Beispiel #1
0
        /// <summary>
        /// Initializes the LDAP DN safe lists.
        /// </summary>
        private static void InitialiseDistinguishedNameSafeList()
        {
            DistinguishedNameSafeListSyncLock.EnterWriteLock();
            try
            {
                if (distinguishedNameCharacterValues == null)
                {
                    distinguishedNameCharacterValues = SafeList.Generate(255, SafeList.HashThenHexValueGenerator);
                    SafeList.PunchSafeList(ref distinguishedNameCharacterValues, DistinguishedNameSafeList());

                    // Now mark up the specially listed characters from http://www.ietf.org/rfc/rfc2253.txt
                    EscapeDistinguisedNameCharacter(',');
                    EscapeDistinguisedNameCharacter('+');
                    EscapeDistinguisedNameCharacter('"');
                    EscapeDistinguisedNameCharacter('\\');
                    EscapeDistinguisedNameCharacter('<');
                    EscapeDistinguisedNameCharacter('>');
                    EscapeDistinguisedNameCharacter(';');
                }
            }
            finally
            {
                DistinguishedNameSafeListSyncLock.ExitWriteLock();
            }
        }
Beispiel #2
0
 /// <summary>
 /// Initializes the HTML safe list.
 /// </summary>
 private static void InitialiseSafeList()
 {
     syncLock.EnterWriteLock();
     try
     {
         characterValues = SafeList.Generate(255, SafeList.PercentThenHexValueGenerator);
         SafeList.PunchSafeList(ref characterValues, UrlParameterSafeList());
     }
     finally
     {
         syncLock.ExitWriteLock();
     }
 }
Beispiel #3
0
 /// <summary>
 /// Initializes the LDAP filter safe lists.
 /// </summary>
 private static void InitialiseFilterSafeList()
 {
     FilterSafeListSyncLock.EnterWriteLock();
     try
     {
         if (filterCharacterValues == null)
         {
             filterCharacterValues = SafeList.Generate(255, SafeList.SlashThenHexValueGenerator);
             SafeList.PunchSafeList(ref filterCharacterValues, FilterEncodingSafeList());
         }
     }
     finally
     {
         FilterSafeListSyncLock.ExitWriteLock();
     }
 }
Beispiel #4
0
 /// <summary>
 /// Initializes the HTML safe list.
 /// </summary>
 private static void InitialiseSafeList()
 {
     syncLock.EnterWriteLock();
     try
     {
         if (characterValues == null)
         {
             characterValues = SafeList.Generate(0xFF, SafeList.SlashThenSixDigitHexValueGenerator);
             SafeList.PunchSafeList(ref characterValues, CssSafeList());
         }
     }
     finally
     {
         syncLock.ExitWriteLock();
     }
 }
        /// <summary>
        /// Marks characters from the specified languages as safe.
        /// </summary>
        /// <param name="lowerCodeCharts">The combination of lower code charts to use.</param>
        /// <param name="lowerMidCodeCharts">The combination of lower mid code charts to use.</param>
        /// <param name="midCodeCharts">The combination of mid code charts to use.</param>
        /// <param name="upperMidCodeCharts">The combination of upper mid code charts to use.</param>
        /// <param name="upperCodeCharts">The combination of upper code charts to use.</param>
        /// <remarks>The safe list affects all HTML and XML encoding functions.</remarks>
        public static void MarkAsSafe(
            LowerCodeCharts lowerCodeCharts,
            LowerMidCodeCharts lowerMidCodeCharts,
            MidCodeCharts midCodeCharts,
            UpperMidCodeCharts upperMidCodeCharts,
            UpperCodeCharts upperCodeCharts)
        {
            if (lowerCodeCharts == currentLowerCodeChartSettings &&
                lowerMidCodeCharts == currentLowerMidCodeChartSettings &&
                midCodeCharts == currentMidCodeChartSettings &&
                upperMidCodeCharts == currentUpperMidCodeChartSettings &&
                upperCodeCharts == currentUpperCodeChartSettings)
            {
                return;
            }

            SyncLock.EnterWriteLock();
            try
            {
                if (characterValues == null)
                {
                    characterValues = SafeList.Generate(65536, SafeList.HashThenValueGenerator);
                }

                SafeList.PunchUnicodeThrough(
                    ref characterValues,
                    lowerCodeCharts,
                    lowerMidCodeCharts,
                    midCodeCharts,
                    upperMidCodeCharts,
                    upperCodeCharts);

