Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / xsp / System / Web / Util / RequestValidator.cs / 1305376 / RequestValidator.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* * Base class providing extensibility hooks for custom request validation * * Copyright (c) 2009 Microsoft Corporation */ namespace System.Web.Util { using System; using System.Diagnostics.CodeAnalysis; using System.Threading; using System.Web; using System.Web.Configuration; public class RequestValidator { private static RequestValidator _customValidator; private static readonly Lazy_customValidatorResolver = new Lazy (GetCustomValidatorFromConfig); public static RequestValidator Current { get { if (_customValidator == null) { _customValidator = _customValidatorResolver.Value; } return _customValidator; } set { if (value == null) { throw new ArgumentNullException("value"); } _customValidator = value; } } private static RequestValidator GetCustomValidatorFromConfig() { // App since this is static per AppDomain RuntimeConfig config = RuntimeConfig.GetAppConfig(); HttpRuntimeSection runtimeSection = config.HttpRuntime; string validatorTypeName = runtimeSection.RequestValidationType; // validate the type Type validatorType = ConfigUtil.GetType(validatorTypeName, "requestValidationType", runtimeSection); ConfigUtil.CheckBaseType(typeof(RequestValidator) /* expectedBaseType */, validatorType, "requestValidationType", runtimeSection); // instantiate RequestValidator validator = (RequestValidator)HttpRuntime.CreatePublicInstance(validatorType); return validator; } internal static void InitializeOnFirstRequest() { // instantiate the validator if it hasn't already been created RequestValidator validator = _customValidatorResolver.Value; } private static bool IsAtoZ(char c) { return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z'); } [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", Justification = "This is an appropriate way to return multiple pieces of data.")] protected internal virtual bool IsValidRequestString(HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex) { if (requestValidationSource == RequestValidationSource.Headers) { validationFailureIndex = 0; return true; // Ignore Headers collection in the default implementation } return !CrossSiteScriptingValidation.IsDangerousString(value, out validationFailureIndex); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- BitmapPalettes.cs
- DiscoveryCallbackBehavior.cs
- DrawingContextDrawingContextWalker.cs
- ReceiveErrorHandling.cs
- WebControlsSection.cs
- DoubleCollectionConverter.cs
- TextBoxBase.cs
- DataList.cs
- VersionedStreamOwner.cs
- GlyphRunDrawing.cs
- MemberAccessException.cs
- ProcessInputEventArgs.cs
- DataGridViewRowHeaderCell.cs
- Vector3DValueSerializer.cs
- CookieHandler.cs
- Enum.cs
- OleDbInfoMessageEvent.cs
- WorkflowPageSetupDialog.cs
- WebPartEditorCancelVerb.cs
- Model3DCollection.cs
- XmlC14NWriter.cs
- SafeRegistryKey.cs
- StateWorkerRequest.cs
- Token.cs
- ActivityTypeResolver.xaml.cs
- DataViewSettingCollection.cs
- MessageQueueConverter.cs
- QilLoop.cs
- SequentialOutput.cs
- DeploymentSectionCache.cs
- UTF7Encoding.cs
- sqlmetadatafactory.cs
- DropShadowEffect.cs
- TripleDES.cs
- TextEffect.cs
- HostProtectionPermission.cs
- TTSEngineTypes.cs
- OrderPreservingMergeHelper.cs
- UseAttributeSetsAction.cs
- MediaContextNotificationWindow.cs
- XmlWrappingWriter.cs
- OleDbCommandBuilder.cs
- SQLByteStorage.cs
- SqlClientPermission.cs
- WeakHashtable.cs
- ScriptingProfileServiceSection.cs
- SizeConverter.cs
- MyContact.cs
- OutputCacheSettingsSection.cs
- Ipv6Element.cs
- IPAddressCollection.cs
- FlowPosition.cs
- HybridDictionary.cs
- sortedlist.cs
- PersonalizationProviderCollection.cs
- EdgeProfileValidation.cs
- InfoCardRSAPKCS1KeyExchangeDeformatter.cs
- ToolboxItemSnapLineBehavior.cs
- XmlArrayItemAttribute.cs
- DataViewListener.cs
- SafeNativeMethodsMilCoreApi.cs
- CharEnumerator.cs
- GZipObjectSerializer.cs
- CaseInsensitiveComparer.cs
- OdbcTransaction.cs
- BamlCollectionHolder.cs
- BaseTemplateCodeDomTreeGenerator.cs
- TableLayoutSettings.cs
- ContactManager.cs
- ZipFileInfo.cs
- EntityDataSourceView.cs
- Mapping.cs
- RelationshipConstraintValidator.cs
- JoinGraph.cs
- PropertyGridCommands.cs
- RegexParser.cs
- FilteredDataSetHelper.cs
- DiscreteKeyFrames.cs
- DBDataPermissionAttribute.cs
- MatrixValueSerializer.cs
- SQLBinaryStorage.cs
- OleDbDataAdapter.cs
- WebPartConnectionsCancelEventArgs.cs
- TraversalRequest.cs
- BitmapCacheBrush.cs
- NotConverter.cs
- QilList.cs
- IgnoreSection.cs
- ScrollChangedEventArgs.cs
- QilChoice.cs
- WebPartActionVerb.cs
- sqlpipe.cs
- LayoutTableCell.cs
- Types.cs
- Transform3DGroup.cs
- BlockUIContainer.cs
- FixedPosition.cs
- NativeRecognizer.cs
- XamlTypeMapper.cs
- TrackingStringDictionary.cs