// (c) 2002,2003 Ximian, Inc. (http://www.ximian.com)
// (c) 2004 Novell, Inc. (http://www.novell.com)
//
-using System;\r
-using System.Collections;\r
-using System.Collections.Specialized;\r
-using System.IO;\r
-using System.Text;\r
-using System.Web.Configuration;\r
-using System.Web.Util;\r
-\r
-namespace System.Web {\r
- [MonoTODO("Review security in all path access function")]\r
- public sealed class HttpRequest {\r
- private string [] _arrAcceptTypes;\r
- private string [] _arrUserLanguages;\r
-\r
- private byte [] _arrRawContent;\r
- private int _iContentLength;\r
-\r
- private string _sContentType;\r
- private string _sHttpMethod;\r
- private string _sRawUrl;\r
- private string _sUserAgent;\r
- private string _sUserHostAddress;\r
- private string _sUserHostName;\r
- private string _sPath;\r
- private string _sPathInfo;\r
- private string _sFilePath;\r
- private string baseVirtualDir;\r
- private string _sPathTranslated;\r
- private string _sQueryStringRaw;\r
- private string _sRequestType;\r
- private string _sRequestRootVirtualDir;\r
-\r
- private Encoding _oContentEncoding;\r
-\r
- private Uri _oUriReferrer;\r
- private Uri _oUrl;\r
-\r
- private int _iTotalBytes;\r
-\r
- private HttpContext _oContext;\r
-\r
- private HttpWorkerRequest _WorkerRequest;\r
- private HttpRequestStream _oInputStream;\r
- private HttpClientCertificate _ClientCert;\r
-\r
- private HttpValueCollection _oServerVariables;\r
- private HttpValueCollection _oHeaders;\r
- private HttpValueCollection _oQueryString;\r
- private HttpValueCollection _oFormData;\r
- private HttpValueCollection _oParams;\r
-\r
- private HttpBrowserCapabilities _browser;\r
-\r
- private HttpCookieCollection cookies;\r
- private bool rewritten;\r
+
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+//
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+using System;
+using System.Collections;
+using System.Collections.Specialized;
+using System.Globalization;
+using System.IO;
+using System.Text;
+using System.Web.Configuration;
+using System.Web.Util;
+
+#if TARGET_J2EE
+using vmw.common;
+#endif
+
+namespace System.Web {
+ [MonoTODO("Review security in all path access function")]
+ public sealed class HttpRequest {
+ private string [] _arrAcceptTypes;
+ private string [] _arrUserLanguages;
+
+ private byte [] _arrRawContent;
+ private int _iContentLength;
+
+ private string _sContentType;
+ private string _sHttpMethod;
+ private string _sRawUrl;
+ private string _sUserAgent;
+ private string _sUserHostAddress;
+ private string _sUserHostName;
+ private string _sPath;
+ private string _sPathInfo;
+ private string _sFilePath;
+ private string baseVirtualDir;
+ private string _sPathTranslated;
+ private string _sQueryStringRaw;
+ private string _sRequestType;
+ private string _sRequestRootVirtualDir;
+
+ private Encoding _oContentEncoding;
+
+ private Uri _oUriReferrer;
+ private Uri _oUrl;
+
+ private int _iTotalBytes;
+
+ private HttpContext _oContext;
+
+ private HttpWorkerRequest _WorkerRequest;
+ private HttpRequestStream _oInputStream;
+ private HttpClientCertificate _ClientCert;
+
+ private HttpValueCollection _oServerVariables;
+ private HttpValueCollection _oHeaders;
+ private HttpValueCollection _oQueryString;
+ private HttpValueCollection _oFormData;
+ private HttpValueCollection _oParams;
+
+ private HttpBrowserCapabilities _browser;
+
+ private HttpCookieCollection cookies;
Stream userFilter;
HttpRequestStream requestFilter;
+ string clientTarget;
+ string currentExePath;
#if NET_1_1
bool validateCookies;
bool validateForm;
bool validateQueryString;
+
+ bool checkedCookies;
+ bool checkedForm;
+ bool checkedQueryString;
#endif
-\r
- public HttpRequest(string Filename, string Url, string Querystring) {\r
- _iContentLength = -1;\r
- _iTotalBytes = -1;\r
-\r
- _WorkerRequest = null;\r
- _sPathTranslated = Filename;\r
- _sRequestType = "GET";\r
-\r
- _oUrl = new Uri(Url);\r
- _sPath = _oUrl.AbsolutePath;\r
-\r
- _sQueryStringRaw = Querystring;\r
+
+ public HttpRequest(string Filename, string Url, string Querystring) {
+ _iContentLength = -1;
+ _iTotalBytes = -1;
+
+ _WorkerRequest = null;
+ _sPathTranslated = Filename;
+ _sRequestType = "GET";
+
+ _oUrl = new Uri(Url);
+ _sPath = _oUrl.AbsolutePath;
+
+ _sQueryStringRaw = Querystring;
_oQueryString = new HttpValueCollection(Querystring, true, Encoding.ASCII);
- }\r
-\r
- internal HttpRequest(HttpWorkerRequest WorkRequest, HttpContext Context) {\r
- _WorkerRequest = WorkRequest;\r
- _oContext = Context;\r
-\r
- _iContentLength = -1;\r
- _iTotalBytes = -1;\r
- }\r
-\r
- static private string MakeServerVariableFromHeader(string header) {\r
- return "HTTP_" + header.ToUpper().Replace("-", "_");\r
- }\r
-\r
- [MonoTODO("Need to support non-raw mode also..")]\r
- private string GetAllHeaders(bool Raw) {\r
- StringBuilder oData;\r
-\r
- if (null == _WorkerRequest) {\r
- return null;\r
- }\r
-\r
- oData = new StringBuilder(512);\r
-\r
- string sHeaderValue;\r
- string sHeaderName;\r
- int iCount = 0;\r
-\r
- // Add all know headers\r
- for (; iCount != 40; iCount++) {\r
- sHeaderValue = _WorkerRequest.GetKnownRequestHeader(iCount);\r
- if (null != sHeaderValue && sHeaderValue.Length > 0) {\r
- sHeaderName = _WorkerRequest.GetKnownRequestHeader(iCount);\r
- if (null != sHeaderName && sHeaderName.Length > 0) {\r
- oData.Append(sHeaderName);\r
- oData.Append(": ");\r
- oData.Append(sHeaderValue);\r
- oData.Append("\r\n");\r
- }\r
- }\r
- }\r
-\r
- // Get all other headers\r
- string [][] arrUnknownHeaders = _WorkerRequest.GetUnknownRequestHeaders();\r
- if (null != arrUnknownHeaders) {\r
- for (iCount = 0; iCount != arrUnknownHeaders.Length; iCount++) {\r
- oData.Append(arrUnknownHeaders[iCount][0]);\r
- oData.Append(": ");\r
- oData.Append(arrUnknownHeaders[iCount][1]);\r
- oData.Append("\r\n");\r
- }\r
- }\r
-\r
- return oData.ToString();\r
- }\r
- \r
- [MonoTODO("We need to handly 'dynamic' variables like AUTH_USER, that can be changed during runtime... special collection")]\r
- private void ParseServerVariables() {\r
- if (null == _WorkerRequest) {\r
- return;\r
- }\r
-\r
- if (_oServerVariables == null) {\r
- string sTmp;\r
-\r
- _oServerVariables = new HttpValueCollection();\r
- \r
- _oServerVariables.Add("ALL_HTTP", GetAllHeaders(false));\r
- _oServerVariables.Add("ALL_RAW", GetAllHeaders(true));\r
-\r
- _oServerVariables.Add("APPL_MD_PATH", _WorkerRequest.GetServerVariable("APPL_MD_PATH"));\r
- _oServerVariables.Add("AUTH_PASSWORD", _WorkerRequest.GetServerVariable("AUTH_PASSWORD"));\r
- _oServerVariables.Add("CERT_COOKIE", _WorkerRequest.GetServerVariable("CERT_COOKIE"));\r
