2 // System.Web.HttpRequest
5 // Patrik Torstensson (Patrik.Torstensson@labs2.com)
6 // Gonzalo Paniagua Javier (gonzalo@ximian.com)
8 // (c) 2001, 2002 Patrick Torstensson
9 // (c) 2002,2003 Ximian, Inc. (http://www.ximian.com)
10 // (c) 2004 Novell, Inc. (http://www.novell.com)
14 // Permission is hereby granted, free of charge, to any person obtaining
15 // a copy of this software and associated documentation files (the
16 // "Software"), to deal in the Software without restriction, including
17 // without limitation the rights to use, copy, modify, merge, publish,
18 // distribute, sublicense, and/or sell copies of the Software, and to
19 // permit persons to whom the Software is furnished to do so, subject to
20 // the following conditions:
22 // The above copyright notice and this permission notice shall be
23 // included in all copies or substantial portions of the Software.
25 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
26 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
27 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
28 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
29 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
30 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
31 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
34 using System.Collections;
35 using System.Collections.Specialized;
38 using System.Web.Configuration;
39 using System.Web.Util;
41 namespace System.Web {
42 [MonoTODO("Review security in all path access function")]
43 public sealed class HttpRequest {
44 private string [] _arrAcceptTypes;
45 private string [] _arrUserLanguages;
47 private byte [] _arrRawContent;
48 private int _iContentLength;
50 private string _sContentType;
51 private string _sHttpMethod;
52 private string _sRawUrl;
53 private string _sUserAgent;
54 private string _sUserHostAddress;
55 private string _sUserHostName;
56 private string _sPath;
57 private string _sPathInfo;
58 private string _sFilePath;
59 private string baseVirtualDir;
60 private string _sPathTranslated;
61 private string _sQueryStringRaw;
62 private string _sRequestType;
63 private string _sRequestRootVirtualDir;
65 private Encoding _oContentEncoding;
67 private Uri _oUriReferrer;
70 private int _iTotalBytes;
72 private HttpContext _oContext;
74 private HttpWorkerRequest _WorkerRequest;
75 private HttpRequestStream _oInputStream;
76 private HttpClientCertificate _ClientCert;
78 private HttpValueCollection _oServerVariables;
79 private HttpValueCollection _oHeaders;
80 private HttpValueCollection _oQueryString;
81 private HttpValueCollection _oFormData;
82 private HttpValueCollection _oParams;
84 private HttpBrowserCapabilities _browser;
86 private HttpCookieCollection cookies;
88 HttpRequestStream requestFilter;
90 string currentExePath;
94 bool validateQueryString;
98 bool checkedQueryString;
101 public HttpRequest(string Filename, string Url, string Querystring) {
102 _iContentLength = -1;
105 _WorkerRequest = null;
106 _sPathTranslated = Filename;
107 _sRequestType = "GET";
109 _oUrl = new Uri(Url);
110 _sPath = _oUrl.AbsolutePath;
112 _sQueryStringRaw = Querystring;
113 _oQueryString = new HttpValueCollection(Querystring, true, Encoding.ASCII);
116 internal HttpRequest(HttpWorkerRequest WorkRequest, HttpContext Context) {
117 _WorkerRequest = WorkRequest;
120 _iContentLength = -1;
124 internal void AddHeaderVariables (ServerVariablesCollection coll)
126 if (null == _WorkerRequest)
132 // Add all known headers
133 for (int i = 0; i < HttpWorkerRequest.RequestHeaderMaximum; i++) {
134 hvalue = _WorkerRequest.GetKnownRequestHeader (i);
135 if (null != hvalue && hvalue.Length > 0) {
136 hname = HttpWorkerRequest.GetKnownRequestHeaderName (i);
137 if (null != hname && hname.Length > 0)
138 coll.Add ("HTTP_" + hname.ToUpper ().Replace ('-', '_'), hvalue);
142 // Get all other headers
143 string [][] unknown = _WorkerRequest.GetUnknownRequestHeaders ();
