Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / xsp / System / Web / Routing / PageRouteHandler.cs / 1305376 / PageRouteHandler.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- namespace System.Web.Routing { using System; using System.Web.UI; using System.Web.Compilation; using System.Web.Security; using System.Security; using System.Security.Permissions; using System.Security.Principal; public class PageRouteHandler : IRouteHandler { public PageRouteHandler(string virtualPath) : this(virtualPath, true) { } public PageRouteHandler(string virtualPath, bool checkPhysicalUrlAccess) { if (string.IsNullOrEmpty(virtualPath) || !virtualPath.StartsWith("~/", StringComparison.OrdinalIgnoreCase)) { throw new ArgumentException(SR.GetString(SR.PageRouteHandler_InvalidVirtualPath), "virtualPath"); } this.VirtualPath = virtualPath; this.CheckPhysicalUrlAccess = checkPhysicalUrlAccess; _useRouteVirtualPath = VirtualPath.Contains("{"); } ////// This is the full virtual path (using tilde syntax) to the WebForm page. /// ////// Needs to be thread safe so this is only settable via ctor. /// public string VirtualPath { get; private set; } ////// Because we're not actually rewriting the URL, ASP.NET's URL Auth will apply /// to the incoming request URL and not the URL of the physical WebForm page. /// Setting this to true (default) will apply URL access rules against the /// physical file. /// ///True by default public bool CheckPhysicalUrlAccess { get; private set; } private bool _useRouteVirtualPath; private Route _routeVirtualPath; private Route RouteVirtualPath { get { if (_routeVirtualPath == null) { //Trim off ~/ _routeVirtualPath = new Route(VirtualPath.Substring(2), this); } return _routeVirtualPath; } } private bool CheckUrlAccess(string virtualPath, RequestContext requestContext) { IPrincipal user = requestContext.HttpContext.User; // If there's no authenticated user, use the default identity if (user == null) { user = new GenericPrincipal(new GenericIdentity(String.Empty, String.Empty), new string[0]); } return CheckUrlAccessWithAssert(virtualPath, requestContext, user); } [SecurityPermission(SecurityAction.Assert, Unrestricted = true)] private bool CheckUrlAccessWithAssert(string virtualPath, RequestContext requestContext, IPrincipal user) { return UrlAuthorizationModule.CheckUrlAccessForPrincipal(virtualPath, user, requestContext.HttpContext.Request.HttpMethod); } public virtual IHttpHandler GetHttpHandler(RequestContext requestContext) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } string virtualPath = GetSubstitutedVirtualPath(requestContext); // Virtual Path ----s up with query strings, so we need to strip them off int qmark = virtualPath.IndexOf('?'); if (qmark != -1) { virtualPath = virtualPath.Substring(0, qmark); } if (this.CheckPhysicalUrlAccess && !CheckUrlAccess(virtualPath, requestContext)) { return new UrlAuthFailureHandler(); } Page page = BuildManager.CreateInstanceFromVirtualPath(virtualPath, typeof(Page)) as Page; return page; } ////// Gets the virtual path to the resource after applying substitutions based on route data. /// /// ///public string GetSubstitutedVirtualPath(RequestContext requestContext) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } if (!_useRouteVirtualPath) return VirtualPath; VirtualPathData vpd = RouteVirtualPath.GetVirtualPath(requestContext, requestContext.RouteData.Values); // if (vpd == null) return VirtualPath; return "~/" + vpd.VirtualPath; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- namespace System.Web.Routing { using System; using System.Web.UI; using System.Web.Compilation; using System.Web.Security; using System.Security; using System.Security.Permissions; using System.Security.Principal; public class PageRouteHandler : IRouteHandler { public PageRouteHandler(string virtualPath) : this(virtualPath, true) { } public PageRouteHandler(string virtualPath, bool checkPhysicalUrlAccess) { if (string.IsNullOrEmpty(virtualPath) || !virtualPath.StartsWith("~/", StringComparison.OrdinalIgnoreCase)) { throw new ArgumentException(SR.GetString(SR.PageRouteHandler_InvalidVirtualPath), "virtualPath"); } this.VirtualPath = virtualPath; this.CheckPhysicalUrlAccess = checkPhysicalUrlAccess; _useRouteVirtualPath = VirtualPath.Contains("{"); } ////// This is the full virtual path (using tilde syntax) to the WebForm page. /// ////// Needs to be thread safe so this is only settable via ctor. /// public string VirtualPath { get; private set; } ////// Because we're not actually rewriting the URL, ASP.NET's URL Auth will apply /// to the incoming request URL and not the URL of the