Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / xsp / System / Web / Util / RequestValidator.cs / 1305376 / RequestValidator.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* * Base class providing extensibility hooks for custom request validation * * Copyright (c) 2009 Microsoft Corporation */ namespace System.Web.Util { using System; using System.Diagnostics.CodeAnalysis; using System.Threading; using System.Web; using System.Web.Configuration; public class RequestValidator { private static RequestValidator _customValidator; private static readonly Lazy_customValidatorResolver = new Lazy (GetCustomValidatorFromConfig); public static RequestValidator Current { get { if (_customValidator == null) { _customValidator = _customValidatorResolver.Value; } return _customValidator; } set { if (value == null) { throw new ArgumentNullException("value"); } _customValidator = value; } } private static RequestValidator GetCustomValidatorFromConfig() { // App since this is static per AppDomain RuntimeConfig config = RuntimeConfig.GetAppConfig(); HttpRuntimeSection runtimeSection = config.HttpRuntime; string validatorTypeName = runtimeSection.RequestValidationType; // validate the type Type validatorType = ConfigUtil.GetType(validatorTypeName, "requestValidationType", runtimeSection); ConfigUtil.CheckBaseType(typeof(RequestValidator) /* expectedBaseType */, validatorType, "requestValidationType", runtimeSection); // instantiate RequestValidator validator = (RequestValidator)HttpRuntime.CreatePublicInstance(validatorType); return validator; } internal static void InitializeOnFirstRequest() { // instantiate the validator if it hasn't already been created RequestValidator validator = _customValidatorResolver.Value; } private static bool IsAtoZ(char c) { return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z'); } [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", Justification = "This is an appropriate way to return multiple pieces of data.")] protected internal virtual bool IsValidRequestString(HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex) { if (requestValidationSource == RequestValidationSource.Headers) { validationFailureIndex = 0; return true; // Ignore Headers collection in the default implementation } return !CrossSiteScriptingValidation.IsDangerousString(value, out validationFailureIndex); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- UrlMapping.cs
- DrawingBrush.cs
- DataTemplateSelector.cs
- Stream.cs
- WebRequestModuleElement.cs
- CollectionCodeDomSerializer.cs
- configsystem.cs
- ManagedFilter.cs
- cache.cs
- ListItemCollection.cs
- __Error.cs
- MaterialGroup.cs
- AnnotationComponentManager.cs
- NameValueSectionHandler.cs
- Encoder.cs
- HtmlGenericControl.cs
- XsdValidatingReader.cs
- DependencyObject.cs
- PasswordBox.cs
- DrawingContextWalker.cs
- ValidatorUtils.cs
- ParsedAttributeCollection.cs
- TextRangeEditTables.cs
- AttributeSetAction.cs
- ConvertEvent.cs
- ErrorRuntimeConfig.cs
- COM2ExtendedTypeConverter.cs
- StyleCollection.cs
- ModelItem.cs
- InvalidDataException.cs
- XmlLoader.cs
- Accessors.cs
- SqlGatherConsumedAliases.cs
- Identity.cs
- DrawingAttributes.cs
- SqlParameterCollection.cs
- ListSourceHelper.cs
- LogWriteRestartAreaAsyncResult.cs
- GeneralTransform2DTo3DTo2D.cs
- OneWayElement.cs
- TiffBitmapEncoder.cs
- FixedSOMElement.cs
- FixedPage.cs
- DiscoveryServiceExtension.cs
- CodeAttributeArgument.cs
- DriveNotFoundException.cs
- LoopExpression.cs
- XmlSchemaSubstitutionGroup.cs
- MetafileHeaderWmf.cs
- ZipIOFileItemStream.cs
- DataListItemCollection.cs
- SqlUserDefinedTypeAttribute.cs
- TrayIconDesigner.cs
- LicenseContext.cs
- DefinitionProperties.cs
- MailDefinition.cs
- DBSqlParserColumn.cs
- TextDecorationCollection.cs
- SettingsAttributes.cs
- XamlPoint3DCollectionSerializer.cs
- InputLanguageSource.cs
- AccessViolationException.cs
- EntitySetBase.cs
- TreeWalker.cs
- PageBuildProvider.cs
- BinHexEncoder.cs
- HostUtils.cs
- ToolStripArrowRenderEventArgs.cs
- PasswordDeriveBytes.cs
- ImageDrawing.cs
- ProviderUtil.cs
- BindingSource.cs
- ContextInformation.cs
- InputBinding.cs
- DefaultParameterValueAttribute.cs
- GiveFeedbackEventArgs.cs
- SafeNativeMethods.cs
- NumericExpr.cs
- BindingExpressionBase.cs
- Relationship.cs
- Geometry3D.cs
- typedescriptorpermission.cs
- TreeBuilder.cs
- QueryPageSettingsEventArgs.cs
- securitycriticaldataformultiplegetandset.cs
- HostTimeoutsElement.cs
- XmlValueConverter.cs
- HtmlInputCheckBox.cs
- SecurityPolicySection.cs
- httpstaticobjectscollection.cs
- WebPartEditVerb.cs
- FamilyCollection.cs
- InfoCardCryptoHelper.cs
- BridgeDataRecord.cs
- ManagedIStream.cs
- ItemCheckedEvent.cs
- SymmetricCryptoHandle.cs
- TextDecoration.cs
- MetafileHeader.cs
- DrawListViewItemEventArgs.cs