Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / xsp / System / Web / Routing / PageRouteHandler.cs / 1305376 / PageRouteHandler.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- namespace System.Web.Routing { using System; using System.Web.UI; using System.Web.Compilation; using System.Web.Security; using System.Security; using System.Security.Permissions; using System.Security.Principal; public class PageRouteHandler : IRouteHandler { public PageRouteHandler(string virtualPath) : this(virtualPath, true) { } public PageRouteHandler(string virtualPath, bool checkPhysicalUrlAccess) { if (string.IsNullOrEmpty(virtualPath) || !virtualPath.StartsWith("~/", StringComparison.OrdinalIgnoreCase)) { throw new ArgumentException(SR.GetString(SR.PageRouteHandler_InvalidVirtualPath), "virtualPath"); } this.VirtualPath = virtualPath; this.CheckPhysicalUrlAccess = checkPhysicalUrlAccess; _useRouteVirtualPath = VirtualPath.Contains("{"); } ////// This is the full virtual path (using tilde syntax) to the WebForm page. /// ////// Needs to be thread safe so this is only settable via ctor. /// public string VirtualPath { get; private set; } ////// Because we're not actually rewriting the URL, ASP.NET's URL Auth will apply /// to the incoming request URL and not the URL of the physical WebForm page. /// Setting this to true (default) will apply URL access rules against the /// physical file. /// ///True by default public bool CheckPhysicalUrlAccess { get; private set; } private bool _useRouteVirtualPath; private Route _routeVirtualPath; private Route RouteVirtualPath { get { if (_routeVirtualPath == null) { //Trim off ~/ _routeVirtualPath = new Route(VirtualPath.Substring(2), this); } return _routeVirtualPath; } } private bool CheckUrlAccess(string virtualPath, RequestContext requestContext) { IPrincipal user = requestContext.HttpContext.User; // If there's no authenticated user, use the default identity if (user == null) { user = new GenericPrincipal(new GenericIdentity(String.Empty, String.Empty), new string[0]); } return CheckUrlAccessWithAssert(virtualPath, requestContext, user); } [SecurityPermission(SecurityAction.Assert, Unrestricted = true)] private bool CheckUrlAccessWithAssert(string virtualPath, RequestContext requestContext, IPrincipal user) { return UrlAuthorizationModule.CheckUrlAccessForPrincipal(virtualPath, user, requestContext.HttpContext.Request.HttpMethod); } public virtual IHttpHandler GetHttpHandler(RequestContext requestContext) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } string virtualPath = GetSubstitutedVirtualPath(requestContext); // Virtual Path ----s up with query strings, so we need to strip them off int qmark = virtualPath.IndexOf('?'); if (qmark != -1) { virtualPath = virtualPath.Substring(0, qmark); } if (this.CheckPhysicalUrlAccess && !CheckUrlAccess(virtualPath, requestContext)) { return new UrlAuthFailureHandler(); } Page page = BuildManager.CreateInstanceFromVirtualPath(virtualPath, typeof(Page)) as Page; return page; } ////// Gets the virtual path to the resource after applying substitutions based on route data. /// /// ///public string GetSubstitutedVirtualPath(RequestContext requestContext) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } if (!_useRouteVirtualPath) return VirtualPath; VirtualPathData vpd = RouteVirtualPath.GetVirtualPath(requestContext, requestContext.RouteData.Values); // if (vpd == null) return VirtualPath; return "~/" + vpd.VirtualPath; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- namespace System.Web.Routing { using System; using System.Web.UI; using System.Web.Compilation; using System.Web.Security; using System.Security; using System.Security.Permissions; using System.Security.Principal; public class PageRouteHandler : IRouteHandler { public PageRouteHandler(string virtualPath) : this(virtualPath, true) { } public PageRouteHandler(string virtualPath, bool checkPhysicalUrlAccess) { if (string.IsNullOrEmpty(virtualPath) || !virtualPath.StartsWith("~/", StringComparison.OrdinalIgnoreCase)) { throw new ArgumentException(SR.GetString(SR.PageRouteHandler_InvalidVirtualPath), "virtualPath"); } this.VirtualPath = virtualPath; this.CheckPhysicalUrlAccess = checkPhysicalUrlAccess; _useRouteVirtualPath = VirtualPath.Contains("{"); } ////// This is the full virtual path (using tilde syntax) to the WebForm page. /// ////// Needs to be thread safe so this is only settable via ctor. /// public string VirtualPath { get; private set; } ////// Because we're not actually rewriting the URL, ASP.NET's URL Auth will apply /// to the incoming request URL and not the URL of the physical