physical WebForm page. /// Setting this to true (default) will apply URL access rules against the /// physical file. /// ///True by default public bool CheckPhysicalUrlAccess { get; private set; } private bool _useRouteVirtualPath; private Route _routeVirtualPath; private Route RouteVirtualPath { get { if (_routeVirtualPath == null) { //Trim off ~/ _routeVirtualPath = new Route(VirtualPath.Substring(2), this); } return _routeVirtualPath; } } private bool CheckUrlAccess(string virtualPath, RequestContext requestContext) { IPrincipal user = requestContext.HttpContext.User; // If there's no authenticated user, use the default identity if (user == null) { user = new GenericPrincipal(new GenericIdentity(String.Empty, String.Empty), new string[0]); } return CheckUrlAccessWithAssert(virtualPath, requestContext, user); } [SecurityPermission(SecurityAction.Assert, Unrestricted = true)] private bool CheckUrlAccessWithAssert(string virtualPath, RequestContext requestContext, IPrincipal user) { return UrlAuthorizationModule.CheckUrlAccessForPrincipal(virtualPath, user, requestContext.HttpContext.Request.HttpMethod); } public virtual IHttpHandler GetHttpHandler(RequestContext requestContext) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } string virtualPath = GetSubstitutedVirtualPath(requestContext); // Virtual Path ----s up with query strings, so we need to strip them off int qmark = virtualPath.IndexOf('?'); if (qmark != -1) { virtualPath = virtualPath.Substring(0, qmark); } if (this.CheckPhysicalUrlAccess && !CheckUrlAccess(virtualPath, requestContext)) { return new UrlAuthFailureHandler(); } Page page = BuildManager.CreateInstanceFromVirtualPath(virtualPath, typeof(Page)) as Page; return page; } ////// Gets the virtual path to the resource after applying substitutions based on route data. /// /// ///public string GetSubstitutedVirtualPath(RequestContext requestContext) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } if (!_useRouteVirtualPath) return VirtualPath; VirtualPathData vpd = RouteVirtualPath.GetVirtualPath(requestContext, requestContext.RouteData.Values); // if (vpd == null) return VirtualPath; return "~/" + vpd.VirtualPath; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- WaitHandleCannotBeOpenedException.cs
- WebPartMinimizeVerb.cs
- RegionInfo.cs
- TimeEnumHelper.cs
- TypeSystem.cs
- ServiceOperationListItem.cs
- SqlDependency.cs
- TypeDescriptionProvider.cs
- IIS7WorkerRequest.cs
- FaultContext.cs
- RegexWorker.cs
- DecimalConstantAttribute.cs
- precedingsibling.cs
- ConnectionManagementElementCollection.cs
- MatcherBuilder.cs
- AssociationType.cs
- FontUnitConverter.cs
- WaitHandle.cs
- ResourceReferenceExpression.cs
- ParameterReplacerVisitor.cs
- HtmlLabelAdapter.cs
- SQLBytesStorage.cs
- SmtpClient.cs
- CultureTable.cs
- EncryptedReference.cs
- WebPartEditorOkVerb.cs
- CustomErrorCollection.cs
- LogEntryHeaderDeserializer.cs
- CommentAction.cs
- XmlNamespaceMapping.cs
- OdbcRowUpdatingEvent.cs
- EasingKeyFrames.cs
- ClaimTypeElementCollection.cs
- PaintValueEventArgs.cs
- IconBitmapDecoder.cs
- BCryptSafeHandles.cs
- ConfigurationProperty.cs
- TypeDependencyAttribute.cs
- MSG.cs
- HttpCookiesSection.cs
- VariableBinder.cs
- Focus.cs
- DataControlButton.cs
- TypeSystemHelpers.cs
- _Rfc2616CacheValidators.cs
- EnumBuilder.cs
- Hash.cs
- BatchParser.cs
- DockPattern.cs
- MultipleViewPattern.cs
- RegistryHandle.cs
- NavigationWindowAutomationPeer.cs
- COM2PropertyBuilderUITypeEditor.cs
- ChtmlCommandAdapter.cs
- SpoolingTask.cs
- ProfileBuildProvider.cs
- QuaternionAnimation.cs
- XmlJsonWriter.cs
- SQLInt64.cs
- COM2ColorConverter.cs
- ChannelSinkStacks.cs
- HtmlInputReset.cs
- Models.cs
- BindingCompleteEventArgs.cs
- FontDialog.cs
- TreeViewImageIndexConverter.cs
- panel.cs
- HttpCacheParams.cs
- CodeMemberField.cs
- SchemaElementLookUpTable.cs
- SynchronizingStream.cs
- ModelItemExtensions.cs
- ClrPerspective.cs
- HttpRequestCacheValidator.cs
- XamlReaderConstants.cs
- DataGridViewAutoSizeModeEventArgs.cs
- DataTemplateKey.cs
- RealProxy.cs
- PerformanceCounterPermissionAttribute.cs
- TextDpi.cs
- ReflectionPermission.cs
- MailMessageEventArgs.cs
- HtmlEmptyTagControlBuilder.cs
- XamlVector3DCollectionSerializer.cs
- WebPartConnectionsConnectVerb.cs
- OperandQuery.cs
- ValidationManager.cs
- MatrixCamera.cs
- DocumentXPathNavigator.cs
- ObfuscationAttribute.cs
- XPathDocumentIterator.cs
- SafeCryptContextHandle.cs
- PaginationProgressEventArgs.cs
- UIInitializationException.cs
- GridItemPatternIdentifiers.cs
- Peer.cs
- Win32PrintDialog.cs
- MatrixTransform3D.cs
- CustomValidator.cs
- CapabilitiesUse.cs