public ActionResult Process(HttpContextBase context, AuthenticateCallbackData model) { if (model.Exception != null) throw model.Exception; var client = model.AuthenticatedClient; var username = client.UserInformation.UserName; FormsAuthentication.SetAuthCookie(username, false); context.Response.AppendCookie(new HttpCookie("AccessToken", client.AccessToken.SecretToken) { Secure = !context.IsDebuggingEnabled, HttpOnly = true }); var urlHelper = new UrlHelper(((MvcHandler)context.Handler).RequestContext); var redirectUrl = string.Format("/{0}/", username); var cookie = context.Request.Cookies["returnUrl"]; if (cookie != null && urlHelper.IsLocalUrl(cookie.Value)) { redirectUrl = cookie.Value; cookie.Expires = DateTime.Now.AddDays(-1); context.Response.Cookies.Add(cookie); } return new RedirectResult(redirectUrl); }
public static IHtmlString ReturnButton(this HtmlHelper htmlHelper) { var returnUrl = HttpContext.Current.Request.QueryString["returnUrl"]; var url = new UrlHelper(htmlHelper.ViewContext.RequestContext); if (url.IsLocalUrl(returnUrl)) { return(ReturnButton(htmlHelper, returnUrl)); } return(ReturnButton(htmlHelper, url.Action("Index"))); }
public static string SafeRedirectUrl(UrlHelper url, string returnUrl) { if (!String.IsNullOrWhiteSpace(returnUrl) && url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/", StringComparison.Ordinal) && !returnUrl.StartsWith("//", StringComparison.Ordinal) && !returnUrl.StartsWith("/\\", StringComparison.Ordinal)) { return returnUrl; } return url.Home(); }
/// <summary> /// ResizeImage图片地址生成 /// </summary> /// <param name="url">图片地址</param> /// <param name="w">最大宽度</param> /// <param name="h">最大高度</param> /// <param name="quality">质量0~100</param> /// <param name="image">占位图类别</param> /// <returns>地址为空返回null</returns> public static string ResizeImage(string url, int?w = null, int?h = null, int?quality = null, DummyImage?image = DummyImage.Default, ResizerMode?mode = null, ReszieScale?scale = null ) { var Url = new System.Web.Mvc.UrlHelper(HttpContext.Current.Request.RequestContext); if (string.IsNullOrEmpty(url)) { return(null); } else { if (Url.IsLocalUrl(url)) { var t = new Uri(HttpContext.Current.Request.Url, Url.Content(url)).AbsoluteUri; Dictionary <string, string> p = new Dictionary <string, string>(); if (w.HasValue) { p.Add("w", w.ToString()); } if (h.HasValue) { p.Add("h", h.ToString()); } if (scale.HasValue) { p.Add("scale", scale.Value.ToString()); } if (quality.HasValue) { p.Add("quality", quality.ToString()); } if (image.HasValue) { p.Add("404", image.ToString()); } if (mode.HasValue) { p.Add("mode", mode.ToString()); } return(t + p.ToParam("?")); } else if (url.Contains(QinQiuApi.ServerLink)) { var fileType = System.IO.Path.GetExtension(url); StringBuilder sbUrl = new StringBuilder(url); if (fileType == ".mp4") { sbUrl.Append("?vframe/jpg/offset/1"); if (w.HasValue) { sbUrl.Append($"/w/{w}"); } if (h.HasValue) { sbUrl.Append($"/h/{h}"); } return(sbUrl.ToString()); } else { sbUrl.Append("?imageView2"); switch (mode) { case ResizerMode.Pad: default: case ResizerMode.Crop: sbUrl.Append("/1"); break; case ResizerMode.Max: sbUrl.Append("/0"); break; } if (w.HasValue) { sbUrl.Append($"/w/{w}"); } if (h.HasValue) { sbUrl.Append($"/h/{h}"); } quality = quality ?? 100; sbUrl.Append($"/q/{quality}"); return(sbUrl.ToString()); } } else { return(url); } } }
/////////////////////////////////////////////////////////////////////// public static void redirect(HttpRequest Request, HttpResponse Response) { // redirect to the page the user was going to or start off with bugs.aspx string url = Request.QueryString["url"]; string qs = Request.QueryString["qs"]; UrlHelper urlHelper = new UrlHelper(Request.RequestContext); if (String.IsNullOrEmpty(url) || !urlHelper.IsLocalUrl(url)) { string mobile = Request["mobile"]; if (String.IsNullOrEmpty(mobile)) { Response.Redirect("bugs.aspx"); } else { Response.Redirect("mbugs.aspx"); } } else { Response.Redirect(remove_line_breaks(url) + "?" + remove_line_breaks(HttpUtility.UrlDecode(qs))); } }
public bool IsSafe(string url) { UrlHelper helper = new UrlHelper(context); return helper.IsLocalUrl(url) && url.Length > 1 && url.StartsWith("/") && !url.StartsWith("//") && !url.StartsWith("/\\"); }