                ApplyHtmlSpecificValues();

                currentLowerCodeChartSettings    = lowerCodeCharts;
                currentLowerMidCodeChartSettings = lowerMidCodeCharts;
                currentMidCodeChartSettings      = midCodeCharts;
                currentUpperMidCodeChartSettings = upperMidCodeCharts;
                currentUpperCodeChartSettings    = upperCodeCharts;
            }
            finally
            {
                SyncLock.ExitWriteLock();
            }
        }
 /// <summary>
 /// Initializes the HTML safe list.
 /// </summary>
 private static void InitialiseSafeList()
 {
     SyncLock.EnterWriteLock();
     try
     {
         if (characterValues == null)
         {
             characterValues = SafeList.Generate(0xFFFF, SafeList.HashThenValueGenerator);
             SafeList.PunchUnicodeThrough(
                 ref characterValues,
                 LowerCodeCharts.Default,
                 LowerMidCodeCharts.None,
                 MidCodeCharts.None,
                 UpperMidCodeCharts.None,
                 UpperCodeCharts.None);
             ApplyHtmlSpecificValues();
         }
     }
     finally
     {
         SyncLock.ExitWriteLock();
     }
 }
        /// <summary>
        /// Encodes input strings for use in HTML.
        /// </summary>
        /// <param name="input">String to be encoded</param>
        /// <param name="useNamedEntities">Value indicating if the HTML 4.0 named entities should be used.</param>
        /// <param name="encoderTweak">A <see cref="MethodSpecificEncoder"/> function, if needed.</param>
        /// <returns>
        /// Encoded string for use in HTML.
        /// </returns>
        /// <exception cref="InvalidUnicodeValueException">Thrown if a character with an invalid Unicode value is encountered within the input string.</exception>
        /// <exception cref="InvalidSurrogatePairException">Thrown if a high surrogate code point is encoded without a following low surrogate code point, or a
        /// low surrogate code point is encounter without having been preceded by a high surrogate code point.</exception>
        private static string HtmlEncode(string input, bool useNamedEntities, MethodSpecificEncoder encoderTweak)
        {
            if (string.IsNullOrEmpty(input))
            {
                return(input);
            }

            if (characterValues == null)
            {
                InitialiseSafeList();
            }

            if (useNamedEntities && namedEntities == null)
            {
                InitialiseNamedEntityList();
            }

            // Setup a new character array for output.
            char[] inputAsArray = input.ToCharArray();
            int    outputLength = 0;
            int    inputLength  = inputAsArray.Length;

            char[] encodedInput = new char[inputLength * 10]; // Worse case scenario - the longest entity name, thetasym is 10 characters, including the & and ;.

            SyncLock.EnterReadLock();
            try
            {
                for (int i = 0; i < inputLength; i++)
                {
                    char   currentCharacter = inputAsArray[i];
                    int    currentCodePoint = inputAsArray[i];
                    char[] tweekedValue;

                    // Check for invalid values
                    if (currentCodePoint == 0xFFFE ||
                        currentCodePoint == 0xFFFF)
                    {
                        throw new InvalidUnicodeValueException(currentCodePoint);
                    }
                    else if (currentCharacter.IsHighSurrogate())
                    {
                        if (i + 1 == inputLength)
                        {
                            throw new InvalidSurrogatePairException(currentCharacter, '\0');
                        }

                        // Now peak ahead and check if the following character is a low surrogate.
                        char nextCharacter = inputAsArray[i + 1];
                        char nextCodePoint = inputAsArray[i + 1];
                        if (!nextCharacter.IsLowSurrogate())
                        {
                            throw new InvalidSurrogatePairException(currentCharacter, nextCharacter);
                        }

                        // Look-ahead was good, so skip.
                        i++;

                        // Calculate the combined code point
                        long combinedCodePoint =
                            0x10000 + ((currentCodePoint - 0xD800) * 0x400) + (nextCodePoint - 0xDC00);
                        char[] encodedCharacter = SafeList.HashThenValueGenerator(combinedCodePoint);
                        encodedInput[outputLength++] = '&';

                        for (int j = 0; j < encodedCharacter.Length; j++)
                        {
                            encodedInput[outputLength++] = encodedCharacter[j];
                        }

                        encodedInput[outputLength++] = ';';
                    }
                    else if (currentCharacter.IsLowSurrogate())
                    {
                        throw new InvalidSurrogatePairException('\0', currentCharacter);
                    }
                    else if (encoderTweak != null && encoderTweak(currentCharacter, out tweekedValue))
                    {
                        for (int j = 0; j < tweekedValue.Length; j++)
                        {
                            encodedInput[outputLength++] = tweekedValue[j];
                        }
                    }
                    else if (useNamedEntities && namedEntities[currentCodePoint] != null)
                    {
                        char[] encodedCharacter = namedEntities[currentCodePoint];
                        encodedInput[outputLength++] = '&';