144 if (null != unknown) {
145 for (int i = 0; i < unknown.Length; i++) {
146 hname = unknown [i][0];
147 hvalue = unknown [i][1];
148 coll.Add ("HTTP_" + hname.ToUpper ().Replace ('-', '_'), hvalue);
153 internal string GetAllHeaders(bool raw) {
156 if (null == _WorkerRequest) {
160 oData = new StringBuilder(512);
166 // Add all known headers
167 for (; iCount != HttpWorkerRequest.RequestHeaderMaximum; iCount++) {
168 sHeaderValue = _WorkerRequest.GetKnownRequestHeader(iCount);
169 if (null != sHeaderValue && sHeaderValue.Length > 0) {
170 sHeaderName = HttpWorkerRequest.GetKnownRequestHeaderName(iCount);
171 if (null != sHeaderName && sHeaderName.Length > 0) {
173 oData.Append(sHeaderName);
175 oData.Append ("HTTP_");
176 oData.Append (sHeaderName.ToUpper ().Replace ('-', '_'));
179 oData.Append(sHeaderValue);
180 oData.Append("\r\n");
185 // Get all other headers
186 string [][] arrUnknownHeaders = _WorkerRequest.GetUnknownRequestHeaders();
187 if (null != arrUnknownHeaders) {
188 for (iCount = 0; iCount != arrUnknownHeaders.Length; iCount++) {
189 string hname = arrUnknownHeaders[iCount][0];
191 oData.Append (hname);
193 oData.Append ("HTTP_");
194 oData.Append (hname.ToUpper ().Replace ('-', '_'));
197 oData.Append(arrUnknownHeaders[iCount][1]);
198 oData.Append("\r\n");
202 return oData.ToString();
205 [MonoTODO("We need to handly 'dynamic' variables like AUTH_USER, that can be changed during runtime... special collection")]
206 private void ParseServerVariables() {
207 if (null == _WorkerRequest) {
211 if (_oServerVariables == null){
212 _oServerVariables = new ServerVariablesCollection (this);
213 _oServerVariables.MakeReadOnly ();
217 private void ParseFormData ()
219 string contentType = ContentType;
220 if (0 == String.Compare (contentType, "application/x-www-form-urlencoded", true)) {
221 byte [] arrData = GetRawContent ();
222 Encoding enc = ContentEncoding;
223 string data = enc.GetString (arrData);
224 _oFormData = new HttpValueCollection (data, true, enc);
227 if (!ContentType.StartsWith ("multipart/form-data")) {
228 if (contentType.Length > 0)
229 Console.WriteLine ("Content-Type -> {0} not supported", contentType);
230 _oFormData = new HttpValueCollection ();
234 MultipartContentElement [] parts = GetMultipartFormData ();
235 _oFormData = new HttpValueCollection ();
236 if (parts == null) return;
238 foreach (MultipartContentElement p in parts) {
239 if (!p.IsFormItem) continue;
240 _oFormData.Add (p.Name, p.GetString (ContentEncoding));
245 [MonoTODO("void Dispose")]
246 internal void Dispose() {
249 private byte [] GetRawContent ()
251 if (_arrRawContent != null)
252 return _arrRawContent;
254 if (null == _WorkerRequest) {
255 if (QueryStringRaw == null)
257 char [] q = QueryStringRaw.ToCharArray ();
258 _arrRawContent = new byte [q.Length];
259 for (int i = 0; i < q.Length; i++)
260 _arrRawContent [i] = (byte) q [i];
261 return _arrRawContent;
264 _arrRawContent = _WorkerRequest.GetPreloadedEntityBody ();
265 if (_arrRawContent == null)
266 _arrRawContent = new byte [0];
268 int length = ContentLength;
269 HttpRuntimeConfig cfg = (HttpRuntimeConfig) _oContext.GetConfig ("system.web/httpRuntime");
270 int maxRequestLength = cfg.MaxRequestLength * 1024;
271 if (ContentLength > maxRequestLength)
272 throw new HttpException (400, "Maximum request length exceeded.");
274 if (_WorkerRequest.IsEntireEntityBodyIsPreloaded () || length <= _arrRawContent.Length)
275 return _arrRawContent;
277 byte [] arrBuffer = new byte [Math.Min (16384, length)];
278 MemoryStream ms = new MemoryStream (arrBuffer.Length);
279 ms.Write (_arrRawContent, 0, _arrRawContent.Length);
281 int bufLength = arrBuffer.Length;
282 for (int loaded = _arrRawContent.Length; loaded < length; loaded += read) {
283 if (length - loaded < bufLength)
284 bufLength = length - loaded;
286 read = _WorkerRequest.ReadEntityBody (arrBuffer, bufLength);