- _oServerVariables.Add("CERT_FLAGS", _WorkerRequest.GetServerVariable("CERT_FLAGS"));\r
- _oServerVariables.Add("CERT_ISSUER", _WorkerRequest.GetServerVariable("CERT_ISSUER"));\r
- _oServerVariables.Add("CERT_KEYSIZE", _WorkerRequest.GetServerVariable("CERT_KEYSIZE"));\r
- _oServerVariables.Add("CERT_SECRETKEYSIZE", _WorkerRequest.GetServerVariable("CERT_SECRETKEYSIZE"));\r
- _oServerVariables.Add("CERT_SERIALNUMBER", _WorkerRequest.GetServerVariable("CERT_SERIALNUMBER"));\r
- _oServerVariables.Add("CERT_SERVER_ISSUER", _WorkerRequest.GetServerVariable("CERT_SERVER_ISSUER"));\r
- _oServerVariables.Add("CERT_SERVER_SUBJECT", _WorkerRequest.GetServerVariable("CERT_SERVER_SUBJECT"));\r
- _oServerVariables.Add("CERT_SUBJECT", _WorkerRequest.GetServerVariable("CERT_SUBJECT"));\r
-\r
- _oServerVariables.Add("GATEWAY_INTERFACE", _WorkerRequest.GetServerVariable("GATEWAY_INTERFACE"));\r
- _oServerVariables.Add("HTTPS", _WorkerRequest.GetServerVariable("HTTPS"));\r
- _oServerVariables.Add("HTTPS_KEYSIZE", _WorkerRequest.GetServerVariable("HTTPS_KEYSIZE"));\r
- _oServerVariables.Add("HTTPS_SECRETKEYSIZE", _WorkerRequest.GetServerVariable("HTTPS_SECRETKEYSIZE"));\r
-\r
- _oServerVariables.Add("CONTENT_TYPE", ContentType);\r
- _oServerVariables.Add("HTTPS_SERVER_ISSUER", _WorkerRequest.GetServerVariable("HTTPS_SERVER_ISSUER"));\r
- _oServerVariables.Add("HTTPS_SERVER_SUBJECT", _WorkerRequest.GetServerVariable("HTTPS_SERVER_SUBJECT"));\r
- _oServerVariables.Add("INSTANCE_ID", _WorkerRequest.GetServerVariable("INSTANCE_ID"));\r
- _oServerVariables.Add("INSTANCE_META_PATH", _WorkerRequest.GetServerVariable("INSTANCE_META_PATH"));\r
- _oServerVariables.Add("LOCAL_ADDR", _WorkerRequest.GetLocalAddress());\r
- _oServerVariables.Add("REMOTE_ADDR", UserHostAddress);\r
- _oServerVariables.Add("REMOTE_HOST", UserHostName);\r
- _oServerVariables.Add("REMOTE_PORT", _WorkerRequest.GetRemotePort ().ToString ());\r
- _oServerVariables.Add("REQUEST_METHOD", HttpMethod);\r
- _oServerVariables.Add("SERVER_NAME", _WorkerRequest.GetServerName());\r
- _oServerVariables.Add("SERVER_PORT", _WorkerRequest.GetLocalPort().ToString());\r
- _oServerVariables.Add("SERVER_PROTOCOL", _WorkerRequest.GetHttpVersion());\r
- _oServerVariables.Add("SERVER_SOFTWARE", _WorkerRequest.GetServerVariable("SERVER_SOFTWARE"));\r
-\r
- if (_WorkerRequest.IsSecure()) {\r
- _oServerVariables.Add("SERVER_PORT_SECURE", "1");\r
- } else {\r
- _oServerVariables.Add("SERVER_PORT_SECURE", "0");\r
- }\r
-\r
- sTmp = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderContentLength);\r
- if (null != sTmp) {\r
- _oServerVariables.Add("CONTENT_LENGTH", sTmp);\r
- }\r
-\r
- // TODO: Should be dynamic\r
- if (null != _oContext.User && _oContext.User.Identity.IsAuthenticated) {\r
- _oServerVariables.Add("AUTH_TYPE", _oContext.User.Identity.AuthenticationType);\r
- _oServerVariables.Add("AUTH_USER", _oContext.User.Identity.Name);\r
- } else {\r
- _oServerVariables.Add("AUTH_TYPE", "");\r
- _oServerVariables.Add("AUTH_USER", "");\r
- }\r
-\r
- _oServerVariables.Add("PATH_INFO", PathInfo);\r
- _oServerVariables.Add("PATH_TRANSLATED", PhysicalPath);\r
- _oServerVariables.Add("QUERY_STRING", QueryStringRaw);\r
- _oServerVariables.Add("SCRIPT_NAME", FilePath);\r
- // end dynamic\r
- \r
- _oServerVariables.MakeReadOnly();\r
- }\r
- }\r
-\r
- private void ParseFormData ()\r
- {\r
- string contentType = ContentType;
- if (0 == String.Compare (contentType, "application/x-www-form-urlencoded", true)) {
+ }
+
+ internal HttpRequest(HttpWorkerRequest WorkRequest, HttpContext Context) {
+ _WorkerRequest = WorkRequest;
+ _oContext = Context;
+
+ _iContentLength = -1;
+ _iTotalBytes = -1;
+ }
+
+ internal void AddHeaderVariables (ServerVariablesCollection coll)
+ {
+ if (null == _WorkerRequest)
+ return;
+
+ string hname;
+ string hvalue;
+
+ // Add all known headers
+ for (int i = 0; i < HttpWorkerRequest.RequestHeaderMaximum; i++) {
+ hvalue = _WorkerRequest.GetKnownRequestHeader (i);
+ if (null != hvalue && hvalue.Length > 0) {
+ hname = HttpWorkerRequest.GetKnownRequestHeaderName (i);
+ if (null != hname && hname.Length > 0)
+ coll.Add ("HTTP_" + hname.ToUpper ().Replace ('-', '_'), hvalue);
+ }
+ }
+
+ // Get all other headers
+ string [][] unknown = _WorkerRequest.GetUnknownRequestHeaders ();
+ if (null != unknown) {
+ for (int i = 0; i < unknown.Length; i++) {
+ hname = unknown [i][0];
+ hvalue = unknown [i][1];
+ coll.Add ("HTTP_" + hname.ToUpper ().Replace ('-', '_'), hvalue);
+ }
+ }
+ }
+
+ internal string GetAllHeaders(bool raw) {
+ StringBuilder oData;
+
+ if (null == _WorkerRequest) {
+ return null;
+ }
+
+ oData = new StringBuilder(512);
+
+ string sHeaderValue;
+ string sHeaderName;
+ int iCount = 0;
+
+ // Add all known headers
+ for (; iCount != HttpWorkerRequest.RequestHeaderMaximum; iCount++) {
+ sHeaderValue = _WorkerRequest.GetKnownRequestHeader(iCount);
+ if (null != sHeaderValue && sHeaderValue.Length > 0) {
+ sHeaderName = HttpWorkerRequest.GetKnownRequestHeaderName(iCount);
+ if (null != sHeaderName && sHeaderName.Length > 0) {
+ if (raw) {
+ oData.Append(sHeaderName);
+ } else {
+ oData.Append ("HTTP_");
+ oData.Append (sHeaderName.ToUpper ().Replace ('-', '_'));
+ }
+ oData.Append(": ");
+ oData.Append(sHeaderValue);
+ oData.Append("\r\n");
+ }
+ }
+ }
+
+ // Get all other headers
+ string [][] arrUnknownHeaders = _WorkerRequest.GetUnknownRequestHeaders();
+ if (null != arrUnknownHeaders) {
+ for (iCount = 0; iCount != arrUnknownHeaders.Length; iCount++) {
+ string hname = arrUnknownHeaders[iCount][0];
+ if (raw) {
+ oData.Append (hname);
+ } else {
+ oData.Append ("HTTP_");
+ oData.Append (hname.ToUpper ().Replace ('-', '_'));
+ }
+ oData.Append(": ");
+ oData.Append(arrUnknownHeaders[iCount][1]);
+ oData.Append("\r\n");
+ }
+ }
+
+ return oData.ToString();
+ }
+
+ [MonoTODO("We need to handly 'dynamic' variables like AUTH_USER, that can be changed during runtime... special collection")]
+ private void ParseServerVariables() {
+ if (null == _WorkerRequest) {
+ return;
+ }
+
+ if (_oServerVariables == null){
+ _oServerVariables = new ServerVariablesCollection (this);
+ _oServerVariables.MakeReadOnly ();
+ }
+ }
+
+ private void ParseFormData ()
+ {
+ string content_type = ContentType;
+ if (content_type == null)
+ return;
+
+ content_type = content_type.ToLower (CultureInfo.InvariantCulture);
+ if (content_type == "application/x-www-form-urlencoded") {
byte [] arrData = GetRawContent ();
Encoding enc = ContentEncoding;
string data = enc.GetString (arrData);
_oFormData = new HttpValueCollection (data, true, enc);
return;
}
- if (!ContentType.StartsWith ("multipart/form-data")) {