                        for (int j = 0; j < encodedCharacter.Length; j++)
                        {
                            encodedInput[outputLength++] = encodedCharacter[j];
                        }

                        encodedInput[outputLength++] = ';';
                    }
                    else if (characterValues[currentCodePoint] != null)
                    {
                        // character needs to be encoded
                        char[] encodedCharacter = characterValues[currentCodePoint];
                        encodedInput[outputLength++] = '&';

                        for (int j = 0; j < encodedCharacter.Length; j++)
                        {
                            encodedInput[outputLength++] = encodedCharacter[j];
                        }

                        encodedInput[outputLength++] = ';';
                    }
                    else
                    {
                        // character does not need encoding
                        encodedInput[outputLength++] = currentCharacter;
                    }
                }
            }
            finally
            {
                SyncLock.ExitReadLock();
            }

            return(new string(encodedInput, 0, outputLength));
        }
Beispiel #8
0
        /// <summary>
        /// Encodes according to the CSS encoding rules.
        /// </summary>
        /// <param name="input">The string to encode.</param>
        /// <returns>The encoded string.</returns>
        /// <exception cref="InvalidUnicodeValueException">Thrown if a character with an invalid Unicode value is encountered within the input string.</exception>
        /// <exception cref="InvalidSurrogatePairException">Thrown if a high surrogate code point is encoded without a following low surrogate code point, or a
        /// low surrogate code point is encounter without having been preceded by a high surrogate code point.</exception>
        internal static string Encode(string input)
        {
            if (string.IsNullOrEmpty(input))
            {
                return(input);
            }

            if (characterValues == null)
            {
                InitialiseSafeList();
            }

            // Setup a new character array for output.
            char[] inputAsArray = input.ToCharArray();
            int    outputLength = 0;
            int    inputLength  = inputAsArray.Length;

            char[] encodedInput = new char[inputLength * 7]; // Worse case scenario - CSS encoding wants \XXXXXX for encoded characters.

            syncLock.EnterReadLock();
            try
            {
                for (int i = 0; i < inputLength; i++)
                {
                    char currentCharacter = inputAsArray[i];
                    int  currentCodePoint = inputAsArray[i];

                    // Check for invalid values
                    if (currentCodePoint == 0xFFFE ||
                        currentCodePoint == 0xFFFF)
                    {
                        throw new InvalidUnicodeValueException(currentCodePoint);
                    }
                    else if (currentCharacter.IsHighSurrogate())
                    {
                        if (i + 1 == inputLength)
                        {
                            throw new InvalidSurrogatePairException(currentCharacter, '\0');
                        }

                        // Now peak ahead and check if the following character is a low surrogate.
                        char nextCharacter = inputAsArray[i + 1];
                        char nextCodePoint = inputAsArray[i + 1];
                        if (!nextCharacter.IsLowSurrogate())
                        {
                            throw new InvalidSurrogatePairException(currentCharacter, nextCharacter);
                        }

                        // Look-ahead was good, so skip.
                        i++;

                        // Calculate the combined code point
                        long combinedCodePoint =
                            0x10000 + ((currentCodePoint - 0xD800) * 0x400) + (nextCodePoint - 0xDC00);
                        char[] encodedCharacter = SafeList.SlashThenSixDigitHexValueGenerator(combinedCodePoint);

                        for (int j = 0; j < encodedCharacter.Length; j++)
                        {
                            encodedInput[outputLength++] = encodedCharacter[j];
                        }
                    }
                    else if (currentCharacter.IsLowSurrogate())
                    {
                        throw new InvalidSurrogatePairException('\0', currentCharacter);
                    }
                    else if (currentCodePoint > characterValues.Length - 1)
                    {
                        char[] encodedCharacter = SafeList.SlashThenSixDigitHexValueGenerator(currentCodePoint);

                        for (int j = 0; j < encodedCharacter.Length; j++)
                        {
                            encodedInput[outputLength++] = encodedCharacter[j];
                        }
                    }
                    else if (characterValues[currentCodePoint] != null)
                    {
                        // character needs to be encoded
                        char[] encodedCharacter = characterValues[currentCodePoint];
                        for (int j = 0; j < encodedCharacter.Length; j++)
                        {
                            encodedInput[outputLength++] = encodedCharacter[j];
                        }
                    }
                    else
                    {
                        // character does not need encoding
                        encodedInput[outputLength++] = currentCharacter;
                    }
                }
            }
            finally
            {
                syncLock.ExitReadLock();
            }

            return(new string(encodedInput, 0, outputLength));
        }