287 if (read == 0 ||read == -1 )
290 if (ContentLength > maxRequestLength || ms.Length + read > maxRequestLength)
291 throw new HttpException (400, "Maximum request length exceeded.");
293 ms.Write (arrBuffer, 0, read);
296 byte [] msBuffer = ms.GetBuffer ();
297 if (msBuffer.Length == length)
298 _arrRawContent = msBuffer;
300 _arrRawContent = ms.ToArray ();
302 if (userFilter != null) {
303 requestFilter.Set (_arrRawContent, 0, _arrRawContent.Length);
304 int userLength = Convert.ToInt32 (userFilter.Length - userFilter.Position);
305 byte [] filtered = new byte [userLength];
306 userFilter.Read (filtered, 0, userLength);
307 _arrRawContent = filtered;
310 return _arrRawContent;
313 internal HttpContext Context {
314 get { return _oContext; }
317 internal HttpWorkerRequest WorkerRequest {
318 get { return _WorkerRequest; }
321 public string [] AcceptTypes {
323 if (null == _arrAcceptTypes && null != _WorkerRequest) {
324 _arrAcceptTypes = HttpHelper.ParseMultiValueHeader(_WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderAccept));
327 return _arrAcceptTypes;
332 public string ApplicationPath {
334 if (null != _WorkerRequest) {
335 return _WorkerRequest.GetAppPath();
342 public HttpBrowserCapabilities Browser {
344 if (_browser == null) {
345 _browser = (HttpBrowserCapabilities)
346 HttpCapabilitiesBase.GetConfigCapabilities (null, this);
352 set { _browser = value; }
355 public HttpClientCertificate ClientCertificate {
357 if (null == _ClientCert) {
358 _ClientCert = new HttpClientCertificate(_oContext);
365 private string GetValueFromHeader (string header, string attr)
367 int where = header.IndexOf (attr + '=');
371 where += attr.Length + 1;
372 int max = header.Length;
376 char ending = header [where];
380 int end = header.Substring (where + 1).IndexOf (ending);
382 return (ending == '"') ? null : header.Substring (where);
384 return header.Substring (where, end);
387 public Encoding ContentEncoding
390 if (_oContentEncoding == null) {
391 if (_WorkerRequest != null &&
392 (!_WorkerRequest.HasEntityBody () || ContentType != String.Empty)) {
393 _oContentEncoding = WebEncoding.RequestEncoding;
396 charset = GetValueFromHeader (_sContentType, "charset");
398 _oContentEncoding = Encoding.GetEncoding (charset);
400 _oContentEncoding = WebEncoding.RequestEncoding;
405 return _oContentEncoding;
409 _oContentEncoding = value;
413 public int ContentLength {
415 if (_iContentLength == -1 && null != _WorkerRequest) {
416 string sLength = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderContentLength);
417 if (sLength != null) {
419 _iContentLength = Int32.Parse(sLength);
426 if (_iContentLength < 0) {
430 return _iContentLength;
434 public string ContentType {
436 if (null == _sContentType) {
437 if (null != _WorkerRequest) {
438 _sContentType = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderContentType);
441 if (null == _sContentType) {
442 _sContentType = string.Empty;
446 return _sContentType;
449 set { _sContentType = value; }
453 static private string GetCookieValue (string str, int length, ref int i)
459 while (k < length && Char.IsWhiteSpace (str [k]))
463 while (k < length && str [k] != ';')
467 return str.Substring (begin, i - begin).Trim ();
470 static private string GetCookieName (string str, int length, ref int i)
476 while (k < length && Char.IsWhiteSpace (str [k]))
480 while (k < length && str [k] != ';' && str [k] != '=')
484 return str.Substring (begin, k - begin).Trim ();
487 private void GetCookies ()
489 string header = _WorkerRequest.GetKnownRequestHeader (HttpWorkerRequest.HeaderCookie);
490 if (header == null || header.Length == 0)
494 * cookie = "Cookie:" cookie-version
495 * 1*((";" | ",") cookie-value)
496 * cookie-value = NAME "=" VALUE [";" path] [";" domain]
497 * cookie-version = "$Version" "=" value
500 * path = "$Path" "=" value
501 * domain = "$Domain" "=" value
503 * MS ignores $Version!
