public static string Absolute(this UrlHelper url, string path) { UriBuilder builder = GetCanonicalUrl(url); if (path.StartsWith("~/", StringComparison.OrdinalIgnoreCase)) { path = UrlExtensions.MakeSecure(VirtualPathUtility.ToAbsolute(path, url.RequestContext.HttpContext.Request.ApplicationPath)); } builder.Path = path; return(UrlExtensions.MakeSecure(builder.Uri.AbsoluteUri)); }
internal async Task <ActionResult> CreateDownloadFileActionResult( HttpContextBase httpContext, string folderName, string fileName) { var container = await GetContainerAsync(folderName); var blob = container.GetBlobReference(fileName); var redirectUri = UrlExtensions.MakeSecure(GetRedirectUri(httpContext.Request.Url, blob.Uri)); return(new RedirectResult(redirectUri.AbsoluteUri, false)); }
public virtual Task <ActionResult> GetNuGetExe() { return(NugetExeDownloaderService.CreateNuGetExeDownloadActionResultAsync(UrlExtensions.MakeSecure(HttpContext.Request.Url))); }
public virtual async Task <ActionResult> GetPackage(string id, string version) { // some security paranoia about URL hacking somehow creating e.g. open redirects // validate user input: explicit calls to the same validators used during Package Registrations // Ideally shouldn't be necessary? if (!PackageIdValidator.IsValidPackageId(id ?? string.Empty)) { return(new HttpStatusCodeWithBodyResult(HttpStatusCode.BadRequest, "The format of the package id is invalid")); } // if version is non-null, check if it's semantically correct and normalize it. if (!String.IsNullOrEmpty(version)) { NuGetVersion dummy; if (!NuGetVersion.TryParse(version, out dummy)) { return(new HttpStatusCodeWithBodyResult(HttpStatusCode.BadRequest, "The package version is not a valid semantic version")); } // Normalize the version version = NuGetVersionFormatter.Normalize(version); } else { // If version is null, get the latest version from the database. // This ensures that on package restore scenario where version will be non null, we don't hit the database. try { var package = PackageService.FindPackageByIdAndVersion( id, version, SemVerLevelKey.SemVer2, allowPrerelease: false); if (package == null) { return(new HttpStatusCodeWithBodyResult(HttpStatusCode.NotFound, String.Format(CultureInfo.CurrentCulture, Strings.PackageWithIdAndVersionNotFound, id, version))); } version = package.NormalizedVersion; } catch (SqlException e) { QuietLog.LogHandledException(e); // Database was unavailable and we don't have a version, return a 503 return(new HttpStatusCodeWithBodyResult(HttpStatusCode.ServiceUnavailable, Strings.DatabaseUnavailable_TrySpecificVersion)); } catch (DataException e) { QuietLog.LogHandledException(e); // Database was unavailable and we don't have a version, return a 503 return(new HttpStatusCodeWithBodyResult(HttpStatusCode.ServiceUnavailable, Strings.DatabaseUnavailable_TrySpecificVersion)); } } if (ConfigurationService.Features.TrackPackageDownloadCountInLocalDatabase) { await PackageService.IncrementDownloadCountAsync(id, version); } return(await PackageFileService.CreateDownloadPackageActionResultAsync( UrlExtensions.MakeSecure(HttpContext.Request.Url), id, version)); }
public static string PackageDefaultIcon(this UrlHelper url) { return(UrlExtensions.MakeSecure(url.Home(relativeUrl: false).TrimEnd('/') + VirtualPathUtility.ToAbsolute("~/Content/Images/packageDefaultIcon-50x50.png", url.RequestContext.HttpContext.Request.ApplicationPath))); }
public static string Package(this UrlHelper url, string id, bool relativeUrl = true) { return(UrlExtensions.MakeSecure(url.Package(id, version: null, relativeUrl: relativeUrl))); }