using System.Security;
using System.Security.Permissions;
using System.Security.Principal;
+using System.Threading;
using System.Web.Configuration;
using System.Web.Management;
using System.Web.UI;
using System.Web.Util;
using System.Globalization;
-#if NET_4_0
using System.Security.Authentication.ExtendedProtection;
using System.Web.Routing;
-#endif
namespace System.Web
{
bool checked_cookies, checked_query_string, checked_form;
static readonly UrlMappingCollection urlMappings;
readonly static char [] queryTrimChars = {'?'};
-#if NET_4_0
bool lazyFormValidation;
bool lazyQueryStringValidation;
bool inputValidationEnabled;
return chars;
}
-#endif
static HttpRequest ()
{
urlMappings = null;
}
-#if NET_4_0
Version validationMode = HttpRuntime.Section.RequestValidationMode;
if (validationMode >= new Version (4, 0)) {
if (!String.IsNullOrEmpty (invalidChars))
RequestPathInvalidCharacters = CharsFromList (invalidChars);
}
-#endif
} catch {
// unlikely to happen
}
public HttpBrowserCapabilities Browser {
get {
if (browser_capabilities == null)
-#if NET_4_0
browser_capabilities = HttpCapabilitiesBase.BrowserCapabilitiesProvider.GetBrowserCapabilities (this);
-#else
- browser_capabilities = (HttpBrowserCapabilities)
- HttpCapabilitiesBase.GetConfigCapabilities (null, this);
-#endif
return browser_capabilities;
}
cookies = CookiesNoValidation;
}
-#if TARGET_J2EE
- // For J2EE portal support we emulate cookies using the session.
- GetSessionCookiesForPortal (cookies);
-#endif
bool needValidation = validate_cookies;
-#if NET_4_0
needValidation |= validateRequestNewMode;
-#endif
if (needValidation && !checked_cookies) {
// Setting this before calling the validator prevents
// possible endless recursion
return FilePath;
}
}
-#if NET_4_0
public string CurrentExecutionFilePathExtension {
get { return global::System.IO.Path.GetExtension (CurrentExecutionFilePath); }
}
-#endif
public string AppRelativeCurrentExecutionFilePath {
get {
return VirtualPathUtility.ToAppRelative (CurrentExecutionFilePath);
//
// Loads the form data from on a application/x-www-form-urlencoded post
//
-#if TARGET_J2EE
- void RawLoadWwwForm ()
-#else
void LoadWwwForm ()
-#endif
{
using (Stream input = GetSubStream (InputStream)) {
using (StreamReader s = new StreamReader (input, ContentEncoding)) {
public NameValueCollection Form {
get {
NameValueCollection form = FormUnvalidated;
-#if NET_4_0
if (validateRequestNewMode && !checked_form) {
if (!lazyFormValidation) {
// Setting this before calling the validator prevents
ValidateNameValueCollection ("Form", form, RequestValidationSource.Form);
}
} else
-#endif
if (validate_form && !checked_form){
checked_form = true;
ValidateNameValueCollection ("Form", form);
get {
if (headers == null) {
headers = HeadersNoValidation;
-#if NET_4_0
if (validateRequestNewMode) {
RequestValidator validator = RequestValidator.Current;
int validationFailureIndex;
ThrowValidationException ("Headers", hkey, value);
}
}
-#endif
}
return headers;
} catch {}
}
}
-#if NET_4_0
public RequestContext RequestContext {
get {
if (requestContext == null)
}
}
+ public Stream GetBufferedInputStream ()
+ {
+ return input_stream;
+ }
+
public Stream GetBufferlessInputStream ()
{
if (bufferlessInputStream == null) {
return bufferlessInputStream;
}
+ public Stream GetBufferlessInputStream (bool disableMaxRequestLength)
+ {
+ return GetBufferlessInputStream ();
+ }
+
//
// Stream that returns the data as it is read, without buffering
//
// TODO: explicitly support the async methods if there is a convenient way of doing it
//
}
-#endif
public Stream InputStream {
get {
if (input_stream == null)
get {
if (unescaped_path == null) {
unescaped_path = PathNoValidation;
-#if NET_4_0
if (validateRequestNewMode) {
RequestValidator validator = RequestValidator.Current;
int validationFailureIndex;
if (!validator.IsValidRequestString (HttpContext.Current, unescaped_path, RequestValidationSource.Path, null, out validationFailureIndex))
ThrowValidationException ("Path", "Path", unescaped_path);
}
-#endif
}
return unescaped_path;
get {
if (path_info == null) {
path_info = PathInfoNoValidation;
-#if NET_4_0
if (validateRequestNewMode) {
RequestValidator validator = RequestValidator.Current;
int validationFailureIndex;
if (!validator.IsValidRequestString (HttpContext.Current, path_info, RequestValidationSource.PathInfo, null, out validationFailureIndex))
ThrowValidationException ("PathInfo", "PathInfo", path_info);
