath(requestContext);
// Virtual Path ----s up with query strings, so we need to strip them off
int qmark = virtualPath.IndexOf('?');
if (qmark != -1) {
virtualPath = virtualPath.Substring(0, qmark);
}
if (this.CheckPhysicalUrlAccess && !CheckUrlAccess(virtualPath, requestContext)) {
return new UrlAuthFailureHandler();
}
Page page = BuildManager.CreateInstanceFromVirtualPath(virtualPath, typeof(Page)) as Page;
return page;
}
///
/// Gets the virtual path to the resource after applying substitutions based on route data.
///
///
///
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- KeySpline.cs
- Rotation3DKeyFrameCollection.cs
- X509Certificate2Collection.cs
- WinEventWrap.cs
- BamlLocalizabilityResolver.cs
- OleDbPropertySetGuid.cs
- OuterGlowBitmapEffect.cs
- SecurityUniqueId.cs
- TextTabProperties.cs
- LockedBorderGlyph.cs
- PageAsyncTask.cs
- SelectionProcessor.cs
- DoubleUtil.cs
- UnsafeNativeMethods.cs
- EntitySetBaseCollection.cs
- CurrentChangingEventManager.cs
- odbcmetadatacolumnnames.cs
- FormsAuthenticationUser.cs
- RotateTransform3D.cs
- FacetDescription.cs
- CqlGenerator.cs
- RijndaelManaged.cs
- contentDescriptor.cs
- AccessDataSourceWizardForm.cs
- DSACryptoServiceProvider.cs
- RemoteWebConfigurationHost.cs
- PrinterResolution.cs
- PerformanceCounterCategory.cs
- ItemMap.cs
- AdRotator.cs
- HostExecutionContextManager.cs
- Converter.cs
- Clipboard.cs
- PublisherIdentityPermission.cs
- SimpleLine.cs
- WebConvert.cs
- FixedPageAutomationPeer.cs
- SqlNodeAnnotations.cs
- ContextStack.cs
- OneOf.cs
- PlanCompiler.cs
- TextServicesContext.cs
- IdleTimeoutMonitor.cs
- Scheduler.cs
- WindowsContainer.cs
- SchemaElementLookUpTableEnumerator.cs
- NamespaceDisplayAutomationPeer.cs
- UnsafeNativeMethods.cs
- Transactions.cs
- MouseButton.cs
- TemplateControlCodeDomTreeGenerator.cs
- RegexRunnerFactory.cs
- ObfuscationAttribute.cs
- _AutoWebProxyScriptEngine.cs
- HttpValueCollection.cs
- CollectionEditor.cs
- StrokeRenderer.cs
- InsufficientMemoryException.cs
- DynamicControl.cs
- AsymmetricKeyExchangeDeformatter.cs
- DataContractSet.cs
- EntityType.cs
- HttpException.cs
- ArrayItemValue.cs
- MetadataReference.cs
- NumberSubstitution.cs
- SEHException.cs
- StdValidatorsAndConverters.cs
- DecimalAnimationBase.cs
- MenuItemStyle.cs
- XmlValidatingReaderImpl.cs
- Point3DCollection.cs
- SqlDependencyListener.cs
- WaitHandleCannotBeOpenedException.cs
- ConsumerConnectionPoint.cs
- HttpChannelBindingToken.cs
- DocumentCollection.cs
- NullableConverter.cs
- DecoderExceptionFallback.cs
- ContainerParagraph.cs
- SystemIPInterfaceStatistics.cs
- XhtmlTextWriter.cs
- WebPartTransformerAttribute.cs
- RawAppCommandInputReport.cs
- PropertyIDSet.cs
- Base64Decoder.cs
- SafeThreadHandle.cs
- HtmlInputControl.cs
- UpdateDelegates.Generated.cs
- JoinCqlBlock.cs
- Light.cs
- TextEditorContextMenu.cs
- RegexParser.cs
- XmlAttributeProperties.cs
- HTMLTagNameToTypeMapper.cs
- Pool.cs
- Int32CollectionValueSerializer.cs
- EditableRegion.cs
- XmlByteStreamReader.cs
- ImageCodecInfo.cs