504 * ',' as a separator produces errors.
507 string [] name_values = header.Trim ().Split (';');
508 int length = name_values.Length;
509 HttpCookie cookie = null;
511 for (int i = 0; i < length; i++) {
513 string name_value = name_values [i].Trim ();
514 string name = GetCookieName (name_value, name_value.Length, ref pos);
515 string value = GetCookieValue (name_value, name_value.Length, ref pos);
516 if (cookie != null) {
517 if (name == "$Path") {
520 } else if (name == "$Domain") {
521 cookie.Domain = value;
524 cookies.Add (cookie);
528 cookie = new HttpCookie (name, value);
532 cookies.Add (cookie);
535 public HttpCookieCollection Cookies
538 if (cookies == null) {
539 cookies = new HttpCookieCollection (null, false);
540 if (_WorkerRequest != null)
544 if (validateCookies && !checkedCookies) {
545 ValidateCookieCollection (cookies);
546 checkedCookies = true;
553 public string CurrentExecutionFilePath {
555 if (currentExePath != null)
556 return currentExePath;
562 public string FilePath {
564 if (null == _sFilePath && null != _WorkerRequest) {
565 _sFilePath = _WorkerRequest.GetFilePath();
567 _sFilePath = UrlUtils.Reduce (_sFilePath);
568 } catch (Exception) {
569 throw new HttpException (403, "Forbidden");
577 HttpFileCollection files;
578 public HttpFileCollection Files {
583 files = new HttpFileCollection ();
590 void FillPostedFiles ()
592 if (!ContentType.StartsWith ("multipart/form-data")) return;
594 MultipartContentElement [] parts = GetMultipartFormData ();
595 if (parts == null) return;
597 foreach (MultipartContentElement p in parts) {
598 if (!p.IsFile) continue;
599 files.AddFile (p.Name, p.GetFile ());
603 MultipartContentElement [] multipartContent;
604 MultipartContentElement [] GetMultipartFormData ()
606 if (multipartContent != null) return multipartContent;
608 byte [] raw = GetRawContent ();
609 byte [] boundary = Encoding.ASCII.GetBytes (("--" + GetValueFromHeader (ContentType, "boundary")));
610 return multipartContent = HttpMultipartContentParser.Parse (raw, boundary, ContentEncoding);
613 public Stream Filter {
615 if (userFilter != null)
618 if (requestFilter == null)
619 requestFilter = new HttpRequestStream ();
621 // This is an empty stream. It will not contain data until GetRawContent
622 return requestFilter;
626 if (requestFilter == null)
627 throw new HttpException ("Invalid request filter.");
633 public NameValueCollection Form {
635 if (_oFormData == null) {
639 if (validateForm && !checkedForm) {
640 ValidateNameValueCollection ("Form", _oFormData);
649 public NameValueCollection Headers {
651 if (_oHeaders == null) {
652 _oHeaders = new HttpValueCollection();
654 if (null != _WorkerRequest) {
659 // Add all know headers
660 for (; iCount != 40; iCount++) {
661 sHeaderValue = _WorkerRequest.GetKnownRequestHeader(iCount);
662 if (null != sHeaderValue && sHeaderValue.Length > 0) {
663 sHeaderName = HttpWorkerRequest.GetKnownRequestHeaderName(iCount);
664 if (null != sHeaderName && sHeaderName.Length > 0) {
665 _oHeaders.Add(sHeaderName, sHeaderValue);
670 // Get all other headers
671 string [][] arrUnknownHeaders = _WorkerRequest.GetUnknownRequestHeaders();
672 if (null != arrUnknownHeaders) {
673 for (iCount = 0; iCount != arrUnknownHeaders.Length; iCount++) {
674 _oHeaders.Add(arrUnknownHeaders[iCount][0], arrUnknownHeaders[iCount][1]);
679 // Make headers read-only
680 _oHeaders.MakeReadOnly();
683 return (NameValueCollection) _oHeaders;
687 public string HttpMethod {
689 if (null == _sHttpMethod) {
690 if (null != _WorkerRequest) {