- if (contentType.Length > 0)
- Console.WriteLine ("Content-Type -> {0} not supported", contentType);
- _oFormData = new HttpValueCollection ();
- return;
- }
-
- MultipartContentElement [] parts = GetMultipartFormData ();
+
_oFormData = new HttpValueCollection ();
- if (parts == null) return;
+ if (StrUtils.StartsWith (content_type, "multipart/form-data")) {
+ MultipartContentElement [] parts = GetMultipartFormData ();
+ if (parts == null)
+ return;
+ Encoding content_encoding = ContentEncoding;
+ foreach (MultipartContentElement p in parts) {
+ if (p.IsFormItem) {
+ _oFormData.Add (p.Name, p.GetString (content_encoding));
+ }
+ }
+ }
+ }
+
+ [MonoTODO("void Dispose")]
+ internal void Dispose() {
+ }
+
+ private byte [] GetRawContent ()
+ {
+ if (_arrRawContent != null)
+ return _arrRawContent;
+
+ if (null == _WorkerRequest) {
+ if (QueryStringRaw == null)
+ return null;
+ char [] q = QueryStringRaw.ToCharArray ();
+ _arrRawContent = new byte [q.Length];
+ for (int i = 0; i < q.Length; i++)
+ _arrRawContent [i] = (byte) q [i];
+ return _arrRawContent;
+ }
+
+ _arrRawContent = _WorkerRequest.GetPreloadedEntityBody ();
+ if (_arrRawContent == null)
+ _arrRawContent = new byte [0];
+
+ int length = ContentLength;
+ HttpRuntimeConfig cfg = (HttpRuntimeConfig) _oContext.GetConfig ("system.web/httpRuntime");
+ int maxRequestLength = cfg.MaxRequestLength * 1024;
+ if (length > maxRequestLength) {
+ throw new HttpException (400, "Maximum request length exceeded.");
+ }
- foreach (MultipartContentElement p in parts) {
- if (!p.IsFormItem) continue;
- _oFormData.Add (p.Name, p.GetString (ContentEncoding));
- }\r
-\r
- }\r
-\r
- [MonoTODO("void Dispose")]\r
- internal void Dispose() { \r
- }\r
-\r
- private byte [] GetRawContent ()\r
- {\r
- if (_arrRawContent != null)\r
- return _arrRawContent;\r
-\r
- if (null == _WorkerRequest) {\r
- if (QueryStringRaw == null)\r
- return null;\r
- char [] q = QueryStringRaw.ToCharArray ();\r
- _arrRawContent = new byte [q.Length];\r
- for (int i = 0; i < q.Length; i++)\r
- _arrRawContent [i] = (byte) q [i];\r
- return _arrRawContent;\r
- }\r
-\r
- _arrRawContent = _WorkerRequest.GetPreloadedEntityBody ();\r
- if (_arrRawContent == null)\r
- _arrRawContent = new byte [0];\r
-\r
- int length = ContentLength;\r
- if (_WorkerRequest.IsEntireEntityBodyIsPreloaded () || length <= _arrRawContent.Length)\r
- return _arrRawContent;\r
-\r
- byte [] arrBuffer = new byte [Math.Min (16384, length)];\r
- MemoryStream ms = new MemoryStream (arrBuffer.Length);\r
- ms.Write (_arrRawContent, 0, _arrRawContent.Length);\r
+ if (_WorkerRequest.IsEntireEntityBodyIsPreloaded () || length <= _arrRawContent.Length)
+ return _arrRawContent;
+
+ byte [] result = new byte [length];
+ int offset = _arrRawContent.Length;
+ Buffer.BlockCopy (_arrRawContent, 0, result, 0, offset);
+
int read = 0;
+ byte [] arrBuffer = new byte [Math.Min (16384, length)];
int bufLength = arrBuffer.Length;
- for (int loaded = _arrRawContent.Length; loaded < length; loaded += read) {
- if (length - loaded < bufLength)
- bufLength = length - loaded;
+ for (; offset < length; offset += read) {
+ if (length - offset < bufLength)
+ bufLength = length - offset;
read = _WorkerRequest.ReadEntityBody (arrBuffer, bufLength);
if (read == 0 ||read == -1 )
break;
- ms.Write (arrBuffer, 0, read);
+ if (length > maxRequestLength || offset + read > maxRequestLength)
+ throw new HttpException (400, "Maximum request length exceeded.");
+
+ Buffer.BlockCopy (arrBuffer, 0, result, offset, read);
}
- byte [] msBuffer = ms.GetBuffer ();
- if (msBuffer.Length == length)
- _arrRawContent = msBuffer;
- else
- _arrRawContent = ms.ToArray ();
+ if (offset < length)
+ throw new HttpException (400, "Data length is shorter than Content-Length.");
+ _arrRawContent = result;
if (userFilter != null) {
requestFilter.Set (_arrRawContent, 0, _arrRawContent.Length);
int userLength = Convert.ToInt32 (userFilter.Length - userFilter.Position);
_arrRawContent = filtered;
}
- return _arrRawContent;\r
- }\r
-\r
- public string [] AcceptTypes {\r
- get {\r
- if (null == _arrAcceptTypes && null != _WorkerRequest) {\r
- _arrAcceptTypes = HttpHelper.ParseMultiValueHeader(_WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderAccept));\r
- } \r
-\r
- return _arrAcceptTypes;\r
- \r
- }\r
- }\r
-\r
- public string ApplicationPath {\r
- get {\r
- if (null != _WorkerRequest) {\r
- return _WorkerRequest.GetAppPath();\r
- }\r
-\r
- return null;\r
- }\r
- }\r
+ return _arrRawContent;
+ }
+
+ internal HttpContext Context {
+ get { return _oContext; }
+ }
+
+ internal HttpWorkerRequest WorkerRequest {
+ get { return _WorkerRequest; }
+ }
+
+ public string [] AcceptTypes {
+ get {
+ if (null == _arrAcceptTypes && null != _WorkerRequest) {
+ _arrAcceptTypes = HttpHelper.ParseMultiValueHeader(_WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderAccept));
+ }
+
+ return _arrAcceptTypes;
+
+ }
+ }
+
+ public string ApplicationPath {
+ get {
+ if (null != _WorkerRequest) {
+ return _WorkerRequest.GetAppPath();
+ }
+
+ return null;
+ }
+ }
public HttpBrowserCapabilities Browser {
get {
set { _browser = value; }
}
- public HttpClientCertificate ClientCertificate {\r
- get {\r
- if (null == _ClientCert) {\r
- _ClientCert = new HttpClientCertificate(_oContext);\r
- }\r
-\r
- return _ClientCert;\r
- }\r
- }\r
-\r
- private string GetValueFromHeader (string header, string attr)\r
- {\r
- int where = header.IndexOf (attr + '=');\r
- if (where == -1)\r
- return null;\r
-\r
- where += attr.Length + 1;\r
- int max = header.Length;\r
- if (where >= max)\r
- return String.Empty;\r
-\r
- char ending = header [where];\r
- if (ending != '"')\r
- ending = ' ';\r
-\r
- int end = header.Substring (where + 1).IndexOf (ending);\r
- if (end == -1)\r
- return (ending == '"') ? null : header.Substring (where);\r
-\r
- return header.Substring (where, end);\r
- }\r
- \r
- public Encoding ContentEncoding\r
- {\r
- get {\r
- if (_oContentEncoding == null) {\r
- if (_WorkerRequest != null && \r
+ public HttpClientCertificate ClientCertificate {
+ get {
+ if (null == _ClientCert) {
+ _ClientCert = new HttpClientCertificate(_oContext);
+ }
+
+ return _ClientCert;
+ }
+ }
+
+ private string GetValueFromHeader (string header, string attr)
+ {
+ int where = header.IndexOf (attr + '=');
+ if (where == -1)
+ return null;
+
+ where += attr.Length + 1;
+ int max = header.Length;
+ if (where >= max)
+ return String.Empty;
+
+ char ending = header [where];
+ if (ending != '"')
+ ending = ' ';
+
+ int end = header.Substring (where + 1).IndexOf (ending);
+ if (end == -1)
+ return (ending == '"') ? null : header.Substring (where);
