public void Run()
{
//Determine if we already have a Page Settings object
IDSPageSettings ips;
_settings.PageSettings.TryGetValue(Misc.GetCurrentPageName(), out ips);
if (ips == null)
{
ips = new IDSPageSettings(_settings);
_settings.PageSettings.Add(Misc.GetCurrentPageName(), ips);
}
//Wire up the web.config page callbacks
foreach (IDSCallback callback in ips.Callbacks)
{
Type t = Misc.ResolveType(callback.Assembly, callback.Namespaceandcallback);
SetupBinding(t, callback.Method);
}
if (ips.OnIDSEvent != null)
{
foreach (Delegate d in ips.OnIDSEvent.GetInvocationList())
{
OnIDSEvents += (IDSEvent)d;
}
}
//Wire up the web.config global callbacks
foreach (IDSCallback callback in _settings.Callbacks)
{
Type t = Misc.ResolveType(callback.Assembly, callback.Namespaceandcallback);
SetupBinding(t, callback.Method);
}
//If _callScan is false then the firing mechanism will run in
//the page_preinit event of a page/page subclass
if (!_callScan)
{
return;
}
RunScan(ips);
}
protected void Page_Init(object sender, EventArgs e)
{
OnIDSEvent += new IDSEvent(IDSEventHandler);
//Set exclusions
PostExclusions.Add("SubmitButton");
PostExclusions.Add("UTF7Decode");
PostExclusions.Add("JSDecode");
//Set paths if necessary (or use built-in filters)
//FilterXmlPath = Server.MapPath("~/IDS/default_filter.xml");
//Set options
DecodeJS = JSDecode.Checked;
DecodeUTF7 = UTF7Decode.Checked;
//Set an exclusion
//Exclusions.Add("Content-Length");
}
protected void Page_Init(object sender, EventArgs e)
{
OnIDSEvent += new IDSEvent(IDSEventHandler);
//Set exclusions
PostExclusions.Add("SubmitButton");
PostExclusions.Add("UTF7Decode");
PostExclusions.Add("JSDecode");
//Set paths if necessary (or use built-in filters)
//FilterXmlPath = Server.MapPath("~/IDS/default_filter.xml");
//Set options
DecodeJS = JSDecode.Checked;
DecodeUTF7 = UTF7Decode.Checked;
//Set an exclusion
//Exclusions.Add("Content-Length");
}
private void SetupBinding(Type t, string method)
{
MethodInfo mi = t.GetMethod(method);
//Determine the binding method
if (mi.IsStatic)
{
Delegate d = Delegate.CreateDelegate(typeof(IDSEvent), mi);
OnIDSEvents += (IDSEvent)d;
}
else
{
if (t.IsSubclassOf(typeof(Page)))
{
//Set up a callback to an instance method inside a Page
object o = HttpContext.Current.CurrentHandler;
//Determine if the current Handler is of a usable type
if (t.IsInstanceOfType(o))
{
if (_callScan == true)
{
((Page)o).PreInit += new EventHandler(WebScanRunner_PreInit);
}
Delegate d = Delegate.CreateDelegate(typeof(IDSEvent), o, method);
OnIDSEvents += (IDSEvent)d;
_callScan = false;
}
}
else
{
//Set up a callback to an instance method not inside a Page
object o = Activator.CreateInstance(t);
Delegate d = Delegate.CreateDelegate(typeof(IDSEvent), o, method);
OnIDSEvents += (IDSEvent)d;
}
}
}
private void SetupBinding(Type t, string method)
{
MethodInfo mi = t.GetMethod(method);
//Determine the binding method
if (mi.IsStatic)
{
Delegate d = Delegate.CreateDelegate(typeof(IDSEvent), mi);
OnIDSEvents += (IDSEvent)d;
}
else
{
if (t.IsSubclassOf(typeof(Page)))
{
//Set up a callback to an instance method inside a Page
object o = HttpContext.Current.CurrentHandler;
//Determine if the current Handler is of a usable type
if (t.IsInstanceOfType(o))
{
if (_callScan == true)
{
((Page)o).PreInit += new EventHandler(WebScanRunner_PreInit);
}
Delegate d = Delegate.CreateDelegate(typeof(IDSEvent), o, method);
OnIDSEvents += (IDSEvent)d;
_callScan = false;
}
}
else
{
//Set up a callback to an instance method not inside a Page
object o = Activator.CreateInstance(t);
Delegate d = Delegate.CreateDelegate(typeof(IDSEvent), o, method);
OnIDSEvents += (IDSEvent)d;
}
}
}
public void Run()
{
//Determine if we already have a Page Settings object
IDSPageSettings ips;
_settings.PageSettings.TryGetValue(Misc.GetCurrentPageName(), out ips);
if (ips == null)
{
ips = new IDSPageSettings(_settings);
_settings.PageSettings.Add(Misc.GetCurrentPageName(), ips);
}
//Wire up the web.config page callbacks
foreach (IDSCallback callback in ips.Callbacks)
{
Type t = Misc.ResolveType(callback.Assembly, callback.Namespaceandcallback);
SetupBinding(t, callback.Method);
}
if (ips.OnIDSEvent != null)
{
foreach (Delegate d in ips.OnIDSEvent.GetInvocationList())
{
OnIDSEvents += (IDSEvent)d;
}
}
//Wire up the web.config global callbacks
foreach (IDSCallback callback in _settings.Callbacks)
{
Type t = Misc.ResolveType(callback.Assembly, callback.Namespaceandcallback);
SetupBinding(t, callback.Method);
}
//If _callScan is false then the firing mechanism will run in
//the page_preinit event of a page/page subclass
if (!_callScan) return;
RunScan(ips);
}