691 _sHttpMethod = _WorkerRequest.GetHttpVerbName().ToUpper();
694 if (_sHttpMethod == null) {
695 if (RequestType != null)
696 _sHttpMethod = RequestType;
698 _sHttpMethod = "GET";
706 public Stream InputStream {
708 if (_oInputStream == null) {
709 byte [] arrInputData = GetRawContent ();
711 if (null != arrInputData) {
712 _oInputStream = new HttpRequestStream(arrInputData, 0, arrInputData.Length);
714 _oInputStream = new HttpRequestStream(null, 0, 0);
718 return _oInputStream;
722 public bool IsAuthenticated {
724 if (_oContext != null && _oContext.User != null && _oContext.User.Identity != null) {
725 return _oContext.User.Identity.IsAuthenticated;
732 public bool IsSecureConnection {
734 if (null != _WorkerRequest) {
735 return _WorkerRequest.IsSecure();
742 public string this [string sKey] {
744 string result = QueryString [sKey];
748 result = Form [sKey];
752 HttpCookie cookie = Cookies [sKey];
756 return ServerVariables [sKey];
760 public NameValueCollection Params {
762 if (_oParams == null) {
763 _oParams = new HttpValueCollection();
765 _oParams.Merge(QueryString);
766 _oParams.Merge(Form);
767 _oParams.Merge(ServerVariables);
768 int count = Cookies.Count;
769 for (int i = 0; i< count; i++) {
770 HttpCookie cookie = Cookies [i];
771 _oParams.Add (cookie.Name, cookie.Value);
773 _oParams.MakeReadOnly();
776 return (NameValueCollection) _oParams;
782 if (_sPath == null) {
783 if (null != _WorkerRequest) {
784 _sPath = _WorkerRequest.GetUriPath();
787 if (_sPath == null) {
788 _sPath = string.Empty;
796 public string PathInfo {
798 if (_sPathInfo == null) {
799 if (null != _WorkerRequest) {
800 _sPathInfo = _WorkerRequest.GetPathInfo();
803 if (_sPathInfo == null) {
804 _sPathInfo = string.Empty;
812 public string PhysicalApplicationPath {
814 if (null != _WorkerRequest) {
815 return _WorkerRequest.GetAppPathTranslated();
822 public string PhysicalPath {
824 if (_sPathTranslated == null && _WorkerRequest != null)
825 _sPathTranslated = _WorkerRequest.MapPath (CurrentExecutionFilePath);
827 return _sPathTranslated;
831 public NameValueCollection QueryString {
833 if (_oQueryString == null) {
835 _oQueryString = new HttpValueCollection(QueryStringRaw, true,
838 _oQueryString = new HttpValueCollection(QueryStringRaw, true,
843 if (validateQueryString && !checkedQueryString) {
844 ValidateNameValueCollection ("QueryString", _oQueryString);
845 checkedQueryString = true;
848 return _oQueryString;
852 // Used to parse the querystring
853 internal string QueryStringRaw {
855 if (_sQueryStringRaw == null && null != _WorkerRequest) {
856 byte [] arrQuerystringBytes = _WorkerRequest.GetQueryStringRawBytes();
857 if (null != arrQuerystringBytes && arrQuerystringBytes.Length > 0) {
858 _sQueryStringRaw = ContentEncoding.GetString(arrQuerystringBytes);
860 _sQueryStringRaw = _WorkerRequest.GetQueryString();
864 if (_sQueryStringRaw == null) {
865 _sQueryStringRaw = string.Empty;
868 return _sQueryStringRaw;
872 _sQueryStringRaw = value;
873 _oQueryString = null;
874 _arrRawContent = null;
879 public string RawUrl {
881 if (null == _sRawUrl) {
882 if (null != _WorkerRequest) {
883 _sRawUrl = _WorkerRequest.GetRawUrl();
886 if (QueryStringRaw != null && QueryStringRaw.Length > 0) {
887 _sRawUrl = _sRawUrl + "?" + QueryStringRaw;
896 public string RequestType {
898 if (null == _sRequestType) {
902 return _sRequestType;
906 _sRequestType = value;
911 public NameValueCollection ServerVariables {
913 ParseServerVariables();
915 return (NameValueCollection) _oServerVariables;
