Code:
/ Net / Net / 3.5.50727.3053 / DEVDIV / depot / DevDiv / releases / whidbey / netfxsp / ndp / fx / src / xsp / System / Web / HttpResponseHeader.cs / 7 / HttpResponseHeader.cs
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
/*
* Single http header representation
*
* Copyright (c) 1998 Microsoft Corporation
*/
namespace System.Web {
using System.Collections;
using System.Text;
/*
* Response header (either known or unknown)
*/
internal class HttpResponseHeader {
private String _unknownHeader;
private int _knownHeaderIndex;
private String _value;
private static readonly string[] EncodingTable = new string[] { "%00", "%01", "%02", "%03", "%04",
"%05", "%06", "%07", "%08", "%09",
"%0a", "%0b", "%0c", "%0d", "%0e",
"%0f", "%10", "%11", "%12", "%13",
"%14", "%15", "%16", "%17", "%18",
"%19", "%1a", "%1b", "%1c", "%1d",
"%1e", "%1f" };
internal HttpResponseHeader(int knownHeaderIndex, String value) {
_unknownHeader = null;
_knownHeaderIndex = knownHeaderIndex;
// encode header value if
if(HttpRuntime.EnableHeaderChecking) {
_value = MaybeEncodeHeader(value);
}
else {
_value = value;
}
}
internal HttpResponseHeader(String unknownHeader, String value) {
if(HttpRuntime.EnableHeaderChecking) {
_unknownHeader = MaybeEncodeHeader(unknownHeader);
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = MaybeEncodeHeader(value);
}
else {
_unknownHeader = unknownHeader;
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = value;
}
}
internal virtual String Name {
get {
if (_unknownHeader != null)
return _unknownHeader;
else
return HttpWorkerRequest.GetKnownResponseHeaderName(_knownHeaderIndex);
}
}
internal String Value {
get { return _value;}
}
internal void Send(HttpWorkerRequest wr) {
if (_knownHeaderIndex >= 0)
wr.SendKnownResponseHeader(_knownHeaderIndex, _value);
else
wr.SendUnknownResponseHeader(_unknownHeader, _value);
}
// Encode the header if it contains a CRLF pair
// VSWhidbey 257154
internal static string MaybeEncodeHeader(string value) {
string sanitizedHeader = value;
if (NeedsEncoding(value)) {
// DevDiv Bugs 146028
// Denial Of Service scenarios involving
// control characters are possible.
// We are encoding the following characters:
// - All CTL characters except HT (horizontal tab)
// - DEL character (\x7f)
StringBuilder sb = new StringBuilder();
foreach (char c in value) {
if (c < 32 && c != 9) {
sb.Append(EncodingTable[c]);
}
else if (c == 127) {
sb.Append("%7f");
}
else {
sb.Append(c);
}
}
sanitizedHeader = sb.ToString();
}
return sanitizedHeader;
}
// Returns true if the string contains a control character (other than horizontal tab) or the DEL character.
internal static bool NeedsEncoding(string value) {
foreach (char c in value) {
if ((c < 32 && c != 9) || (c == 127)) {
return true;
}
}
return false;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
/*
* Single http header representation
*
* Copyright (c) 1998 Microsoft Corporation
*/
namespace System.Web {
using System.Collections;
using System.Text;
/*
* Response header (either known or unknown)
*/
internal class HttpResponseHeader {
private String _unknownHeader;
private int _knownHeaderIndex;
private String _value;
private static readonly string[] EncodingTable = new string[] { "%00", "%01", "%02", "%03", "%04",
"%05", "%06", "%07", "%08", "%09",
"%0a", "%0b", "%0c", "%0d", "%0e",
"%0f", "%10", "%11", "%12", "%13",
"%14", "%15", "%16", "%17", "%18",
"%19", "%1a", "%1b", "%1c", "%1d",
"%1e", "%1f" };
internal HttpResponseHeader(int knownHeaderIndex, String value) {
_unknownHeader = null;
_knownHeaderIndex = knownHeaderIndex;
// encode header value if
if(HttpRuntime.EnableHeaderChecking) {
_value = MaybeEncodeHeader(value);
}
else {
_value = value;
}
}
internal HttpResponseHeader(String unknownHeader, String value) {
if(HttpRuntime.EnableHeaderChecking) {
_unknownHeader = MaybeEncodeHeader(unknownHeader);
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = MaybeEncodeHeader(value);
}
else {
_unknownHeader = unknownHeader;
_knownHeaderIndex = HttpWorkerRequest.GetKnownResponseHeaderIndex(_unknownHeader);
_value = value;
}
}
internal virtual String Name {
get {
if (_unknownHeader != null)
return _unknownHeader;
else
return HttpWorkerRequest.GetKnownResponseHeaderName(_knownHeaderIndex);
}
}
internal String Value {
get { return _value;}
}
internal void Send(HttpWorkerRequest wr) {
if (_knownHeaderIndex >= 0)
wr.SendKnownResponseHeader(_knownHeaderIndex, _value);
else
wr.SendUnknownResponseHeader(_unknownHeader, _value);
}
// Encode the header if it contains a CRLF pair
// VSWhidbey 257154
internal static string MaybeEncodeHeader(string value) {
string sanitizedHeader = value;
if (NeedsEncoding(value)) {
// DevDiv Bugs 146028
// Denial Of Service scenarios involving
// control characters are possible.
