Code:
/ Dotnetfx_Vista_SP2 / Dotnetfx_Vista_SP2 / 8.0.50727.4016 / DEVDIV / depot / DevDiv / releases / whidbey / NetFxQFE / ndp / fx / src / xsp / System / Web / HttpResponseHeader.cs / 1 / HttpResponseHeader.cs
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
/*
* Single http header representation
*
* Copyright (c) 1998 Microsoft Corporation
*/
namespace System.Web {
using System.Collections;
using System.Text;
/*
* Response header (either known or unknown)
*/
internal class HttpResponseHeader {
private String _unknownHeader;
private int _knownHeaderIndex;
private String _value;
private static readonly string[] EncodingTable = new string[] { "%00", "%01", "%02", "%03", "%04",
"%05", "%06", "%07", "%08", "%09",
"%0a", "%0b", "%0c", "%0d", "%0e",
"%0f", "%10", "%11", "%12", "%13",
"%14", "%15", "%16", "%17", "%18",
"%19", "%1a", "%1b", "%1c", "%1d",
"%1e", "%1f" };
internal HttpResponseHeader(int knownHeaderIndex, String value) {
_unknownHeader = null;
_knownHeaderIndex = knownHeaderIndex;
// encode header value if
if(HttpRuntime.EnableHeaderChecking) {
_value = MaybeEncodeHeader(value);
}
else {
_value = value;
}
}
internal HttpResponseHeader(String unknownHeader, String value) {
if(HttpRuntime.EnableHeaderChecking) {
_unknownHeader = MaybeEncodeHeader(unknownHeader);
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = MaybeEncodeHeader(value);
}
else {
_unknownHeader = unknownHeader;
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = value;
}
}
internal virtual String Name {
get {
if (_unknownHeader != null)
return _unknownHeader;
else
return HttpWorkerRequest.GetKnownResponseHeaderName(_knownHeaderIndex);
}
}
internal String Value {
get { return _value;}
}
internal void Send(HttpWorkerRequest wr) {
if (_knownHeaderIndex >= 0)
wr.SendKnownResponseHeader(_knownHeaderIndex, _value);
else
wr.SendUnknownResponseHeader(_unknownHeader, _value);
}
// Encode the header if it contains a CRLF pair
// VSWhidbey 257154
internal static string MaybeEncodeHeader(string value) {
string sanitizedHeader = value;
if (NeedsEncoding(value)) {
// DevDiv Bugs 146028
// Denial Of Service scenarios involving
// control characters are possible.
// We are encoding the following characters:
// - All CTL characters except HT (horizontal tab)
// - DEL character (\x7f)
StringBuilder sb = new StringBuilder();
foreach (char c in value) {
if (c < 32 && c != 9) {
sb.Append(EncodingTable[c]);
}
else if (c == 127) {
sb.Append("%7f");
}
else {
sb.Append(c);
}
}
sanitizedHeader = sb.ToString();
}
return sanitizedHeader;
}
// Returns true if the string contains a control character (other than horizontal tab) or the DEL character.
internal static bool NeedsEncoding(string value) {
foreach (char c in value) {
if ((c < 32 && c != 9) || (c == 127)) {
return true;
}
}
return false;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
/*
* Single http header representation
*
* Copyright (c) 1998 Microsoft Corporation
*/
namespace System.Web {
using System.Collections;
using System.Text;
/*
* Response header (either known or unknown)
*/
internal class HttpResponseHeader {
private String _unknownHeader;
private int _knownHeaderIndex;
private String _value;
private static readonly string[] EncodingTable = new string[] { "%00", "%01", "%02", "%03", "%04",
"%05", "%06", "%07", "%08", "%09",
"%0a", "%0b", "%0c", "%0d", "%0e",
"%0f", "%10", "%11", "%12", "%13",
"%14", "%15", "%16", "%17", "%18",
"%19", "%1a", "%1b", "%1c", "%1d",
"%1e", "%1f" };
internal HttpResponseHeader(int knownHeaderIndex, String value) {
_unknownHeader = null;
_knownHeaderIndex = knownHeaderIndex;
// encode header value if
if(HttpRuntime.EnableHeaderChecking) {
_value = MaybeEncodeHeader(value);
}
else {
_value = value;
}
}
internal HttpResponseHeader(String unknownHeader, String value) {
if(HttpRuntime.EnableHeaderChecking) {
_unknownHeader = MaybeEncodeHeader(unknownHeader);
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = MaybeEncodeHeader(value);
}
else {
_unknownHeader = unknownHeader;
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = value;
}
}
internal virtual String Name {
get {
if (_unknownHeader != null)
return _unknownHeader;
else
return HttpWorkerRequest.GetKnownResponseHeaderName(_knownHeaderIndex);
}
}
internal String Value {
get { return _value;}
}
internal void Send(HttpWorkerRequest wr) {
if (_knownHeaderIndex >= 0)
wr.SendKnownResponseHeader(_knownHeaderIndex, _value);
else
wr.SendUnknownResponseHeader(_unknownHeader, _value);
}
// Encode the header if it contains a CRLF pair
// VSWhidbey 257154
internal static string MaybeEncodeHeader(string value) {
string sanitizedHeader = value;
if (NeedsEncoding(value)) {
// DevDiv Bugs 146028
// Denial Of Service scenarios involving
// control characters are possible.