+
+ return header.Substring (where, end);
+ }
+
+ public Encoding ContentEncoding
+ {
+ get {
+ if (_oContentEncoding == null) {
+ if (_WorkerRequest != null &&
(!_WorkerRequest.HasEntityBody () || ContentType != String.Empty)) {
_oContentEncoding = WebEncoding.RequestEncoding;
- } else {\r
- string charset;\r
- charset = GetValueFromHeader (_sContentType, "charset");\r
- try {\r
- _oContentEncoding = Encoding.GetEncoding (charset);\r
- } catch {\r
- _oContentEncoding = WebEncoding.RequestEncoding;\r
- }\r
- }\r
- }\r
-\r
- return _oContentEncoding;\r
- }\r
-\r
- set {\r
- _oContentEncoding = value;\r
- }\r
- }\r
-\r
- public int ContentLength {\r
- get {\r
- if (_iContentLength == -1 && null != _WorkerRequest) {\r
- string sLength = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderContentLength);\r
- if (sLength != null) {\r
- try {\r
- _iContentLength = Int32.Parse(sLength);\r
- }\r
- catch(Exception) {\r
- }\r
- } \r
- }\r
-\r
- if (_iContentLength < 0) {\r
- _iContentLength = 0;\r
- }\r
-\r
- return _iContentLength;\r
- }\r
- }\r
+ } else {
+ string charset;
+ charset = GetValueFromHeader (_sContentType, "charset");
+ try {
+ _oContentEncoding = Encoding.GetEncoding (charset);
+ } catch {
+ _oContentEncoding = WebEncoding.RequestEncoding;
+ }
+ }
+ }
+
+ return _oContentEncoding;
+ }
+
+ set {
+ _oContentEncoding = value;
+ }
+ }
+
+ public int ContentLength {
+ get {
+ if (_iContentLength == -1 && null != _WorkerRequest) {
+ string sLength = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderContentLength);
+ if (sLength != null) {
+ try {
+ _iContentLength = Int32.Parse(sLength);
+ }
+ catch(Exception) {
+ }
+ }
+ }
+
+ if (_iContentLength < 0) {
+ _iContentLength = 0;
+ }
+
+ return _iContentLength;
+ }
+ }
public string ContentType {
get {
#endif
}
- static private string GetCookieValue (string str, int length, ref int i)\r
- {\r
- if (i >= length)\r
- return null;\r
-\r
- int k = i;\r
- while (k < length && Char.IsWhiteSpace (str [k]))\r
- k++;\r
-\r
- int begin = k;\r
- while (k < length && str [k] != ';')\r
- k++;\r
-\r
- i = k;\r
- return str.Substring (begin, i - begin).Trim ();\r
- }\r
-\r
- static private string GetCookieName (string str, int length, ref int i)\r
- {\r
- if (i >= length)\r
- return null;\r
-\r
- int k = i;\r
- while (k < length && Char.IsWhiteSpace (str [k]))\r
- k++;\r
-\r
- int begin = k;\r
- while (k < length && str [k] != ';' && str [k] != '=')\r
- k++;\r
-\r
- i = k + 1;\r
- return str.Substring (begin, k - begin).Trim ();\r
- }\r
-\r
- private void GetCookies ()\r
- {\r
- string header = _WorkerRequest.GetKnownRequestHeader (HttpWorkerRequest.HeaderCookie);\r
- if (header == null || header.Length == 0)\r
- return;\r
-\r
- /* RFC 2109\r
- * cookie = "Cookie:" cookie-version\r
- * 1*((";" | ",") cookie-value)\r
- * cookie-value = NAME "=" VALUE [";" path] [";" domain]\r
- * cookie-version = "$Version" "=" value\r
- * NAME = attr\r
- * VALUE = value\r
- * path = "$Path" "=" value\r
- * domain = "$Domain" "=" value\r
- *\r
- * MS ignores $Version! \r
- * ',' as a separator produces errors.\r
- */\r
-\r
- string [] name_values = header.Trim ().Split (';');\r
- int length = name_values.Length;\r
- HttpCookie cookie = null;\r
- int pos;\r
- for (int i = 0; i < length; i++) {\r
- pos = 0;\r
- string name_value = name_values [i].Trim ();\r
- string name = GetCookieName (name_value, name_value.Length, ref pos);\r
- string value = GetCookieValue (name_value, name_value.Length, ref pos);\r
- if (cookie != null) {\r
- if (name == "$Path") {\r
- cookie.Path = value;\r
- continue;\r
- } else if (name == "$Domain") {\r
- cookie.Domain = value;\r
- continue;\r
- } else {\r
- cookies.Add (cookie);\r
- cookie = null;\r
- }\r
- }\r
- cookie = new HttpCookie (name, value);\r
- }\r
-\r
- if (cookie != null)\r
- cookies.Add (cookie);\r
- }\r
-\r
- public HttpCookieCollection Cookies\r
- {\r
- get {\r
- if (cookies == null) {\r
- cookies = new HttpCookieCollection (null, false);\r
- if (_WorkerRequest != null)\r
- GetCookies ();\r
+ static private string GetCookieValue (string str, int length, ref int i)
+ {
+ if (i >= length)
+ return null;
+
+ int k = i;
+ while (k < length && Char.IsWhiteSpace (str [k]))
+ k++;
+
+ int begin = k;
+ while (k < length && str [k] != ';')
+ k++;
+
+ i = k;
+ return str.Substring (begin, i - begin).Trim ();
+ }
+
+ static private string GetCookieName (string str, int length, ref int i)
+ {
+ if (i >= length)
+ return null;
+
+ int k = i;
+ while (k < length && Char.IsWhiteSpace (str [k]))
+ k++;
+
+ int begin = k;
+ while (k < length && str [k] != ';' && str [k] != '=')
+ k++;
+
+ i = k + 1;
+ return str.Substring (begin, k - begin).Trim ();
+ }
+
+ private void GetCookies ()
+ {
+ string header = _WorkerRequest.GetKnownRequestHeader (HttpWorkerRequest.HeaderCookie);
+ if (header == null || header.Length == 0)
+ return;
+
+ /* RFC 2109
+ * cookie = "Cookie:" cookie-version
+ * 1*((";" | ",") cookie-value)
+ * cookie-value = NAME "=" VALUE [";" path] [";" domain]
+ * cookie-version = "$Version" "=" value
+ * NAME = attr
+ * VALUE = value
+ * path = "$Path" "=" value
+ * domain = "$Domain" "=" value
+ *
+ * MS ignores $Version!
+ * ',' as a separator produces errors.
+ */
+
+ string [] name_values = header.Trim ().Split (';');
+ int length = name_values.Length;
+ HttpCookie cookie = null;
+ int pos;
+ for (int i = 0; i < length; i++) {
+ pos = 0;
+ string name_value = name_values [i].Trim ();
+ string name = GetCookieName (name_value, name_value.Length, ref pos);
+ string value = GetCookieValue (name_value, name_value.Length, ref pos);
+ if (cookie != null) {
+ if (name == "$Path") {
+ cookie.Path = value;
+ continue;
+ } else if (name == "$Domain") {
+ cookie.Domain = value;
+ continue;
+ } else {
+ cookies.Add (cookie);
+ cookie = null;
+ }
+ }
+ cookie = new HttpCookie (name, value);
+ }
+
+ if (cookie != null)
+ cookies.Add (cookie);
+ }
+
+ public HttpCookieCollection Cookies
+ {
+ get {
+ if (cookies == null) {
+ cookies = new HttpCookieCollection (null, false);
+ if (_WorkerRequest != null)
+ GetCookies ();
+ }
#if NET_1_1
- if (validateCookies)
- ValidateCookieCollection (cookies);
+ if (validateCookies && !checkedCookies) {
+ ValidateCookieCollection (cookies);
+ checkedCookies = true;
+ }
#endif
- }\r
-\r
- return cookies;\r
- }\r
- }\r
-\r
- public string CurrentExecutionFilePath {\r
- get {\r
- return FilePath;\r
- }\r
- }\r
-\r
- public string FilePath {\r
- get {\r
- if (null == _sFilePath && null != _WorkerRequest) {\r
- _sFilePath = _WorkerRequest.GetFilePath();\r
- try {\r
- _sFilePath = UrlUtils.Reduce (_sFilePath);\r
