Code:
/ FXUpdate3074 / FXUpdate3074 / 1.1 / DEVDIV / depot / DevDiv / releases / whidbey / QFE / ndp / fx / src / xsp / System / Web / HttpResponseHeader.cs / 3 / HttpResponseHeader.cs
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
/*
* Single http header representation
*
* Copyright (c) 1998 Microsoft Corporation
*/
namespace System.Web {
using System.Collections;
using System.Text;
/*
* Response header (either known or unknown)
*/
internal class HttpResponseHeader {
private String _unknownHeader;
private int _knownHeaderIndex;
private String _value;
private static readonly string[] EncodingTable = new string[] { "%00", "%01", "%02", "%03", "%04",
"%05", "%06", "%07", "%08", "%09",
"%0a", "%0b", "%0c", "%0d", "%0e",
"%0f", "%10", "%11", "%12", "%13",
"%14", "%15", "%16", "%17", "%18",
"%19", "%1a", "%1b", "%1c", "%1d",
"%1e", "%1f" };
internal HttpResponseHeader(int knownHeaderIndex, String value) {
_unknownHeader = null;
_knownHeaderIndex = knownHeaderIndex;
// encode header value if
if(HttpRuntime.EnableHeaderChecking) {
_value = MaybeEncodeHeader(value);
}
else {
_value = value;
}
}
internal HttpResponseHeader(String unknownHeader, String value) {
if(HttpRuntime.EnableHeaderChecking) {
_unknownHeader = MaybeEncodeHeader(unknownHeader);
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = MaybeEncodeHeader(value);
}
else {
_unknownHeader = unknownHeader;
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = value;
}
}
internal virtual String Name {
get {
if (_unknownHeader != null)
return _unknownHeader;
else
return HttpWorkerRequest.GetKnownResponseHeaderName(_knownHeaderIndex);
}
}
internal String Value {
get { return _value;}
}
internal void Send(HttpWorkerRequest wr) {
if (_knownHeaderIndex >= 0)
wr.SendKnownResponseHeader(_knownHeaderIndex, _value);
else
wr.SendUnknownResponseHeader(_unknownHeader, _value);
}
// Encode the header if it contains a CRLF pair
//
internal static string MaybeEncodeHeader(string value) {
string sanitizedHeader = value;
if (NeedsEncoding(value)) {
// DevDiv Bugs 146028
// Denial Of Service scenarios involving
// control characters are possible.
// We are encoding the following characters:
// - All CTL characters except HT (horizontal tab)
// - DEL character (\x7f)
StringBuilder sb = new StringBuilder();
foreach (char c in value) {
if (c < 32 && c != 9) {
sb.Append(EncodingTable[c]);
}
else if (c == 127) {
sb.Append("%7f");
}
else {
sb.Append(c);
}
}
sanitizedHeader = sb.ToString();
}
return sanitizedHeader;
}
// Returns true if the string contains a control character (other than horizontal tab) or the DEL character.
internal static bool NeedsEncoding(string value) {
foreach (char c in value) {
if ((c < 32 && c != 9) || (c == 127)) {
return true;
}
}
return false;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
/*
* Single http header representation
*
* Copyright (c) 1998 Microsoft Corporation
*/
namespace System.Web {
using System.Collections;
using System.Text;
/*
* Response header (either known or unknown)
*/
internal class HttpResponseHeader {
private String _unknownHeader;
private int _knownHeaderIndex;
private String _value;
private static readonly string[] EncodingTable = new string[] { "%00", "%01", "%02", "%03", "%04",
"%05", "%06", "%07", "%08", "%09",
"%0a", "%0b", "%0c", "%0d", "%0e",
"%0f", "%10", "%11", "%12", "%13",
"%14", "%15", "%16", "%17", "%18",
"%19", "%1a", "%1b", "%1c", "%1d",
"%1e", "%1f" };
internal HttpResponseHeader(int knownHeaderIndex, String value) {
_unknownHeader = null;
_knownHeaderIndex = knownHeaderIndex;
// encode header value if
if(HttpRuntime.EnableHeaderChecking) {
_value = MaybeEncodeHeader(value);
}
else {
_value = value;
}
}
internal HttpResponseHeader(String unknownHeader, String value) {
if(HttpRuntime.EnableHeaderChecking) {
_unknownHeader = MaybeEncodeHeader(unknownHeader);
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = MaybeEncodeHeader(value);
}
else {
_unknownHeader = unknownHeader;
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = value;
}
}
internal virtual String Name {
get {
if (_unknownHeader != null)
return _unknownHeader;
else
return HttpWorkerRequest.GetKnownResponseHeaderName(_knownHeaderIndex);
}
}
internal String Value {
get { return _value;}
}
internal void Send(HttpWorkerRequest wr) {
if (_knownHeaderIndex >= 0)
wr.SendKnownResponseHeader(_knownHeaderIndex, _value);
else
wr.SendUnknownResponseHeader(_unknownHeader, _value);
}
// Encode the header if it contains a CRLF pair
//
internal static string MaybeEncodeHeader(string value) {
string sanitizedHeader = value;
if (NeedsEncoding(value)) {
// DevDiv Bugs 146028
// Denial Of Service scenarios involving
// control characters are possible.
