internal static bool CheckPublicRoots(string domain)
        {
            if (string.IsNullOrEmpty(domain))
            {
                return(true);
            }

            IPAddress address;

#if SSHARP
            if (IPAddressTryParser.IPAddressTryParse(domain, out address))
#else
            if (IPAddress.TryParse(domain, out address))
#endif
            { return(domain[0] != '.'); }

            if (domain[0] == '.')
            {
                domain = domain.Substring(1);
            }

            if (string.Equals(domain, "localhost", StringComparison.InvariantCultureIgnoreCase))
            {
                return(true);
            }

            var parts = domain.Split('.');
            // Disallow TLDs
            if (parts.Length < 2)
            {
                return(false);
            }

            // FIXME: Should probably use the public suffix list at
            //        http://publicsuffix.org/list/ or something similar.
            return(true);
        }
        internal static bool CheckSameOrigin(Uri uri, string domain)
        {
            if (!CheckPublicRoots(domain))
            {
                return(false);
            }

            IPAddress address;

#if SSHARP
            if (IPAddressTryParser.IPAddressTryParse(domain, out address))
#else
            if (IPAddress.TryParse(domain, out address))
#endif
            {
                if (domain[0] == '.')
                {
                    return(false);
                }

#if SSHARP
                foreach (var ip in DnsEx.GetHostAddresses(uri.DnsSafeHost))
#else
                foreach (var ip in Dns.GetHostAddresses(uri.DnsSafeHost))
#endif
                {
                    if (address.Equals(ip))
                    {
                        return(true);
                    }
                }

                return(false);
            }

            return(CheckDomain(domain, uri.Host, false));
        }
        private static EndPointListener GetEPListener(string host, int port, HttpListener listener, bool secure)
        {
            IPAddress addr;

            if (host == "*")
            {
                addr = IPAddress.Any;
            }
#if SSHARP
            else if (IPAddressTryParser.IPAddressTryParse(host, out addr) == false)
#else
            else if (IPAddress.TryParse(host, out addr) == false)
#endif
            {
                try
                {
#if SSHARP
                    IPAddress[] addrs = DnsEx.GetHostAddresses(host);
                    if (addrs.Length != 0)
                    {
                        addr = addrs[0];
                    }
#else
                    IPHostEntry iphost = Dns.GetHostByName(host);
                    if (iphost != null)
                    {
                        addr = iphost.AddressList[0];
                    }
#endif
                    else
                    {
                        addr = IPAddress.Any;
                    }
                }
                catch
                {
                    addr = IPAddress.Any;
                }
            }
            Hashtable p = null;             // Dictionary<int, EndPointListener>
            if (ip_to_endpoints.ContainsKey(addr))
            {
                p = (Hashtable)ip_to_endpoints[addr];
            }
            else
            {
                p = new Hashtable();
                ip_to_endpoints[addr] = p;
            }

            EndPointListener epl = null;
            if (p.ContainsKey(port))
            {
                epl = (EndPointListener)p[port];
            }
            else
            {
                epl     = new EndPointListener(addr, port, secure);
                p[port] = epl;
            }

            return(epl);
        }
Exemple #4
0
        public bool IsBypassed(Uri host)
        {
            if (host == null)
            {
                throw new ArgumentNullException("host");
            }

            if (host.IsLoopback && bypassOnLocal)
            {
                return(true);
            }

            if (address == null)
            {
                return(true);
            }

            string server = host.Host;

            if (bypassOnLocal && server.IndexOf('.') == -1)
            {
                return(true);
            }

            // LAMESPEC
            if (!bypassOnLocal)
            {
                if (String.Compare(server, "localhost", true, CultureInfo.InvariantCulture) == 0)
                {
                    return(true);
                }
                if (String.Compare(server, "loopback", true, CultureInfo.InvariantCulture) == 0)
                {
                    return(true);
                }

                IPAddress addr = null;
#if SSHARP
                if (IPAddressTryParser.IPAddressTryParse(server, out addr) && IPAddress.IsLoopback(addr))
#else
                if (IPAddress.TryParse(server, out addr) && IPAddress.IsLoopback(addr))
#endif
                { return(true); }
            }

            if (bypassList == null || bypassList.Count == 0)
            {
                return(false);
            }

            try
            {
                string hostStr = host.Scheme + "://" + host.Authority;
                int    i       = 0;
                for (; i < bypassList.Count; i++)
                {
                    Regex regex = new Regex((string)bypassList[i],                      // TODO: RegexOptions.Compiled |  // not implemented yet by Regex
                                            RegexOptions.IgnoreCase | RegexOptions.Singleline);

                    if (regex.IsMatch(hostStr))
                    {
                        break;
                    }
                }

                if (i == bypassList.Count)
                {
                    return(false);
                }

                // continue checking correctness of regular expressions..
                // will throw expression when an invalid one is found
                for (; i < bypassList.Count; i++)
                {
                    new Regex((string)bypassList[i]);
                }

                return(true);
            }
            catch (ArgumentException)
            {
                return(false);
            }
        }