- } catch (Exception) {\r
- throw new HttpException (403, "Forbidden");\r
- }\r
- }\r
-\r
- return _sFilePath;\r
- }\r
- }\r
-\r
- HttpFileCollection files;\r
- public HttpFileCollection Files {\r
- get {\r
+ return cookies;
+ }
+ }
+
+ public string CurrentExecutionFilePath {
+ get {
+ if (currentExePath != null)
+ return currentExePath;
+
+ return FilePath;
+ }
+ }
+
+ public string FilePath {
+ get {
+ if (null == _sFilePath && null != _WorkerRequest) {
+ _sFilePath = _WorkerRequest.GetFilePath();
+ try {
+ _sFilePath = UrlUtils.Reduce (_sFilePath);
+ } catch (Exception) {
+ throw new HttpException (403, "Forbidden");
+ }
+ }
+
+ return _sFilePath;
+ }
+ }
+
+ HttpFileCollection files;
+ public HttpFileCollection Files {
+ get {
if (files != null)
return files;
files = new HttpFileCollection ();
FillPostedFiles ();
return files;
- \r
- }\r
+
+ }
}
void FillPostedFiles ()
{
- if (!ContentType.StartsWith ("multipart/form-data")) return;
+ if (!StrUtils.StartsWith (ContentType, "multipart/form-data"))
+ return;
MultipartContentElement [] parts = GetMultipartFormData ();
if (parts == null) return;
get {
if (_oFormData == null) {
ParseFormData ();
+ }
#if NET_1_1
- if (validateForm)
- ValidateNameValueCollection ("Form", _oFormData);
-#endif
+ if (validateForm && !checkedForm) {
+ ValidateNameValueCollection ("Form", _oFormData);
+ checkedForm = true;
}
+#endif
return _oFormData;
}
}
- public NameValueCollection Headers {\r
- get {\r
- if (_oHeaders == null) {\r
- _oHeaders = new HttpValueCollection();\r
-\r
- if (null != _WorkerRequest) {\r
- string sHeaderValue;\r
- string sHeaderName;\r
- int iCount = 0;\r
-\r
- // Add all know headers\r
- for (; iCount != 40; iCount++) {\r
- sHeaderValue = _WorkerRequest.GetKnownRequestHeader(iCount);\r
- if (null != sHeaderValue && sHeaderValue.Length > 0) {\r
- sHeaderName = HttpWorkerRequest.GetKnownRequestHeaderName(iCount);\r
- if (null != sHeaderName && sHeaderName.Length > 0) {\r
- _oHeaders.Add(sHeaderName, sHeaderValue);\r
- }\r
- }\r
- }\r
-\r
- // Get all other headers\r
- string [][] arrUnknownHeaders = _WorkerRequest.GetUnknownRequestHeaders();\r
- if (null != arrUnknownHeaders) {\r
- for (iCount = 0; iCount != arrUnknownHeaders.Length; iCount++) {\r
- _oHeaders.Add(arrUnknownHeaders[iCount][0], arrUnknownHeaders[iCount][1]);\r
- }\r
- }\r
- }\r
-\r
- // Make headers read-only\r
- _oHeaders.MakeReadOnly();\r
- }\r
-\r
- return (NameValueCollection) _oHeaders;\r
- }\r
- }\r
-\r
- public string HttpMethod {\r
- get {\r
- if (null == _sHttpMethod) {\r
- if (null != _WorkerRequest) {\r
- _sHttpMethod = _WorkerRequest.GetHttpVerbName().ToUpper();\r
- }\r
- \r
- if (_sHttpMethod == null) {\r
- if (RequestType != null)\r
- _sHttpMethod = RequestType;\r
- else\r
- _sHttpMethod = "GET";\r
- }\r
- }\r
-\r
- return _sHttpMethod;\r
- }\r
- }\r
-\r
- public Stream InputStream {\r
- get {\r
- if (_oInputStream == null) {\r
- byte [] arrInputData = GetRawContent ();\r
-\r
- if (null != arrInputData) {\r
- _oInputStream = new HttpRequestStream(arrInputData, 0, arrInputData.Length);\r
- } else {\r
- _oInputStream = new HttpRequestStream(null, 0, 0);\r
- }\r
- }\r
-\r
- return _oInputStream;\r
- } \r
- }\r
-\r
- public bool IsAuthenticated {\r
- get {\r
- if (_oContext != null && _oContext.User != null && _oContext.User.Identity != null) {\r
- return _oContext.User.Identity.IsAuthenticated;\r
- }\r
-\r
- return false;\r
- }\r
- }\r
-\r
- public bool IsSecureConnection {\r
- get {\r
- if (null != _WorkerRequest) {\r
- return _WorkerRequest.IsSecure();\r
- }\r
-\r
- return false;\r
- }\r
- }\r
-\r
- public string this [string sKey] {\r
- get {\r
- string result = QueryString [sKey];\r
- if (result != null)\r
- return result;\r
-\r
- result = Form [sKey];\r
- if (result != null)\r
- return result;\r
-\r
- HttpCookie cookie = Cookies [sKey];\r
- if (cookie != null)\r
- return cookie.Value;\r
-\r
- return ServerVariables [sKey];\r
- }\r
- }\r
-\r
- public NameValueCollection Params {\r
- get {\r
- if (_oParams == null) {\r
- _oParams = new HttpValueCollection();\r
- \r
- _oParams.Merge(QueryString);\r
- _oParams.Merge(Form);\r
- _oParams.Merge(ServerVariables);\r
- string [] cookies = Cookies.AllKeys;\r
- foreach (string k in cookies)\r
- _oParams.Add (k, Cookies [k].ToString ());\r
- _oParams.MakeReadOnly();\r
- }\r
-\r
- return (NameValueCollection) _oParams;\r
- }\r
- }\r
- \r
- public string Path {\r
- get {\r
- if (_sPath == null) {\r
- if (null != _WorkerRequest) {\r
- _sPath = _WorkerRequest.GetUriPath();\r
- }\r
-\r
- if (_sPath == null) {\r
- _sPath = string.Empty;\r
- }\r
- }\r
-\r
- return _sPath;\r
- }\r
- }\r
- \r
- public string PathInfo {\r
- get {\r
- if (_sPathInfo == null) {\r
- if (null != _WorkerRequest) {\r
- _sPathInfo = _WorkerRequest.GetPathInfo();\r
- }\r
-\r
- if (_sPathInfo == null) {\r
- _sPathInfo = string.Empty;\r
- }\r
- }\r
- \r
- return _sPathInfo;\r
- }\r
- }\r
-\r
- public string PhysicalApplicationPath {\r
- get {\r
- if (null != _WorkerRequest) {\r
- return _WorkerRequest.GetAppPathTranslated();\r
- }\r
-\r
- return null;\r
- }\r
- }\r
-\r
- public string PhysicalPath {\r
- get {\r
- if (_sPathTranslated == null && _WorkerRequest != null) {\r
- if (rewritten)\r
- _sPathTranslated = _WorkerRequest.GetFilePathTranslated ();\r
-\r
- string verifyPath = _WorkerRequest.MapPath (FilePath);\r
- if (null == _sPathTranslated)\r
- _sPathTranslated = verifyPath;\r
- }\r
-\r
- return _sPathTranslated;\r
- }\r
- }\r
-\r
+ public NameValueCollection Headers {
+ get {
+ if (_oHeaders == null) {
+ _oHeaders = new HttpValueCollection();
+
+ if (null != _WorkerRequest) {
+ string sHeaderValue;
+ string sHeaderName;
+ int iCount = 0;
+
+ // Add all know headers
+ for (; iCount != 40; iCount++) {
+ sHeaderValue = _WorkerRequest.GetKnownRequestHeader(iCount);
+ if (null != sHeaderValue && sHeaderValue.Length > 0) {
+ sHeaderName = HttpWorkerRequest.GetKnownRequestHeaderName(iCount);
+ if (null != sHeaderName && sHeaderName.Length > 0) {
+ _oHeaders.Add(sHeaderName, sHeaderValue);
+ }
+ }
+ }
+
+ // Get all other headers
+ string [][] arrUnknownHeaders = _WorkerRequest.GetUnknownRequestHeaders();
+ if (null != arrUnknownHeaders) {
+ for (iCount = 0; iCount != arrUnknownHeaders.Length; iCount++) {
+ _oHeaders.Add(arrUnknownHeaders[iCount][0], arrUnknownHeaders[iCount][1]);
+ }
+ }
+ }
+
+ // Make headers read-only
+ _oHeaders.MakeReadOnly();
+ }
+
+ return (NameValueCollection) _oHeaders;
+ }
+ }
+
+ public string HttpMethod {
+ get {
+ if (null == _sHttpMethod) {
+ if (null != _WorkerRequest) {
+ _sHttpMethod = _WorkerRequest.GetHttpVerbName().ToUpper();
+ }
+
+ if (_sHttpMethod == null) {