// We are encoding the following characters:
// - All CTL characters except HT (horizontal tab)
// - DEL character (\x7f)
StringBuilder sb = new StringBuilder();
foreach (char c in value) {
if (c < 32 && c != 9) {
sb.Append(EncodingTable[c]);
}
else if (c == 127) {
sb.Append("%7f");
}
else {
sb.Append(c);
}
}
sanitizedHeader = sb.ToString();
}
return sanitizedHeader;
}
// Returns true if the string contains a control character (other than horizontal tab) or the DEL character.
internal static bool NeedsEncoding(string value) {
foreach (char c in value) {
if ((c < 32 && c != 9) || (c == 127)) {
return true;
}
}
return false;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- SpecialTypeDataContract.cs
- HtmlHead.cs
- AuthenticodeSignatureInformation.cs
- DataRelationPropertyDescriptor.cs
- PassportPrincipal.cs
- ZipIORawDataFileBlock.cs
- TextEditorContextMenu.cs
- InheritedPropertyChangedEventArgs.cs
- HtmlWindow.cs
- DataGridTextBox.cs
- TableRowGroup.cs
- SignatureGenerator.cs
- WebPartDisplayMode.cs
- recordstate.cs
- QueryStringParameter.cs
- PathFigure.cs
- GifBitmapDecoder.cs
- HttpResponseWrapper.cs
- Color.cs
- StrokeRenderer.cs
- InternalBufferOverflowException.cs
- TreeNodeClickEventArgs.cs
- addressfiltermode.cs
- cookie.cs
- PrtCap_Reader.cs
- CultureTableRecord.cs
- ProcessManager.cs
- DoubleLinkList.cs
- CompilationUnit.cs
- FileLogRecordEnumerator.cs
- InvalidProgramException.cs
- ToolStripLocationCancelEventArgs.cs
- HttpCookie.cs
- GenericNameHandler.cs
- DispatcherSynchronizationContext.cs
- XMLDiffLoader.cs
- SqlServices.cs
- BaseValidatorDesigner.cs
- BamlResourceSerializer.cs
- __Filters.cs
- SupportsEventValidationAttribute.cs
- Msmq4SubqueuePoisonHandler.cs
- NetworkStream.cs
- AccessKeyManager.cs
- DbParameterCollection.cs
- HttpProcessUtility.cs
- ImageDesigner.cs
- BooleanToVisibilityConverter.cs
- Pen.cs
- ColumnMapCopier.cs
- HeaderedContentControl.cs
- SerializationInfoEnumerator.cs
- __ConsoleStream.cs
- FormViewDeletedEventArgs.cs
- AdPostCacheSubstitution.cs
- PTUtility.cs
- EmptyQuery.cs
- ParseHttpDate.cs
- OdbcConnectionStringbuilder.cs
- InternalPermissions.cs
- PageSetupDialog.cs
- FontSource.cs
- TokenBasedSet.cs
- RuntimeTrackingProfile.cs
- As.cs
- DesignerTransaction.cs
- ChannelSinkStacks.cs
- ModelTypeConverter.cs
- HttpRequestTraceRecord.cs
- TypeInfo.cs
- CheckedPointers.cs
- ObjectManager.cs
- TextEffect.cs
- IdnElement.cs
- XmlSchemaSearchPattern.cs
- EpmTargetTree.cs
- SourceLineInfo.cs
- ArraySortHelper.cs
- DateTimeValueSerializer.cs
- BrowserDefinitionCollection.cs
- ImageCodecInfoPrivate.cs
- GPStream.cs
- AmbientLight.cs
- DataBoundControl.cs
- TableCell.cs
- Style.cs
- CompilerLocalReference.cs
- DataKey.cs
- RecognizedPhrase.cs
- MasterPageParser.cs
- ShaderEffect.cs
- ADMembershipUser.cs
- HttpApplicationFactory.cs
- SystemKeyConverter.cs
- TreeNodeStyle.cs
- VBIdentifierTrimConverter.cs
- EventMappingSettingsCollection.cs
- DataGridHeaderBorder.cs
- cookieexception.cs
- WebPartEditorCancelVerb.cs