919 public int TotalBytes {
921 if (_iTotalBytes == -1) {
922 if (null != InputStream) {
923 _iTotalBytes = (int) InputStream.Length;
935 if (_oUrl != null || _WorkerRequest == null)
938 string qs = QueryStringRaw;
944 UriBuilder ub = new UriBuilder (_WorkerRequest.GetProtocol (),
945 _WorkerRequest.GetServerName (),
946 _WorkerRequest.GetLocalPort (),
955 public Uri UrlReferrer {
957 if (null == _oUriReferrer && null != _WorkerRequest) {
958 string sReferrer = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderReferer);
959 if (null != sReferrer && sReferrer.Length > 0) {
961 if (sReferrer.IndexOf("://") >= 0) {
962 _oUriReferrer = new Uri(sReferrer);
964 _oUriReferrer = new Uri(this.Url, sReferrer);
972 return _oUriReferrer;
976 public string UserAgent {
978 if (_sUserAgent == null && _WorkerRequest != null) {
979 _sUserAgent = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderUserAgent);
982 if (_sUserAgent == null) {
983 _sUserAgent = string.Empty;
990 public string UserHostAddress {
992 if (_sUserHostAddress == null && null != _WorkerRequest) {
993 _sUserHostAddress = _WorkerRequest.GetRemoteAddress();
996 if (_sUserHostAddress == null || _sUserHostAddress.Length == 0) {
997 _sUserHostAddress = "127.0.0.1";
1000 return _sUserHostAddress;
1004 public string UserHostName {
1006 if (_sUserHostName == null && null != _WorkerRequest) {
1007 _sUserHostName = _WorkerRequest.GetRemoteName();
1010 if (_sUserHostName == null || _sUserHostName.Length == 0) {
1011 _sUserHostName = UserHostAddress;
1014 return _sUserHostName;
1018 public string [] UserLanguages {
1020 if (_arrUserLanguages == null && null != _WorkerRequest) {
1021 _arrUserLanguages = HttpHelper.ParseMultiValueHeader(_WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderAcceptLanguage));
1024 return _arrUserLanguages;
1028 internal string RootVirtualDir {
1030 if (_sRequestRootVirtualDir == null) {
1031 _sRequestRootVirtualDir = FilePath;
1032 int pos = _sRequestRootVirtualDir.LastIndexOf ('/');
1033 if (pos == -1 || pos == 0)
1034 _sRequestRootVirtualDir = "/";
1036 _sRequestRootVirtualDir = _sRequestRootVirtualDir.Substring (0, pos);
1039 return _sRequestRootVirtualDir;
1043 internal string BaseVirtualDir {
1045 if (baseVirtualDir == null)
1046 baseVirtualDir = UrlUtils.GetDirectory (FilePath);
1048 return baseVirtualDir;
1052 internal bool IsLocal {
1054 return _WorkerRequest.GetLocalAddress () == "127.0.0.1";
1058 public byte [] BinaryRead(int count) {
1059 int iSize = TotalBytes;
1061 throw new ArgumentException();
1064 byte [] arrData = new byte[iSize];
1066 int iRetSize = InputStream.Read(arrData, 0, iSize);
1067 if (iRetSize != iSize) {
1068 byte [] tmpData = new byte[iRetSize];
1070 Array.Copy(arrData, 0, tmpData, 0, iRetSize);
1079 public int [] MapImageCoordinates(string ImageFieldName) {
1080 NameValueCollection oItems;
1082 if (HttpMethod == "GET" || HttpMethod == "HEAD") {
1083 oItems = QueryString;
1084 } else if (HttpMethod == "POST") {
1090 int [] arrRet = null;
1092 string sX = oItems.Get(ImageFieldName + ".x");
1093 string sY = oItems.Get(ImageFieldName + ".y");
1095 if (null != sX && null != sY) {
1096 int [] arrTmp = new Int32[2];
1097 arrRet[0] = Int32.Parse(sX);
1098 arrRet[1] = Int32.Parse(sY);
1109 public string MapPath (string VirtualPath)
1111 return MapPath (VirtualPath, BaseVirtualDir, true);
1114 public string MapPath (string virtualPath, string baseVirtualDir, bool allowCrossAppMapping)
1116 if (_WorkerRequest == null)
1117 throw new HttpException ("No HttpWorkerRequest!!!");