+ if (RequestType != null)
+ _sHttpMethod = RequestType;
+ else
+ _sHttpMethod = "GET";
+ }
+ }
+
+ return _sHttpMethod;
+ }
+ }
+
+ public Stream InputStream {
+ get {
+ if (_oInputStream == null) {
+ byte [] arrInputData = GetRawContent ();
+
+ if (null != arrInputData) {
+ _oInputStream = new HttpRequestStream(arrInputData, 0, arrInputData.Length);
+ } else {
+ _oInputStream = new HttpRequestStream(null, 0, 0);
+ }
+ }
+
+ return _oInputStream;
+ }
+ }
+
+ public bool IsAuthenticated {
+ get {
+ if (_oContext != null && _oContext.User != null && _oContext.User.Identity != null) {
+ return _oContext.User.Identity.IsAuthenticated;
+ }
+
+ return false;
+ }
+ }
+
+ public bool IsSecureConnection {
+ get {
+ if (null != _WorkerRequest) {
+ return _WorkerRequest.IsSecure();
+ }
+
+ return false;
+ }
+ }
+
+ public string this [string sKey] {
+ get {
+ string result = QueryString [sKey];
+ if (result != null)
+ return result;
+
+ result = Form [sKey];
+ if (result != null)
+ return result;
+
+ HttpCookie cookie = Cookies [sKey];
+ if (cookie != null)
+ return cookie.Value;
+
+ return ServerVariables [sKey];
+ }
+ }
+
+ public NameValueCollection Params {
+ get {
+ if (_oParams == null) {
+ _oParams = new HttpValueCollection();
+
+ _oParams.Merge(QueryString);
+ _oParams.Merge(Form);
+ _oParams.Merge(ServerVariables);
+ int count = Cookies.Count;
+ for (int i = 0; i< count; i++) {
+ HttpCookie cookie = Cookies [i];
+ _oParams.Add (cookie.Name, cookie.Value);
+ }
+ _oParams.MakeReadOnly();
+ }
+
+ return (NameValueCollection) _oParams;
+ }
+ }
+
+ public string Path {
+ get {
+ if (_sPath == null) {
+ if (null != _WorkerRequest) {
+ _sPath = _WorkerRequest.GetUriPath();
+ }
+
+ if (_sPath == null) {
+ _sPath = string.Empty;
+ }
+ }
+
+ return _sPath;
+ }
+ }
+
+ public string PathInfo {
+ get {
+ if (_sPathInfo == null) {
+ if (null != _WorkerRequest) {
+ _sPathInfo = _WorkerRequest.GetPathInfo();
+ }
+
+ if (_sPathInfo == null) {
+ _sPathInfo = string.Empty;
+ }
+ }
+
+ return _sPathInfo;
+ }
+ }
+
+ public string PhysicalApplicationPath {
+ get {
+ if (null != _WorkerRequest) {
+ return _WorkerRequest.GetAppPathTranslated();
+ }
+
+ return null;
+ }
+ }
+
+ public string PhysicalPath {
+ get {
+ if (_sPathTranslated == null && _WorkerRequest != null)
+ _sPathTranslated = _WorkerRequest.MapPath (CurrentExecutionFilePath);
+
+ return _sPathTranslated;
+ }
+ }
+
public NameValueCollection QueryString {
get {
if (_oQueryString == null) {
_oQueryString = new HttpValueCollection(QueryStringRaw, true,
Encoding.ASCII);
}
+ }
#if NET_1_1
- if (validateQueryString)
- ValidateNameValueCollection ("QueryString", _oQueryString);
+ if (validateQueryString && !checkedQueryString) {
+ ValidateNameValueCollection ("QueryString", _oQueryString);
+ checkedQueryString = true;
+ }
#endif
+ return _oQueryString;
+ }
+ }
+
+ // Used to parse the querystring
+ internal string QueryStringRaw {
+ get {
+ if (_sQueryStringRaw == null && null != _WorkerRequest) {
+ byte [] arrQuerystringBytes = _WorkerRequest.GetQueryStringRawBytes();
+ if (null != arrQuerystringBytes && arrQuerystringBytes.Length > 0) {
+ _sQueryStringRaw = ContentEncoding.GetString(arrQuerystringBytes);
+ } else {
+ _sQueryStringRaw = _WorkerRequest.GetQueryString();
+ }
}
- return _oQueryString;
+ if (_sQueryStringRaw == null) {
+ _sQueryStringRaw = string.Empty;
+ }
+
+ return _sQueryStringRaw;
+ }
+
+ set {
+ _sQueryStringRaw = value;
+ _oQueryString = null;
+ _arrRawContent = null;
+ _sRawUrl = null;
+ }
+ }
+
+ public string RawUrl {
+ get {
+ if (null == _sRawUrl) {
+ if (null != _WorkerRequest) {
+ _sRawUrl = _WorkerRequest.GetRawUrl();
+ } else {
+ _sRawUrl = Path;
+ if (QueryStringRaw != null && QueryStringRaw.Length > 0) {
+ _sRawUrl = _sRawUrl + "?" + QueryStringRaw;
+ }
+ }
+ }
+
+ return _sRawUrl;
+ }
+ }
+
+ public string RequestType {
+ get {
+ if (null == _sRequestType) {
+ return HttpMethod;
+ }
+
+ return _sRequestType;
+ }
+
+ set {
+ _sRequestType = value;
}
}
+
+
+ public NameValueCollection ServerVariables {
+ get {
+ ParseServerVariables();
+
+ return (NameValueCollection) _oServerVariables;
+ }
+ }
- // Used to parse the querystring\r
- internal string QueryStringRaw {\r
- get {\r
- if (_sQueryStringRaw == null && null != _WorkerRequest) {\r
- byte [] arrQuerystringBytes = _WorkerRequest.GetQueryStringRawBytes();\r
- if (null != arrQuerystringBytes && arrQuerystringBytes.Length > 0) {\r
- _sQueryStringRaw = ContentEncoding.GetString(arrQuerystringBytes);\r
- } else {\r
- _sQueryStringRaw = _WorkerRequest.GetQueryString(); \r
- }\r
- }\r
-\r
- if (_sQueryStringRaw == null) {\r
- _sQueryStringRaw = string.Empty;\r
- }\r
-\r
- return _sQueryStringRaw;\r
- }\r
- \r
- set {\r
- _sQueryStringRaw = value;\r
- _oQueryString = null;\r
- _arrRawContent = null;\r
- _sRawUrl = null;\r
- }\r
- }\r
-\r
- public string RawUrl {\r
- get {\r
- if (null == _sRawUrl) {\r
- if (null != _WorkerRequest) {\r
- _sRawUrl = _WorkerRequest.GetRawUrl();\r
- } else {\r
- _sRawUrl = Path;\r
- if (QueryStringRaw != null && QueryStringRaw.Length > 0) {\r
- _sRawUrl = _sRawUrl + "?" + QueryStringRaw;\r
- }\r
- }\r
- }\r
-\r
- return _sRawUrl;\r
- }\r
- }\r
-\r
- public string RequestType {\r
- get {\r
- if (null == _sRequestType) {\r
- return HttpMethod;\r
- }\r
- \r
- return _sRequestType;\r
- }\r
-\r
- set {\r
- _sRequestType = value;\r
- }\r
- }\r
- \r
- \r
- public NameValueCollection ServerVariables {\r
- get {\r
- ParseServerVariables();\r
-\r
- return (NameValueCollection) _oServerVariables;\r
- }\r
- } \r
-\r
- public int TotalBytes {\r
- get {\r
- if (_iTotalBytes == -1) {\r
- if (null != InputStream) {\r
- _iTotalBytes = (int) InputStream.Length;\r
- } else {\r
- _iTotalBytes = 0;\r
- }\r
- }\r
-\r
- return _iTotalBytes;\r
- }\r
- }\r
-\r
- public Uri Url {\r
- get {\r
- if (_oUrl != null || _WorkerRequest == null)\r
- return _oUrl;\r
-\r
- string qs = QueryStringRaw;\r
- if (qs == null)\r
- qs = "";\r
- else\r
- qs = "?" + qs;\r
-\r
- UriBuilder ub = new UriBuilder (_WorkerRequest.GetProtocol (),\r
- _WorkerRequest.GetServerName (),\r
- _WorkerRequest.GetLocalPort (),\r
- Path,\r
- qs);\r
-\r
- _oUrl = ub.Uri;\r
- return _oUrl;\r
- }\r
- }\r
-\r
- public Uri UrlReferrer {\r
- get {\r
- if (null == _oUriReferrer && null != _WorkerRequest) {\r
- string sReferrer = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderReferer);\r
- if (null != sReferrer && sReferrer.Length > 0) {\r
- try {\r
- if (sReferrer.IndexOf("://") >= 0) {\r
- _oUriReferrer = new Uri(sReferrer);\r
- } else {\r
- _oUriReferrer = new Uri(this.Url, sReferrer);\r
- }\r
- }\r
- catch (Exception) {\r