// We are encoding the following characters:
// - All CTL characters except HT (horizontal tab)
// - DEL character (\x7f)
StringBuilder sb = new StringBuilder();
foreach (char c in value) {
if (c < 32 && c != 9) {
sb.Append(EncodingTable[c]);
}
else if (c == 127) {
sb.Append("%7f");
}
else {
sb.Append(c);
}
}
sanitizedHeader = sb.ToString();
}
return sanitizedHeader;
}
// Returns true if the string contains a control character (other than horizontal tab) or the DEL character.
internal static bool NeedsEncoding(string value) {
foreach (char c in value) {
if ((c < 32 && c != 9) || (c == 127)) {
return true;
}
}
return false;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- VariableAction.cs
- PageBuildProvider.cs
- ImageListUtils.cs
- filewebresponse.cs
- GeneralTransformGroup.cs
- ObjectStateEntryDbDataRecord.cs
- CommandBinding.cs
- UnsafePeerToPeerMethods.cs
- BaseResourcesBuildProvider.cs
- SqlUtil.cs
- BitmapEffect.cs
- SqlCaseSimplifier.cs
- FormsAuthenticationCredentials.cs
- MatrixIndependentAnimationStorage.cs
- Freezable.cs
- ReverseInheritProperty.cs
- ArrayTypeMismatchException.cs
- EntityContainerEntitySet.cs
- ConversionValidationRule.cs
- Stacktrace.cs
- brushes.cs
- CategoryState.cs
- SmiEventSink_Default.cs
- RelationshipDetailsCollection.cs
- DocumentPageTextView.cs
- WindowsNonControl.cs
- ExpandCollapsePattern.cs
- DependencyObjectType.cs
- WebPartCollection.cs
- EventKeyword.cs
- XPathArrayIterator.cs
- EntityCommand.cs
- DocumentXmlWriter.cs
- ProgressPage.cs
- StatusBarPanelClickEvent.cs
- cookieexception.cs
- GlyphElement.cs
- MetadataArtifactLoaderFile.cs
- FullTextBreakpoint.cs
- XPathExpr.cs
- ImportCatalogPart.cs
- NameValueConfigurationElement.cs
- Image.cs
- HandleExceptionArgs.cs
- ItemAutomationPeer.cs
- DateTimeOffsetAdapter.cs
- FaultContext.cs
- Menu.cs
- MenuItemStyleCollection.cs
- DoubleCollectionValueSerializer.cs
- SqlMethodTransformer.cs
- ToolStripPanel.cs
- StatusBarAutomationPeer.cs
- DesignSurfaceEvent.cs
- CallTemplateAction.cs
- TypeSystemProvider.cs
- Vector3DKeyFrameCollection.cs
- NodeLabelEditEvent.cs
- BindingGroup.cs
- base64Transforms.cs
- CallbackValidatorAttribute.cs
- LocalizationComments.cs
- TraceRecords.cs
- SchemaImporterExtensionsSection.cs
- InternalRelationshipCollection.cs
- WindowsScrollBar.cs
- PerformanceCounters.cs
- QueryCacheManager.cs
- GraphicsState.cs
- WorkBatch.cs
- AutomationPropertyInfo.cs
- DataGridTableStyleMappingNameEditor.cs
- SqlPersonalizationProvider.cs
- GreaterThanOrEqual.cs
- X509SubjectKeyIdentifierClause.cs
- HttpServerUtilityWrapper.cs
- DbConnectionStringBuilder.cs
- Span.cs
- XmlIlGenerator.cs
- MethodImplAttribute.cs
- ImagingCache.cs
- RemotingException.cs
- GeneralTransform.cs
- PreloadedPackages.cs
- XmlDataProvider.cs
- OrderByQueryOptionExpression.cs
- ToolStripOverflow.cs
- ListSortDescription.cs
- WindowsButton.cs
- XmlValueConverter.cs
- ContextMarshalException.cs
- ServiceModelReg.cs
- OracleLob.cs
- OutputCacheSettings.cs
- ServerTooBusyException.cs
- MeasureData.cs
- CompiledELinqQueryState.cs
- DataGridColumn.cs
- HideDisabledControlAdapter.cs
- PriorityItem.cs