C# (CSharp) Irv.Engine HtmlResponseValidator Exemples

Langage de programmation: C# (CSharp)

Espace de nommage/Pack: Irv.Engine

Exemples au hotexamples.com: 2

C# (CSharp) Irv.Engine HtmlResponseValidator - 2 exemples trouvés. Ce sont les exemples réels les mieux notés de Irv.Engine.HtmlResponseValidator extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Méthodes fréquemment utilisées

Afficher Cacher

IsValidHtmlResponseString(2)

Méthodes fréquemment utilisées

IsValidHtmlResponseString (2)

Associées

DevXMgr

UrdfInertial

MyOwnSiteDataContext

HITSConfig

Response

Issue

ChequeBoletoAtividade

AdsEntities

SmartContract.Debug.LogScript

GetValueExpression

Related in langs

todo\Api (PHP)

Form (PHP)

serial_set_baud_rate (C++)

wlanISR (C++)

EntryOutSize (Go)

sqlite3_bind_null (Go)

ServerSocket (Java)

IDesignSpace (Java)

remote (Python)

addConsole (Python)

Exemple #1

0

Afficher le fichier

Fichier : XssResponseValidationModule.cs Projet : Solnake/Irv

public void Init(HttpApplication httpApplication) { httpApplication.BeginRequest += (o, e) => { _filter = new ResponseFilter(httpApplication.Response.Filter, httpApplication.Response.ContentEncoding); httpApplication.Response.Filter = _filter; }; httpApplication.EndRequest += (o, e) => { // Only 'text/html' content type of response supported as yet if (!httpApplication.Context.Response.ContentType.StartsWith("text/html")) return; // TODO: Add support of 'application/json' and 'text/xml' MIME types var responseText = _filter.Response; var xssResponseValidator = new HtmlResponseValidator(); RequestValidationParam dangerousParam; if (httpApplication.Context.Items.Contains("Irv.Engine.TaintfulParams") && !xssResponseValidator.IsValidHtmlResponseString( (List<RequestValidationParam>) httpApplication.Context.Items["Irv.Engine.TaintfulParams"], responseText, out dangerousParam)) { throw new HttpRequestValidationException( string.Format( _requestValidationErrorMessage, dangerousParam.Source, string.Format("{0}=\"{1}\"...", dangerousParam.CollectionKey, dangerousParam.Value.Length > 15 ? dangerousParam.Value.Substring(0, 15) : dangerousParam.Value))); } }; }

Exemple #2

0

Afficher le fichier

Fichier : HtmlResponseValidatorTest.cs Projet : Solnake/Irv

private void TestScriptRunner(string testName) { var scriptLines = File.ReadAllLines(string.Format("{0}.testscript", testName)); var templateBuilder = new StringBuilder(); var currentScriptLine = 0; do { if (scriptLines[currentScriptLine] != string.Empty) { templateBuilder.AppendLine(scriptLines[currentScriptLine]); } } while (scriptLines[++currentScriptLine] != ""); currentScriptLine++; var responseTemplate = templateBuilder.ToString(); var paramList = new List<string>(); while (currentScriptLine < scriptLines.Length) { if (scriptLines[currentScriptLine].Length == 0) { if (paramList.Count > 0) { // ReSharper disable CoVariantArrayConversion var responseText = string.Format(responseTemplate, paramList.ToArray()); // ReSharper restore CoVariantArrayConversion var validator = new HtmlResponseValidator(); var taintfulParams = paramList.Select(param => new RequestValidationParam("Irv.Tests", "None", param)).ToList(); RequestValidationParam dangerousParam; var validationResult = validator.IsValidHtmlResponseString(taintfulParams, responseText, out dangerousParam); if (validationResult) { TestContext.WriteLine("Test {0} failed on param(s): {{ {1} }}", testName, string.Join("} {", paramList)); } Assert.IsFalse(validationResult); paramList.Clear(); } } else { paramList.Add(HttpUtility.UrlDecode(scriptLines[currentScriptLine])); } currentScriptLine++; } }