- }\r
- }\r
- }\r
-\r
- return _oUriReferrer;\r
- }\r
- }\r
-\r
- public string UserAgent {\r
- get {\r
- if (_sUserAgent == null && _WorkerRequest != null) {\r
- _sUserAgent = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderUserAgent);\r
- }\r
-\r
- if (_sUserAgent == null) {\r
- _sUserAgent = string.Empty;\r
- }\r
-\r
- return _sUserAgent;\r
- }\r
- }\r
-\r
- public string UserHostAddress {\r
- get {\r
- if (_sUserHostAddress == null && null != _WorkerRequest) {\r
- _sUserHostAddress = _WorkerRequest.GetRemoteAddress();\r
- }\r
-\r
- if (_sUserHostAddress == null || _sUserHostAddress.Length == 0) {\r
- _sUserHostAddress = "127.0.0.1";\r
- }\r
-\r
- return _sUserHostAddress;\r
- }\r
- }\r
- \r
- public string UserHostName {\r
- get {\r
- if (_sUserHostName == null && null != _WorkerRequest) {\r
- _sUserHostName = _WorkerRequest.GetRemoteName();\r
- }\r
-\r
- if (_sUserHostName == null || _sUserHostName.Length == 0) {\r
- _sUserHostName = UserHostAddress;\r
- }\r
-\r
- return _sUserHostName;\r
- }\r
- }\r
- \r
- public string [] UserLanguages {\r
- get {\r
- if (_arrUserLanguages == null && null != _WorkerRequest) {\r
- _arrUserLanguages = HttpHelper.ParseMultiValueHeader(_WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderAcceptLanguage));\r
- }\r
-\r
- return _arrUserLanguages;\r
- }\r
- }\r
-\r
- internal string RootVirtualDir {\r
- get {\r
- if (_sRequestRootVirtualDir == null) {\r
- _sRequestRootVirtualDir = FilePath;\r
- int pos = _sRequestRootVirtualDir.LastIndexOf ('/');\r
- if (pos == -1 || pos == 0)\r
- _sRequestRootVirtualDir = "/";\r
- else\r
- _sRequestRootVirtualDir = _sRequestRootVirtualDir.Substring (0, pos);\r
- }\r
-\r
- return _sRequestRootVirtualDir;\r
- }\r
- }\r
- \r
- internal string BaseVirtualDir {\r
- get {\r
- if (baseVirtualDir == null)\r
- baseVirtualDir = UrlUtils.GetDirectory (FilePath);\r
-\r
- return baseVirtualDir;\r
- }\r
+ public int TotalBytes {
+ get {
+ if (_iTotalBytes == -1) {
+ if (null != InputStream) {
+ _iTotalBytes = (int) InputStream.Length;
+ } else {
+ _iTotalBytes = 0;
+ }
+ }
+
+ return _iTotalBytes;
+ }
+ }
+
+ public Uri Url {
+ get {
+ if (_oUrl != null || _WorkerRequest == null)
+ return _oUrl;
+
+ string qs = QueryStringRaw;
+ if (qs == null)
+ qs = "";
+ else
+ qs = "?" + qs;
+
+ UriBuilder ub = new UriBuilder (_WorkerRequest.GetProtocol (),
+ _WorkerRequest.GetServerName (),
+ _WorkerRequest.GetLocalPort (),
+ Path,
+ qs);
+
+ _oUrl = ub.Uri;
+ return _oUrl;
+ }
+ }
+
+ public Uri UrlReferrer {
+ get {
+ if (null == _oUriReferrer && null != _WorkerRequest) {
+ string sReferrer = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderReferer);
+ if (null != sReferrer && sReferrer.Length > 0) {
+ try {
+ if (sReferrer.IndexOf("://") >= 0) {
+ _oUriReferrer = new Uri(sReferrer);
+ } else {
+ _oUriReferrer = new Uri(this.Url, sReferrer);
+ }
+ }
+ catch (Exception) {
+ }
+ }
+ }
+
+ return _oUriReferrer;
+ }
+ }
+
+ public string UserAgent {
+ get {
+ if (_sUserAgent == null && _WorkerRequest != null) {
+ _sUserAgent = _WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderUserAgent);
+ }
+
+ if (_sUserAgent == null) {
+ _sUserAgent = string.Empty;
+ }
+
+ return _sUserAgent;
+ }
+ }
+
+ public string UserHostAddress {
+ get {
+ if (_sUserHostAddress == null && null != _WorkerRequest) {
+ _sUserHostAddress = _WorkerRequest.GetRemoteAddress();
+ }
+
+ if (_sUserHostAddress == null || _sUserHostAddress.Length == 0) {
+ _sUserHostAddress = "127.0.0.1";
+ }
+
+ return _sUserHostAddress;
+ }
+ }
+
+ public string UserHostName {
+ get {
+ if (_sUserHostName == null && null != _WorkerRequest) {
+ _sUserHostName = _WorkerRequest.GetRemoteName();
+ }
+
+ if (_sUserHostName == null || _sUserHostName.Length == 0) {
+ _sUserHostName = UserHostAddress;
+ }
+
+ return _sUserHostName;
+ }
+ }
+
+ public string [] UserLanguages {
+ get {
+ if (_arrUserLanguages == null && null != _WorkerRequest) {
+ _arrUserLanguages = HttpHelper.ParseMultiValueHeader(_WorkerRequest.GetKnownRequestHeader(HttpWorkerRequest.HeaderAcceptLanguage));
+ }
+
+ return _arrUserLanguages;
+ }
+ }
+
+ internal string RootVirtualDir {
+ get {
+ if (_sRequestRootVirtualDir == null) {
+ _sRequestRootVirtualDir = FilePath;
+ int pos = _sRequestRootVirtualDir.LastIndexOf ('/');
+ if (pos == -1 || pos == 0)
+ _sRequestRootVirtualDir = "/";
+ else
+ _sRequestRootVirtualDir = _sRequestRootVirtualDir.Substring (0, pos);
+ }
+
+ return _sRequestRootVirtualDir;
+ }
+ }
+
+ internal string BaseVirtualDir {
+ get {
+ if (baseVirtualDir == null)
+ baseVirtualDir = UrlUtils.GetDirectory (FilePath);
+
+ return baseVirtualDir;
+ }
}
internal bool IsLocal {
}
}
- public byte [] BinaryRead(int count) {\r
- int iSize = TotalBytes;\r
- if (iSize == 0) {\r
- throw new ArgumentException();\r
- }\r
-\r
- byte [] arrData = new byte[iSize];\r
- \r
- int iRetSize = InputStream.Read(arrData, 0, iSize);\r
- if (iRetSize != iSize) {\r
- byte [] tmpData = new byte[iRetSize];\r
- if (iRetSize > 0) {\r
- Array.Copy(arrData, 0, tmpData, 0, iRetSize);\r
- }\r
-\r
- arrData = tmpData;\r
- }\r
-\r
- return arrData;\r
- }\r
-\r
- public int [] MapImageCoordinates(string ImageFieldName) {\r
- NameValueCollection oItems;\r
-\r
- if (HttpMethod == "GET" || HttpMethod == "HEAD") {\r
- oItems = QueryString;\r
- } else if (HttpMethod == "POST") {\r
- oItems = Form;\r
- } else {\r
- return null;\r
- }\r
-\r
- int [] arrRet = null;\r
- try {\r
- string sX = oItems.Get(ImageFieldName + ".x");\r
- string sY = oItems.Get(ImageFieldName + ".y");\r
-\r
- if (null != sX && null != sY) {\r
- int [] arrTmp = new Int32[2];\r
- arrRet[0] = Int32.Parse(sX);\r
- arrRet[1] = Int32.Parse(sY);\r
-\r
- arrRet = arrTmp;\r
- }\r
- }\r
- catch (Exception) {\r
- }\r
-\r
- return arrRet;\r
- }\r
-\r
- public string MapPath (string VirtualPath)\r
- {\r
- return MapPath (VirtualPath, BaseVirtualDir, true);\r
- }\r
-\r
- public string MapPath (string virtualPath, string baseVirtualDir, bool allowCrossAppMapping)\r
- {\r
- if (_WorkerRequest == null)\r
- throw new HttpException ("No HttpWorkerRequest!!!");\r
-\r
- if (virtualPath == null || virtualPath.Length == 0)\r
- virtualPath = ".";\r
- else\r
- virtualPath = virtualPath.Trim ();\r
-\r
- if (virtualPath.IndexOf (':') != -1)\r
- throw new ArgumentException ("Invalid path -> " + virtualPath);\r
-\r
- if (System.IO.Path.DirectorySeparatorChar != '/')\r
- virtualPath = virtualPath.Replace (System.IO.Path.DirectorySeparatorChar, '/');\r
-\r
- if (UrlUtils.IsRooted (virtualPath)) {\r
- virtualPath = UrlUtils.Reduce (virtualPath);\r
- } else {\r
- if (baseVirtualDir == null) {\r
