Code:
/ Dotnetfx_Vista_SP2 / Dotnetfx_Vista_SP2 / 8.0.50727.4016 / DEVDIV / depot / DevDiv / releases / whidbey / NetFxQFE / ndp / fx / src / xsp / System / Web / HttpResponseHeader.cs / 1 / HttpResponseHeader.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* * Single http header representation * * Copyright (c) 1998 Microsoft Corporation */ namespace System.Web { using System.Collections; using System.Text; /* * Response header (either known or unknown) */ internal class HttpResponseHeader { private String _unknownHeader; private int _knownHeaderIndex; private String _value; private static readonly string[] EncodingTable = new string[] { "%00", "%01", "%02", "%03", "%04", "%05", "%06", "%07", "%08", "%09", "%0a", "%0b", "%0c", "%0d", "%0e", "%0f", "%10", "%11", "%12", "%13", "%14", "%15", "%16", "%17", "%18", "%19", "%1a", "%1b", "%1c", "%1d", "%1e", "%1f" }; internal HttpResponseHeader(int knownHeaderIndex, String value) { _unknownHeader = null; _knownHeaderIndex = knownHeaderIndex; // encode header value if if(HttpRuntime.EnableHeaderChecking) { _value = MaybeEncodeHeader(value); } else { _value = value; } } internal HttpResponseHeader(String unknownHeader, String value) { if(HttpRuntime.EnableHeaderChecking) { _unknownHeader = MaybeEncodeHeader(unknownHeader); _knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader); _value = MaybeEncodeHeader(value); } else { _unknownHeader = unknownHeader; _knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader); _value = value; } } internal virtual String Name { get { if (_unknownHeader != null) return _unknownHeader; else return HttpWorkerRequest.GetKnownResponseHeaderName(_knownHeaderIndex); } } internal String Value { get { return _value;} } internal void Send(HttpWorkerRequest wr) { if (_knownHeaderIndex >= 0) wr.SendKnownResponseHeader(_knownHeaderIndex, _value); else wr.SendUnknownResponseHeader(_unknownHeader, _value); } // Encode the header if it contains a CRLF pair // VSWhidbey 257154 internal static string MaybeEncodeHeader(string value) { string sanitizedHeader = value; if (NeedsEncoding(value)) { // DevDiv Bugs 146028 // Denial Of Service scenarios involving // control characters are possible. // We are encoding the following characters: // - All CTL characters except HT (horizontal tab) // - DEL character (\x7f) StringBuilder sb = new StringBuilder(); foreach (char c in value) { if (c < 32 && c != 9) { sb.Append(EncodingTable[c]); } else if (c == 127) { sb.Append("%7f"); } else { sb.Append(c); } } sanitizedHeader = sb.ToString(); } return sanitizedHeader; } // Returns true if the string contains a control character (other than horizontal tab) or the DEL character. internal static bool NeedsEncoding(string value) { foreach (char c in value) { if ((c < 32 && c != 9) || (c == 127)) { return true; } } return false; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* * Single http header representation * * Copyright (c) 1998 Microsoft Corporation */ namespace System.Web { using System.Collections; using System.Text; /* * Response header (either known or unknown) */ internal class HttpResponseHeader { private String _unknownHeader; private int _knownHeaderIndex; private String _value; private static readonly string[] EncodingTable = new string[] { "%00", "%01", "%02", "%03", "%04", "%05", "%06", "%07", "%08", "%09", "%0a", "%0b", "%0c", "%0d", "%0e", "%0f", "%10", "%11", "%12", "%13", "%14", "%15", "%16", "%17", "%18", "%19", "%1a", "%1b", "%1c", "%1d", "%1e", "%1f" }; internal HttpResponseHeader(int knownHeaderIndex, String value) { _unknownHeader = null; _knownHeaderIndex = knownHeaderIndex; // encode header value if if(HttpRuntime.EnableHeaderChecking) { _value = MaybeEncodeHeader(value); } else { _value = value; } } internal HttpResponseHeader(String unknownHeader, String value) { if(HttpRuntime.EnableHeaderChecking) { _unknownHeader = MaybeEncodeHeader(unknownHeader); _knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader); _value = MaybeEncodeHeader(value); } else { _unknownHeader = unknownHeader; _knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader); _value = value; } } internal virtual String Name { get { if (_unknownHeader != null) return _unknownHeader; else return HttpWorkerRequest.GetKnownResponseHeaderName(_knownHeaderIndex); } } internal String Value { get { return _value;} } internal void Send(HttpWorkerRequest wr) { if (_knownHeaderIndex >= 0) wr.SendKnownResponseHeader(_knownHeaderIndex, _value); else wr.SendUnknownResponseHeader(_unknownHeader, _value); } // Encode the header if it contains a CRLF pair // VSWhidbey 257154 internal static string MaybeEncodeHeader(string value) { string sanitizedHeader = value; if (NeedsEncoding(value)) { // DevDiv Bugs 146028 // Denial Of Service scenarios involving // control characters are possible. // We are encoding the following characters: // - All CTL characters except HT (horizontal tab) // - DEL character (\x7f) StringBuilder sb = new StringBuilder(); foreach (char c in value) { if (c < 32 && c != 9) { sb.Append(EncodingTable[c]); } else if (c == 127) { sb.Append("%7f"); } else { sb.Append(c); } } sanitizedHeader = sb.ToString(); } return sanitizedHeader; } // Returns true if the string contains a control character (other than horizontal tab) or the DEL character. internal static bool NeedsEncoding(string value) { foreach (char c in value) { if ((c < 32 && c != 9) || (c == 127)) { return true; } } return false; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
![Network programming in C#, Network Programming in VB.NET, Network Programming in .NET](/images/book.jpg)
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- SerTrace.cs
- SizeAnimation.cs
- AssemblyCollection.cs
- StdValidatorsAndConverters.cs
- BitmapEffectGeneralTransform.cs
- TranslateTransform.cs
- ReferenceEqualityComparer.cs
- XmlBinaryReader.cs
- PolicyException.cs
- OdbcPermission.cs
- ComponentCommands.cs
- SecurityState.cs
- HelpInfo.cs
- WebPartConnection.cs
- ListCommandEventArgs.cs
- VSWCFServiceContractGenerator.cs
- IpcChannelHelper.cs
- DocumentReferenceCollection.cs
- Solver.cs
- AutomationPeer.cs
- Sql8ConformanceChecker.cs
- StreamUpgradeInitiator.cs
- PropertyItem.cs
- DataGridViewRow.cs
- MarkupExtensionParser.cs
- BamlRecordReader.cs
- XsltException.cs
- CodeSubDirectoriesCollection.cs
- DLinqAssociationProvider.cs
- RegexGroup.cs
- HttpCachePolicyElement.cs
- ScrollItemPattern.cs
- RegexStringValidatorAttribute.cs
- XpsViewerException.cs
- MappingModelBuildProvider.cs
- SubqueryRules.cs
- DependencyProperty.cs
- FigureParaClient.cs
- PropertyPathConverter.cs
- HttpApplicationFactory.cs
- figurelengthconverter.cs
- XslAstAnalyzer.cs
- EntryPointNotFoundException.cs
- WebEncodingValidatorAttribute.cs
- ConfigurationSectionGroup.cs
- WindowsSysHeader.cs
- MenuAutoFormat.cs
- FormsAuthenticationUserCollection.cs
- Vector3D.cs
- CFStream.cs
- ZoomPercentageConverter.cs
- ScriptReferenceBase.cs
- QilSortKey.cs
- ButtonField.cs
- XmlAttributeCache.cs
- BeginStoryboard.cs
- BinaryOperationBinder.cs
- SchemaCollectionCompiler.cs
- EditCommandColumn.cs
- IxmlLineInfo.cs
- OpacityConverter.cs
- GlyphRunDrawing.cs
- DesignTimeParseData.cs
- RepeaterItem.cs
- Literal.cs
- DockingAttribute.cs
- Material.cs
- WindowShowOrOpenTracker.cs
- EncryptedPackage.cs
- DBParameter.cs
- CompositeCollection.cs
- ExecutionContext.cs
- StructuredTypeEmitter.cs
- DeferredSelectedIndexReference.cs
- SemaphoreFullException.cs
- Application.cs
- InvokeMemberBinder.cs
- __ComObject.cs
- MatchingStyle.cs
- Line.cs
- JoinQueryOperator.cs
- TaskFactory.cs
- QueryRewriter.cs
- TypeAccessException.cs
- UITypeEditors.cs
- IISUnsafeMethods.cs
- ResourceManager.cs
- RecordsAffectedEventArgs.cs
- PrinterSettings.cs
- UnaryOperationBinder.cs
- ExeContext.cs
- RequestCache.cs
- FeatureManager.cs
- altserialization.cs
- Events.cs
- SectionUpdates.cs
- OutputCacheSettings.cs
- BindingNavigatorDesigner.cs
- EndGetFileNameFromUserRequest.cs
- SqlSupersetValidator.cs