public override void ApplyFilter(RequestFilteringContext context)
{
var verb = context.HttpContext.Request.Method;
if (Options.AllowUnlisted)
{
if (Options.HttpVerbsCollection.Any(v => v.Verb.ToString().Equals(verb, StringComparison.OrdinalIgnoreCase) && v.Allowed == false))
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
return;
}
context.Result = RequestFilteringResult.Continue;
}
else
{
if (Options.HttpVerbsCollection.Any(v => v.Verb.ToString().Equals(verb, StringComparison.OrdinalIgnoreCase) && v.Allowed == true))
{
context.Result = RequestFilteringResult.Continue;
return;
}
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
}
}
public override void ApplyFilter(RequestFilteringContext context)
{
if (!context.HttpContext.Request.QueryString.HasValue)
{
context.Result = RequestFilteringResult.Continue;
return;
}
if (Options.AllowUnlisted)
{
if (Options.QueryStringsCollection.Any(q => context.HttpContext.Request.Query[q.QueryString].SingleOrDefault() != null && q.Allowed == false))
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
return;
}
context.Result = RequestFilteringResult.Continue;
}
else
{
if (Options.QueryStringsCollection.Any(q => context.HttpContext.Request.Query[q.QueryString].SingleOrDefault() != null && q.Allowed == true))
{
context.Result = RequestFilteringResult.Continue;
return;
}
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
}
}
public override void ApplyFilter(RequestFilteringContext context)
{
if (Options.MaxAllowedContentLength < context.HttpContext.Request.ContentLength)
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
}
if (Options.MaxQueryString < context.HttpContext.Request.QueryString.Value.Length)
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
}
if (Options.MaxUrl < context.HttpContext.Request.GetDisplayUrl().Length)
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
}
Options.HeadersCollection.ToList().ForEach(header =>
{
if (context.HttpContext.Request.Headers.Keys.Contains(header.Header) && context.HttpContext.Request.Headers[header.Header].ToString().LongCount() > header.SizeLimit)
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
return;
}
});
context.Result = RequestFilteringResult.Continue;
}
public override void ApplyFilter(RequestFilteringContext context)
{
var extension = Path.GetExtension(context.HttpContext.Request.Path.Value);
if (Options.AllowUnlisted)
{
if (Options.FileExtensionsCollection.Any(f => f.FileExtension == extension && f.Allowed == false))
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
return;
}
context.Result = RequestFilteringResult.Continue;
}
else
{
if (Options.FileExtensionsCollection.Any(f => f.FileExtension == extension && f.Allowed == true))
{
context.Result = RequestFilteringResult.Continue;
return;
}
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
}
}
public override void ApplyFilter(RequestFilteringContext context)
{
if (!context.HttpContext.Request.QueryString.HasValue)
{
context.Result = RequestFilteringResult.Continue;
return;
}
if (Options.DenyStrings.Any(s => context.HttpContext.Request.QueryString.Value.Contains(s)))
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
return;
}
context.Result = RequestFilteringResult.Continue;
}
public override void ApplyFilter(RequestFilteringContext context)
{
var connection = context.HttpContext.Features.Get <IHttpConnectionFeature>();
if (connection == null)
{
context.Result = RequestFilteringResult.Continue;
}
var ipAddress = connection.RemoteIpAddress.ToString();
if (Options.IPAddresses.Contains(ipAddress))
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
return;
}
context.Result = RequestFilteringResult.Continue;
}
public override void ApplyFilter(RequestFilteringContext context)
{
var url = context.HttpContext.Request.Path.Value;
if (Options.AllowedUrls.Contains(url))
{
context.Result = RequestFilteringResult.Continue;
}
else
{
Options.DeniedUrlSequences.ToList().ForEach(s =>
{
if (url.Contains(s))
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
}
});
}
}
public override void ApplyFilter(RequestFilteringContext context)
{
var path = context.HttpContext.Request.Path.Value;
var segments = path.Split(new char[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
if (segments.Length == 0)
{
context.Result = RequestFilteringResult.Continue;
return;
}
if (Options.HiddenSegmentsCollection.Any(s => segments.Contains(s.Segment)))
{
context.HttpContext.Response.StatusCode = 404;
context.Result = RequestFilteringResult.StopFilters;
return;
}
context.Result = RequestFilteringResult.Continue;
}
public virtual void ApplyFilter(RequestFilteringContext context)
{
context.Result = RequestFilteringResult.Continue;
}