// We are encoding the following characters:
// - All CTL characters except HT (horizontal tab)
// - DEL character (\x7f)
StringBuilder sb = new StringBuilder();
foreach (char c in value) {
if (c < 32 && c != 9) {
sb.Append(EncodingTable[c]);
}
else if (c == 127) {
sb.Append("%7f");
}
else {
sb.Append(c);
}
}
sanitizedHeader = sb.ToString();
}
return sanitizedHeader;
}
// Returns true if the string contains a control character (other than horizontal tab) or the DEL character.
internal static bool NeedsEncoding(string value) {
foreach (char c in value) {
if ((c < 32 && c != 9) || (c == 127)) {
return true;
}
}
return false;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TypeUsage.cs
- XmlSchemaFacet.cs
- TailPinnedEventArgs.cs
- HwndHostAutomationPeer.cs
- AttachInfo.cs
- UInt32.cs
- FontEmbeddingManager.cs
- ResourceSetExpression.cs
- StrokeCollection2.cs
- DesignerHost.cs
- ResourceProperty.cs
- X509ThumbprintKeyIdentifierClause.cs
- Int64.cs
- ComponentEditorPage.cs
- Converter.cs
- URLMembershipCondition.cs
- SimpleApplicationHost.cs
- SemanticResultValue.cs
- TimeSpanParse.cs
- AssemblyBuilder.cs
- SharedPerformanceCounter.cs
- EventLogPermissionEntry.cs
- ContractReference.cs
- JsonMessageEncoderFactory.cs
- Logging.cs
- HttpValueCollection.cs
- CodeLinePragma.cs
- peersecuritysettings.cs
- MappingItemCollection.cs
- SocketAddress.cs
- Socket.cs
- AddInStore.cs
- MsmqIntegrationBinding.cs
- BulletChrome.cs
- TagMapInfo.cs
- FileLevelControlBuilderAttribute.cs
- SQLMoney.cs
- StringFunctions.cs
- KeyInterop.cs
- DurableInstancingOptions.cs
- EntityViewGenerationAttribute.cs
- DataGridCell.cs
- ImageCollectionCodeDomSerializer.cs
- BuildProvider.cs
- EngineSite.cs
- SiteMapNodeItemEventArgs.cs
- RegistryConfigurationProvider.cs
- ControlBuilder.cs
- DataGridView.cs
- DataRow.cs
- ObjectDataSourceSelectingEventArgs.cs
- TypeUtil.cs
- Accessible.cs
- TableAdapterManagerGenerator.cs
- ImpersonationContext.cs
- DataExpression.cs
- ProvidersHelper.cs
- TransformerTypeCollection.cs
- Clipboard.cs
- SQLDecimal.cs
- RSAPKCS1KeyExchangeFormatter.cs
- AspProxy.cs
- InfocardClientCredentials.cs
- ServiceOperationListItemList.cs
- LayoutInformation.cs
- MetafileHeaderWmf.cs
- CodeIdentifiers.cs
- DocumentPageView.cs
- RealizationDrawingContextWalker.cs
- ClassHandlersStore.cs
- ElementNotAvailableException.cs
- ListView.cs
- XmlException.cs
- DirectoryNotFoundException.cs
- WindowPattern.cs
- Column.cs
- SecondaryIndex.cs
- ImageList.cs
- ThrowHelper.cs
- DBConcurrencyException.cs
- Latin1Encoding.cs
- AutoGeneratedFieldProperties.cs
- ColorAnimationUsingKeyFrames.cs
- arc.cs
- BasicCellRelation.cs
- TemplatedWizardStep.cs
- ClientUrlResolverWrapper.cs
- CodeSubDirectory.cs
- arclist.cs
- QueryOutputWriter.cs
- BinHexEncoder.cs
- PersonalizationProviderCollection.cs
- StateMachine.cs
- ElapsedEventArgs.cs
- ButtonStandardAdapter.cs
- ProviderUtil.cs
- IPGlobalProperties.cs
- OdbcHandle.cs
- ImageField.cs
- SymLanguageType.cs