1119 if (virtualPath == null || virtualPath.Length == 0)
1122 virtualPath = virtualPath.Trim ();
1124 if (virtualPath.IndexOf (':') != -1)
1125 throw new ArgumentException ("Invalid path -> " + virtualPath);
1127 if (System.IO.Path.DirectorySeparatorChar != '/')
1128 virtualPath = virtualPath.Replace (System.IO.Path.DirectorySeparatorChar, '/');
1130 if (UrlUtils.IsRooted (virtualPath)) {
1131 virtualPath = UrlUtils.Reduce (virtualPath);
1133 if (baseVirtualDir == null) {
1134 virtualPath = UrlUtils.Combine (RootVirtualDir, virtualPath);
1136 virtualPath = UrlUtils.Combine (baseVirtualDir, virtualPath);
1140 if (!allowCrossAppMapping) {
1141 if (!virtualPath.ToLower ().StartsWith (RootVirtualDir.ToLower ()))
1142 throw new HttpException ("Mapping across applications not allowed.");
1144 if (RootVirtualDir.Length > 1 && virtualPath.Length > 1 && virtualPath [0] != '/')
1145 throw new HttpException ("Mapping across applications not allowed.");
1148 return _WorkerRequest.MapPath (virtualPath);
1151 public void SaveAs(string filename, bool includeHeaders) {
1154 HttpRequestStream oData;
1156 oFile = new FileStream(filename, FileMode.CreateNew);
1157 if (includeHeaders) {
1158 oWriter = new StreamWriter(oFile);
1159 oWriter.Write(HttpMethod + " " + Path);
1161 if (QueryStringRaw != null && QueryStringRaw.Length > 0)
1162 oWriter.Write("?" + QueryStringRaw);
1163 if (_WorkerRequest != null) {
1164 oWriter.Write(" " + _WorkerRequest.GetHttpVersion() + "\r\n");
1165 oWriter.Write(GetAllHeaders(true));
1167 oWriter.Write("\r\n");
1170 oWriter.Write("\r\n");
1174 oData = (HttpRequestStream) InputStream;
1176 if (oData.DataLength > 0) {
1177 oFile.Write(oData.Data, oData.DataOffset, oData.DataLength);
1185 public void ValidateInput ()
1187 validateCookies = true;
1188 validateQueryString = true;
1189 validateForm = true;
1193 internal void SetCurrentExePath (string filePath)
1195 currentExePath = filePath;
1197 _sFilePath = filePath;
1198 _sRequestRootVirtualDir = null;
1199 baseVirtualDir = null;
1200 _sPathTranslated = null;
1203 internal void SetPathInfo (string pathInfo)
1205 _sPathInfo = pathInfo;
1208 internal void SetForm (HttpValueCollection form)
1213 internal void SetHeader (string name, string value)
1215 HttpValueCollection headers = (HttpValueCollection) Headers;
1216 headers.MakeReadWrite ();
1217 headers [name] = value;
1218 headers.MakeReadOnly ();
1221 internal string ClientTarget {
1222 get { return clientTarget; }
1224 if (value != clientTarget) {
1225 clientTarget = value;
1232 static void ValidateNameValueCollection (string name, NameValueCollection coll)
1237 foreach (string key in coll.Keys) {
1238 string val = coll [key];
1239 if (CheckString (val))
1240 ThrowValidationException (name, key, val);
1244 static void ValidateCookieCollection (HttpCookieCollection cookies)
1246 if (cookies == null)
1249 int size = cookies.Count;
1251 for (int i = 0 ; i < size ; i++) {
1252 cookie = cookies[i];
1253 if (CheckString (cookie.Value))
1254 ThrowValidationException ("Cookies", cookie.Name, cookie.Value);
1258 static void ThrowValidationException (string name, string key, string value)
1260 string v = "\"" + value + "\"";
1262 v = v.Substring (0, 16) + "...\"";
1264 string msg = String.Format ("A potentially dangerous Request.{0} value was " +
1265 "detected from the client ({1}={2}).", name, key, v);
1267 throw new HttpRequestValidationException (msg);
1270 static bool CheckString (string val)
1276 foreach (char c in val) {
1277 if (c == '<' || c == '>' || c == '\xff1c' || c == '\xff1e')