WebForm page. /// Setting this to true (default) will apply URL access rules against the /// physical file. /// ///True by default public bool CheckPhysicalUrlAccess { get; private set; } private bool _useRouteVirtualPath; private Route _routeVirtualPath; private Route RouteVirtualPath { get { if (_routeVirtualPath == null) { //Trim off ~/ _routeVirtualPath = new Route(VirtualPath.Substring(2), this); } return _routeVirtualPath; } } private bool CheckUrlAccess(string virtualPath, RequestContext requestContext) { IPrincipal user = requestContext.HttpContext.User; // If there's no authenticated user, use the default identity if (user == null) { user = new GenericPrincipal(new GenericIdentity(String.Empty, String.Empty), new string[0]); } return CheckUrlAccessWithAssert(virtualPath, requestContext, user); } [SecurityPermission(SecurityAction.Assert, Unrestricted = true)] private bool CheckUrlAccessWithAssert(string virtualPath, RequestContext requestContext, IPrincipal user) { return UrlAuthorizationModule.CheckUrlAccessForPrincipal(virtualPath, user, requestContext.HttpContext.Request.HttpMethod); } public virtual IHttpHandler GetHttpHandler(RequestContext requestContext) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } string virtualPath = GetSubstitutedVirtualPath(requestContext); // Virtual Path ----s up with query strings, so we need to strip them off int qmark = virtualPath.IndexOf('?'); if (qmark != -1) { virtualPath = virtualPath.Substring(0, qmark); } if (this.CheckPhysicalUrlAccess && !CheckUrlAccess(virtualPath, requestContext)) { return new UrlAuthFailureHandler(); } Page page = BuildManager.CreateInstanceFromVirtualPath(virtualPath, typeof(Page)) as Page; return page; } ////// Gets the virtual path to the resource after applying substitutions based on route data. /// /// ///public string GetSubstitutedVirtualPath(RequestContext requestContext) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } if (!_useRouteVirtualPath) return VirtualPath; VirtualPathData vpd = RouteVirtualPath.GetVirtualPath(requestContext, requestContext.RouteData.Values); // if (vpd == null) return VirtualPath; return "~/" + vpd.VirtualPath; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ServiceObjectContainer.cs
- BamlLocalizer.cs
- CqlQuery.cs
- SqlLiftIndependentRowExpressions.cs
- HealthMonitoringSectionHelper.cs
- XmlnsDictionary.cs
- ManipulationStartedEventArgs.cs
- Queue.cs
- precedingquery.cs
- Int16KeyFrameCollection.cs
- OrderedDictionary.cs
- FragmentNavigationEventArgs.cs
- Timer.cs
- Not.cs
- CombinedGeometry.cs
- FixedSOMGroup.cs
- EnumCodeDomSerializer.cs
- CryptoSession.cs
- DecimalAnimationBase.cs
- HttpException.cs
- XmlArrayItemAttribute.cs
- BaseCodeDomTreeGenerator.cs
- XmlSchemaSubstitutionGroup.cs
- ScrollBar.cs
- TemplatedWizardStep.cs
- ExtensibleClassFactory.cs
- GuidConverter.cs
- PrimitiveSchema.cs
- SafeRsaProviderHandle.cs
- SerialPort.cs
- MultipleViewProviderWrapper.cs
- DictionaryBase.cs
- DecimalConverter.cs
- DLinqDataModelProvider.cs
- DataGridViewCellValidatingEventArgs.cs
- HGlobalSafeHandle.cs
- Vector3DCollection.cs
- AdornerHitTestResult.cs
- ComponentTray.cs
- UInt16Converter.cs
- AliasGenerator.cs
- CellIdBoolean.cs
- CodeDirectoryCompiler.cs
- IntSecurity.cs
- ExtractorMetadata.cs
- ImpersonateTokenRef.cs
- Ref.cs
- DesignerDeviceConfig.cs
- ToolboxItemAttribute.cs
- FacetDescription.cs
- entityreference_tresulttype.cs
- PriorityBindingExpression.cs
- KeyGestureValueSerializer.cs
- BevelBitmapEffect.cs
- StringComparer.cs
- WebPartConnectionsConfigureVerb.cs
- HMACSHA256.cs
- ConcatQueryOperator.cs
- ToolStripRenderEventArgs.cs
- NaturalLanguageHyphenator.cs
- SoapProtocolReflector.cs
- SpecularMaterial.cs
- XamlTemplateSerializer.cs
- ActivityDesigner.cs
- FixedBufferAttribute.cs
- SmtpFailedRecipientException.cs
- DataGridViewTextBoxColumn.cs
- Underline.cs
- IndexOutOfRangeException.cs
- FixedHyperLink.cs
- ConnectionOrientedTransportChannelFactory.cs
- Form.cs
- FilterableData.cs
- XamlFrame.cs
- ElementUtil.cs
- X509WindowsSecurityToken.cs
- PointUtil.cs
- SqlDataSourceSummaryPanel.cs
- ProxySimple.cs
- SessionStateSection.cs
- ColumnTypeConverter.cs
- HealthMonitoringSection.cs
- EdgeProfileValidation.cs
- bindurihelper.cs
- ReachSerializerAsync.cs
- CardSpaceException.cs
- ModelItemImpl.cs
- _ContextAwareResult.cs
- CommaDelimitedStringAttributeCollectionConverter.cs
- Rect.cs
- ExpressionBuilder.cs
- EntityDesignerUtils.cs
- Model3DGroup.cs
- CookieProtection.cs
- SmiMetaDataProperty.cs
- XamlRtfConverter.cs
- ControlDesignerState.cs
- CompilationLock.cs
- Application.cs
- WindowsRegion.cs