- virtualPath = UrlUtils.Combine (RootVirtualDir, virtualPath);\r
- } else {\r
- virtualPath = UrlUtils.Combine (baseVirtualDir, virtualPath);\r
- }\r
- }\r
-\r
- if (!allowCrossAppMapping) {\r
- if (!virtualPath.ToLower ().StartsWith (RootVirtualDir.ToLower ()))\r
- throw new HttpException ("Mapping across applications not allowed.");\r
-\r
- if (RootVirtualDir.Length > 1 && virtualPath.Length > 1 && virtualPath [0] != '/')\r
- throw new HttpException ("Mapping across applications not allowed.");\r
- }\r
- \r
- return _WorkerRequest.MapPath (virtualPath);\r
- }\r
-\r
- public void SaveAs(string filename, bool includeHeaders) {\r
- FileStream oFile;\r
- TextWriter oWriter;\r
- HttpRequestStream oData;\r
-\r
- oFile = new FileStream(filename, FileMode.CreateNew);\r
- if (includeHeaders) {\r
- oWriter = new StreamWriter(oFile);\r
- oWriter.Write(HttpMethod + " " + Path);\r
-\r
- if (QueryStringRaw != null && QueryStringRaw.Length > 0)\r
- oWriter.Write("?" + QueryStringRaw);\r
- if (_WorkerRequest != null) {\r
- oWriter.Write(" " + _WorkerRequest.GetHttpVersion() + "\r\n");\r
- oWriter.Write(GetAllHeaders(true));\r
- } else {\r
- oWriter.Write("\r\n");\r
- }\r
-\r
- oWriter.Write("\r\n");\r
- oWriter.Flush();\r
- }\r
-\r
- oData = (HttpRequestStream) InputStream;\r
-\r
- if (oData.DataLength > 0) {\r
- oFile.Write(oData.Data, oData.DataOffset, oData.DataLength);\r
- }\r
-\r
- oFile.Flush();\r
- oFile.Close();\r
- }\r
+ public byte [] BinaryRead (int count)
+ {
+ if (count < 0 || count > TotalBytes)
+ throw new ArgumentOutOfRangeException ("count");
+
+ byte [] data = new byte [count];
+ int nread = InputStream.Read (data, 0, count);
+ if (nread != count) {
+ byte [] tmp = new byte [nread];
+ Buffer.BlockCopy (data, 0, tmp, 0, nread);
+ data = tmp;
+ }
+
+ return data;
+ }
+
+ public int [] MapImageCoordinates(string ImageFieldName) {
+ NameValueCollection oItems;
+
+ if (HttpMethod == "GET" || HttpMethod == "HEAD") {
+ oItems = QueryString;
+ } else if (HttpMethod == "POST") {
+ oItems = Form;
+ } else {
+ return null;
+ }
+
+ int [] arrRet = null;
+ try {
+ string sX = oItems.Get(ImageFieldName + ".x");
+ string sY = oItems.Get(ImageFieldName + ".y");
+
+ if (null != sX && null != sY) {
+ int [] arrTmp = new Int32[2];
+ arrRet[0] = Int32.Parse(sX);
+ arrRet[1] = Int32.Parse(sY);
+
+ arrRet = arrTmp;
+ }
+ }
+ catch (Exception) {
+ }
+
+ return arrRet;
+ }
+
+ public string MapPath (string VirtualPath)
+ {
+ return MapPath (VirtualPath, BaseVirtualDir, true);
+ }
+
+ public string MapPath (string virtualPath, string baseVirtualDir, bool allowCrossAppMapping)
+ {
+ if (_WorkerRequest == null)
+ throw new HttpException ("No HttpWorkerRequest!!!");
+
+#if TARGET_J2EE
+ if (baseVirtualDir.Equals(BaseVirtualDir))
+ {
+ string val = System.Web.J2EE.PageMapper.GetFromMapPathCache(virtualPath);
+ if (val != null)
+ return val;
+ }
+#endif
+
+ if (virtualPath == null || virtualPath.Length == 0)
+ virtualPath = ".";
+ else
+ virtualPath = virtualPath.Trim ();
+
+ if (virtualPath.IndexOf (':') != -1)
+ throw new ArgumentException ("Invalid path -> " + virtualPath);
+#if TARGET_J2EE
+ if (virtualPath.StartsWith(IAppDomainConfig.WAR_ROOT_SYMBOL))
+ return virtualPath;
+#endif
+ if (System.IO.Path.DirectorySeparatorChar != '/')
+ virtualPath = virtualPath.Replace (System.IO.Path.DirectorySeparatorChar, '/');
+
+ if (UrlUtils.IsRooted (virtualPath)) {
+ virtualPath = UrlUtils.Reduce (virtualPath);
+ } else {
+ if (baseVirtualDir == null) {
+ virtualPath = UrlUtils.Combine (RootVirtualDir, virtualPath);
+ } else {
+ virtualPath = UrlUtils.Combine (baseVirtualDir, virtualPath);
+ }
+ }
+
+ if (!allowCrossAppMapping) {
+ if (!StrUtils.StartsWith (virtualPath, RootVirtualDir, true))
+ throw new HttpException ("Mapping across applications not allowed.");
+
+ if (RootVirtualDir.Length > 1 && virtualPath.Length > 1 && virtualPath [0] != '/')
+ throw new HttpException ("Mapping across applications not allowed.");
+ }
+
+ return _WorkerRequest.MapPath (virtualPath);
+ }
+
+ public void SaveAs(string filename, bool includeHeaders) {
+ FileStream oFile;
+ TextWriter oWriter;
+ HttpRequestStream oData;
+
+ oFile = new FileStream(filename, FileMode.CreateNew);
+ if (includeHeaders) {
+ oWriter = new StreamWriter(oFile);
+ oWriter.Write(HttpMethod + " " + Path);
+
+ if (QueryStringRaw != null && QueryStringRaw.Length > 0)
+ oWriter.Write("?" + QueryStringRaw);
+ if (_WorkerRequest != null) {
+ oWriter.Write(" " + _WorkerRequest.GetHttpVersion() + "\r\n");
+ oWriter.Write(GetAllHeaders(true));
+ } else {
+ oWriter.Write("\r\n");
+ }
+
+ oWriter.Write("\r\n");
+ oWriter.Flush();
+ }
+
+ oData = (HttpRequestStream) InputStream;
+
+ if (oData.DataLength > 0) {
+ oFile.Write(oData.Data, oData.DataOffset, oData.DataLength);
+ }
+
+ oFile.Flush();
+ oFile.Close();
+ }
#if NET_1_1
public void ValidateInput ()
}
#endif
- internal void SetFilePath (string filePath)
+ internal void SetCurrentExePath (string filePath)
{
+ currentExePath = filePath;
+ _sPath = filePath;
_sFilePath = filePath;
+ _sRequestRootVirtualDir = null;
+ baseVirtualDir = null;
+ _sPathTranslated = null;
}
internal void SetPathInfo (string pathInfo)
headers.MakeReadOnly ();
}
+ internal string ClientTarget {
+ get { return clientTarget; }
+ set {
+ if (value != clientTarget) {
+ clientTarget = value;
+ _browser = null;
+ }
+ }
+ }
+
#if NET_1_1
static void ValidateNameValueCollection (string name, NameValueCollection coll)
{
if (cookies == null)
return;
- int size = cookies.Count;\r
- HttpCookie cookie;\r
- for (int i = 0 ; i < size ; i++) {\r
- cookie = cookies[i];\r
- if (CheckString (cookie.Value))\r
- ThrowValidationException ("Cookies", cookie.Name, cookie.Value);\r
+ int size = cookies.Count;
+ HttpCookie cookie;
+ for (int i = 0 ; i < size ; i++) {
+ cookie = cookies[i];
+ if (CheckString (cookie.Value))
+ ThrowValidationException ("Cookies", cookie.Name, cookie.Value);
}
}
{
string v = "\"" + value + "\"";
if (v.Length > 20)
- v = v.Substring (16) + "...\"";
+ v = v.Substring (0, 16) + "...\"";
string msg = String.Format ("A potentially dangerous Request.{0} value was " +
"detected from the client ({1}={2}).", name, key, v);
throw new HttpRequestValidationException (msg);
}
- static char [] dangerousChars = "<>".ToCharArray ();
static bool CheckString (string val)
{
if (val == null)
return false;
//TODO: More checks
- if (val.IndexOfAny (dangerousChars) != -1 && val.Length > 1) {
- foreach (char c in val)
- if (Array.IndexOf (dangerousChars, c) != -1)
- return true;
+ foreach (char c in val) {
+ if (c == '<' || c == '>' || c == '\xff1c' || c == '\xff1e')
+ return true;
}
return false;