}
-#endif
}
return path_info;
public NameValueCollection QueryString {
get {
NameValueCollection query_string_nvc = QueryStringUnvalidated;
-#if NET_4_0
if (validateRequestNewMode && !checked_query_string) {
if (!lazyQueryStringValidation) {
// Setting this before calling the validator prevents
ValidateNameValueCollection ("QueryString", query_string_nvc, RequestValidationSource.QueryString);
}
} else
-#endif
if (validate_query_string && !checked_query_string) {
// Setting this before calling the validator prevents
// possible endless recursion
get {
if (raw_url == null) {
raw_url = RawUrlUnvalidated;
-#if NET_4_0
if (validateRequestNewMode) {
RequestValidator validator = RequestValidator.Current;
int validationFailureIndex;
if (!validator.IsValidRequestString (HttpContext.Current, raw_url, RequestValidationSource.RawUrl, null, out validationFailureIndex))
ThrowValidationException ("RawUrl", "RawUrl", raw_url);
}
-#endif
}
return raw_url;
}
}
+ public CancellationToken TimedOutToken {
+ get {
+ throw new NotImplementedException ();
+ }
+ }
+
public int TotalBytes {
get {
Stream ins = InputStream;
}
}
-#if NET_4_5
public UnvalidatedRequestValues Unvalidated {
get {
var vals = new UnvalidatedRequestValues ();
return vals;
}
}
-#endif
public Uri Url {
get {
}
public int [] MapImageCoordinates (string imageFieldName)
+ {
+ string[] parameters = GetImageCoordinatesParameters (imageFieldName);
+ if (parameters == null)
+ return null;
+ int [] result = new int [2];
+ try {
+ result [0] = Int32.Parse (parameters [0]);
+ result [1] = Int32.Parse (parameters [1]);
+ } catch {
+ return null;
+ }
+
+ return result;
+ }
+
+ public double [] MapRawImageCoordinates (string imageFieldName)
+ {
+ string[] parameters = GetImageCoordinatesParameters (imageFieldName);
+ if (parameters == null)
+ return null;
+ double [] result = new double [2];
+ try {
+ result [0] = Double.Parse (parameters [0]);
+ result [1] = Double.Parse (parameters [1]);
+ } catch {
+ return null;
+ }
+
+ return result;
+ }
+
+ string [] GetImageCoordinatesParameters (string imageFieldName)
{
string method = HttpMethod;
NameValueCollection coll = null;
string y = coll [imageFieldName + ".y"];
if (y == null || y == "")
return null;
-
- int [] result = new int [2];
- try {
- result [0] = Int32.Parse (x);
- result [1] = Int32.Parse (y);
- } catch {
- return null;
- }
+ string[] result = new string [] { x, y };
return result;
}
validate_cookies = true;
validate_query_string = true;
validate_form = true;
-#if NET_4_0
inputValidationEnabled = true;
-#endif
}
-#if NET_4_0
internal void Validate ()
{
var cfg = HttpRuntime.Section;
if (validateRequestNewMode)
ValidateInput ();
}
-#endif
#region internal routines
internal string ClientTarget {
get {
string path = UrlComponents.Path;
UrlComponents.Path = path + PathInfo;
}
-#if NET_4_0
internal void SetFormCollection (WebROCollection coll, bool lazyValidation)
{
if (coll == null)
query_string_nvc = coll;
lazyQueryStringValidation = lazyValidation;
}
-#endif
// Headers is ReadOnly, so we need this hack for cookie-less sessions.
internal void SetHeader (string name, string value)
{
ThrowValidationException (name, key, val);
}
}
-#if NET_4_0
static void ValidateNameValueCollection (string name, NameValueCollection coll, RequestValidationSource source)
{
if (coll == null)
{
throw new PlatformNotSupportedException ("This method is not supported.");
}
-#endif
static void ValidateCookieCollection (HttpCookieCollection cookies)
{
if (cookies == null)
int size = cookies.Count;
HttpCookie cookie;
-#if NET_4_0
RequestValidator validator = RequestValidator.Current;
int validationFailureIndex;
HttpContext context = HttpContext.Current;
-#endif
bool invalid;
for (int i = 0 ; i < size ; i++) {
string name = cookie.Name;
if (!String.IsNullOrEmpty (value)) {
-#if NET_4_0
if (validateRequestNewMode)
invalid = !validator.IsValidRequestString (context, value, RequestValidationSource.Cookies, name, out validationFailureIndex);
else
-#endif
invalid = IsInvalidString (value);
if (invalid)
throw new HttpRequestValidationException (msg);
}
-#if NET_4_0
internal static void ValidateString (string key, string value, RequestValidationSource source)
{
if (String.IsNullOrEmpty (value))
if (IsInvalidString (value, out ignore))
ThrowValidationException (source.ToString (), key, value);
}
-#endif
internal static bool IsInvalidString (string val)
{
#pragma warning disable 219