Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / xsp / System / Web / Util / RequestValidator.cs / 1305376 / RequestValidator.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* * Base class providing extensibility hooks for custom request validation * * Copyright (c) 2009 Microsoft Corporation */ namespace System.Web.Util { using System; using System.Diagnostics.CodeAnalysis; using System.Threading; using System.Web; using System.Web.Configuration; public class RequestValidator { private static RequestValidator _customValidator; private static readonly Lazy_customValidatorResolver = new Lazy (GetCustomValidatorFromConfig); public static RequestValidator Current { get { if (_customValidator == null) { _customValidator = _customValidatorResolver.Value; } return _customValidator; } set { if (value == null) { throw new ArgumentNullException("value"); } _customValidator = value; } } private static RequestValidator GetCustomValidatorFromConfig() { // App since this is static per AppDomain RuntimeConfig config = RuntimeConfig.GetAppConfig(); HttpRuntimeSection runtimeSection = config.HttpRuntime; string validatorTypeName = runtimeSection.RequestValidationType; // validate the type Type validatorType = ConfigUtil.GetType(validatorTypeName, "requestValidationType", runtimeSection); ConfigUtil.CheckBaseType(typeof(RequestValidator) /* expectedBaseType */, validatorType, "requestValidationType", runtimeSection); // instantiate RequestValidator validator = (RequestValidator)HttpRuntime.CreatePublicInstance(validatorType); return validator; } internal static void InitializeOnFirstRequest() { // instantiate the validator if it hasn't already been created RequestValidator validator = _customValidatorResolver.Value; } private static bool IsAtoZ(char c) { return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z'); } [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", Justification = "This is an appropriate way to return multiple pieces of data.")] protected internal virtual bool IsValidRequestString(HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex) { if (requestValidationSource == RequestValidationSource.Headers) { validationFailureIndex = 0; return true; // Ignore Headers collection in the default implementation } return !CrossSiteScriptingValidation.IsDangerousString(value, out validationFailureIndex); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- /* * Base class providing extensibility hooks for custom request validation * * Copyright (c) 2009 Microsoft Corporation */ namespace System.Web.Util { using System; using System.Diagnostics.CodeAnalysis; using System.Threading; using System.Web; using System.Web.Configuration; public class RequestValidator { private static RequestValidator _customValidator; private static readonly Lazy_customValidatorResolver = new Lazy (GetCustomValidatorFromConfig); public static RequestValidator Current { get { if (_customValidator == null) { _customValidator = _customValidatorResolver.Value; } return _customValidator; } set { if (value == null) { throw new ArgumentNullException("value"); } _customValidator = value; } } private static RequestValidator GetCustomValidatorFromConfig() { // App since this is static per AppDomain RuntimeConfig config = RuntimeConfig.GetAppConfig(); HttpRuntimeSection runtimeSection = config.HttpRuntime; string validatorTypeName = runtimeSection.RequestValidationType; // validate the type Type validatorType = ConfigUtil.GetType(validatorTypeName, "requestValidationType", runtimeSection); ConfigUtil.CheckBaseType(typeof(RequestValidator) /* expectedBaseType */, validatorType, "requestValidationType", runtimeSection); // instantiate RequestValidator validator = (RequestValidator)HttpRuntime.CreatePublicInstance(validatorType); return validator; } internal static void InitializeOnFirstRequest() { // instantiate the validator if it hasn't already been created RequestValidator validator = _customValidatorResolver.Value; } private static bool IsAtoZ(char c) { return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z'); } [SuppressMessage("Microsoft.Design", "CA1021:AvoidOutParameters", Justification = "This is an appropriate way to return multiple pieces of data.")] protected internal virtual bool IsValidRequestString(HttpContext context, string value, RequestValidationSource requestValidationSource, string collectionKey, out int validationFailureIndex) { if (requestValidationSource == RequestValidationSource.Headers) { validationFailureIndex = 0; return true; // Ignore Headers collection in the default implementation } return !CrossSiteScriptingValidation.IsDangerousString(value, out validationFailureIndex); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- EqualityComparer.cs
- SymbolType.cs
- DeclaredTypeValidatorAttribute.cs
- StringBuilder.cs
- RowToParametersTransformer.cs
- EndpointIdentityExtension.cs
- TypeResolvingOptionsAttribute.cs
- QilIterator.cs
- Win32Native.cs
- StatusBarDesigner.cs
- Propagator.Evaluator.cs
- HostedHttpContext.cs
- Odbc32.cs
- ImportContext.cs
- DataServiceStreamResponse.cs
- ColumnResult.cs
- XhtmlBasicObjectListAdapter.cs
- SamlDelegatingWriter.cs
- Renderer.cs
- VarRemapper.cs
- ConstructorNeedsTagAttribute.cs
- Model3DGroup.cs
- ToolStripProgressBar.cs
- IImplicitResourceProvider.cs
- SqlInternalConnectionTds.cs
- WebPartCatalogCloseVerb.cs
- SingleAnimationUsingKeyFrames.cs
- ObjectCacheSettings.cs
- GenerateTemporaryTargetAssembly.cs
- followingquery.cs
- FlagPanel.cs
- ReadOnlyPropertyMetadata.cs
- ImageListStreamer.cs
- BeginStoryboard.cs
- mda.cs
- SamlSubjectStatement.cs
- WizardForm.cs
- SizeChangedEventArgs.cs
- DataGridCellItemAutomationPeer.cs
- CheckBoxList.cs
- ScriptingRoleServiceSection.cs
- QilBinary.cs
- CustomTokenProvider.cs
- WorkflowTransactionService.cs
- DecimalStorage.cs
- DataBoundLiteralControl.cs
- DataGridViewSelectedCellCollection.cs
- ListViewInsertionMark.cs
- ImageButton.cs
- IMembershipProvider.cs
- CmsUtils.cs
- ControlPersister.cs
- XsltOutput.cs
- ExtendedProtectionPolicy.cs
- Debugger.cs
- ListViewInsertEventArgs.cs
- LogWriteRestartAreaState.cs
- ProcessModelSection.cs
- WindowsFormsHost.cs
- PropertyMapper.cs
- XPathChildIterator.cs
- ProjectionCamera.cs
- UserControlParser.cs
- AdapterUtil.cs
- PaperSize.cs
- Rotation3D.cs
- SynchronizedPool.cs
- EntityExpressionVisitor.cs
- Constants.cs
- MemberMaps.cs
- BaseCodeDomTreeGenerator.cs
- QilList.cs
- ObjectQueryState.cs
- AcceleratedTokenProviderState.cs
- Label.cs
- DataMemberAttribute.cs
- OuterGlowBitmapEffect.cs
- SecUtil.cs
- Int16AnimationUsingKeyFrames.cs
- Bidi.cs
- CodeMemberProperty.cs
- Buffer.cs
- SqlFacetAttribute.cs
- PriorityBinding.cs
- SessionStateContainer.cs
- CategoryGridEntry.cs
- RenderDataDrawingContext.cs
- XmlElementAttribute.cs
- XsdBuildProvider.cs
- DesignerTransaction.cs
- Rect3D.cs
- InlineCollection.cs
- LayoutDump.cs
- Security.cs
- Process.cs
- OleDbPermission.cs
- Style.cs
- WsiProfilesElement.cs
- Model3DGroup.cs
- GiveFeedbackEventArgs.cs