Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / xsp / System / Web / Util / RequestValidator.cs / 1305376 / RequestValidator.cs
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
/*
* Base class providing extensibility hooks for custom request validation
*
* Copyright (c) 2009 Microsoft Corporation
*/
namespace System.Web.Util {
using System;
using System.Diagnostics.CodeAnalysis;
using System.Threading;
using System.Web;
using System.Web.Configuration;
public class RequestValidator {
private static RequestValidator _customValidator;
private static readonly Lazy _customValidatorResolver =
new Lazy(GetCustomValidatorFromConfig);
public static RequestValidator Current {
get {
if (_customValidator == null) {
_customValidator = _customValidatorResolver.Value;
}
return _customValidator;
}
set {
if (value == null) {
throw new ArgumentNullException("value");
}
_customValidator = value;
}
}
private static RequestValidator GetCustomValidatorFromConfig() {
// App since this is static per AppDomain
RuntimeConfig config = RuntimeConfig.GetAppConfig();
HttpRuntimeSection runtimeSection = config.HttpRuntime;
string validatorTypeName = runtimeSection.RequestValidationType;
// validate the type
Type validatorType = ConfigUtil.GetType(validatorTypeName, "requestValidationType", runtimeSection);
ConfigUtil.CheckBaseType(typeof(RequestValidator) /* expectedBaseType */, validatorType, "requestValidationType", runtimeSection);
// instantiate
RequestValidator validator = (RequestValidator)HttpRuntime.CreatePublicInstance(validatorType);
return validator;
}
internal static void InitializeOnFirstRequest() {
// instantiate the validator if it hasn't already been created
RequestValidator validator = _customValidatorResolver.Value;
}
private static bool IsAtoZ(char c) {
return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z');
}
[SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters",
Justification = "This is an appropriate way to return multiple pieces of data.")]
protected internal virtual bool IsValidRequestString(HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex) {
if (requestValidationSource == RequestValidationSource.Headers) {
validationFailureIndex = 0;
return true; // Ignore Headers collection in the default implementation
}
return !CrossSiteScriptingValidation.IsDangerousString(value, out validationFailureIndex);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- XmlValueConverter.cs
- DataGridRowDetailsEventArgs.cs
- EntityTypeEmitter.cs
- arabicshape.cs
- PrintPreviewDialog.cs
- XmlAtomicValue.cs
- DesignerSerializerAttribute.cs
- PasswordDeriveBytes.cs
- ValueOfAction.cs
- Config.cs
- ItemsPanelTemplate.cs
- MessageHeaderAttribute.cs
- CacheRequest.cs
- ResourceSetExpression.cs
- ValueType.cs
- PersonalizationAdministration.cs
- SkipQueryOptionExpression.cs
- CachedPathData.cs
- TextReader.cs
- CompilationUnit.cs
- XmlSignatureManifest.cs
- NullExtension.cs
- XPathMultyIterator.cs
- ConsoleEntryPoint.cs
- SizeLimitedCache.cs
- CustomTypeDescriptor.cs
- FixedSOMGroup.cs
- Point3DValueSerializer.cs
- NativeBuffer.cs
- SchemaInfo.cs
- ResourceAttributes.cs
- RequiredFieldValidator.cs
- SynchronizingStream.cs
- WindowsFormsEditorServiceHelper.cs
- SynchronizationContext.cs
- PasswordBox.cs
- ImmutablePropertyDescriptorGridEntry.cs
- CodeMemberField.cs
- Graph.cs
- Stylus.cs
- EntityDataSourceUtil.cs
- LoginUtil.cs
- ListViewEditEventArgs.cs
- PipelineModuleStepContainer.cs
- XmlValidatingReader.cs
- VisualBrush.cs
- LostFocusEventManager.cs
- TableParaClient.cs
- invalidudtexception.cs
- WebOperationContext.cs
- CollectionsUtil.cs
- FlowDocumentPageViewerAutomationPeer.cs
- ObjectQueryProvider.cs
- LexicalChunk.cs
- RequestBringIntoViewEventArgs.cs
- AutomationEvent.cs
- WorkflowDefinitionDispenser.cs
- BaseCodePageEncoding.cs
- RootBuilder.cs
- Tool.cs
- FuncTypeConverter.cs
- ConfigurationLocation.cs
- SystemWebExtensionsSectionGroup.cs
- UnsafeNetInfoNativeMethods.cs
- ListControl.cs
- XsltLibrary.cs
- RevocationPoint.cs
- _NetworkingPerfCounters.cs
- SqlUserDefinedAggregateAttribute.cs
- ProxyWebPartConnectionCollection.cs
- TemplateInstanceAttribute.cs
- StrokeNode.cs
- MinMaxParagraphWidth.cs
- CapabilitiesState.cs
- safex509handles.cs
- ColumnHeaderConverter.cs
- FixUp.cs
- shaperfactoryquerycachekey.cs
- PolyQuadraticBezierSegment.cs
- X509InitiatorCertificateServiceElement.cs
- HandleInitializationContext.cs
- diagnosticsswitches.cs
- EntitySqlException.cs
- SqlMetaData.cs
- TabletDeviceInfo.cs
- EventArgs.cs
- PerformanceCounterPermission.cs
- HtmlForm.cs
- FixedSOMGroup.cs
- ThreadStartException.cs
- CultureInfoConverter.cs
- ObjectMemberMapping.cs
- MeasurementDCInfo.cs
- SerTrace.cs
- CopyNodeSetAction.cs
- DesignTimeResourceProviderFactoryAttribute.cs
- NodeFunctions.cs
- WeakReferenceList.cs
- CodeExporter.cs
- BitmapPalette.cs