/// <summary>
/// Throws on invalid header name chars.
/// </summary>
private static string CheckBadHeaderNameChars(string name)
{
Debug.Assert(!string.IsNullOrEmpty(name));
// First, check for absence of separators and spaces.
if (HttpValidationHelpers.IsInvalidMethodOrHeaderString(name))
{
throw new ArgumentException(SR.Format(SR.net_WebHeaderInvalidHeaderChars, nameof(name)), nameof(name));
}
// Second, check for non CTL ASCII-7 characters (32-126).
if (ContainsNonAsciiChars(name))
{
throw new ArgumentException(SR.Format(SR.net_WebHeaderInvalidNonAsciiChars, nameof(name)), nameof(name));
}
return(name);
}
// CheckBadChars - throws on invalid chars to be not found in header name/value
internal static string CheckBadChars(string name, bool isHeaderValue)
{
if (name == null || name.Length == 0)
{
// empty name is invalid
if (!isHeaderValue)
{
throw name == null ? new ArgumentNullException("name") :
new ArgumentException(SR.Format(SR.net_emptystringcall, "name"), "name");
}
// empty value is OK
return(string.Empty);
}
if (isHeaderValue)
{
// VALUE check
// Trim spaces from both ends
name = name.Trim(s_httpTrimCharacters);
// First, check for correctly formed multi-line value
// Second, check for absence of CTL characters
int crlf = 0;
for (int i = 0; i < name.Length; ++i)
{
char c = (char)(0x000000ff & (uint)name[i]);
switch (crlf)
{
case 0:
if (c == '\r')
{
crlf = 1;
}
else if (c == '\n')
{
// Technically this is bad HTTP, but we want to be permissive in what we accept.
// It is important to note that it would be a breaking change to reject this.
crlf = 2;
}
else if (c == 127 || (c < ' ' && c != '\t'))
{
throw new ArgumentException(SR.Format(SR.net_WebHeaderInvalidControlChars, "value"));
}
break;
case 1:
if (c == '\n')
{
crlf = 2;
break;
}
throw new ArgumentException(SR.Format(SR.net_WebHeaderInvalidCRLFChars, "value"));
case 2:
if (c == ' ' || c == '\t')
{
crlf = 0;
break;
}
throw new ArgumentException(SR.Format(SR.net_WebHeaderInvalidCRLFChars, "value"));
}
}
if (crlf != 0)
{
throw new ArgumentException(SR.Format(SR.net_WebHeaderInvalidCRLFChars, "value"));
}
}
else
{
// NAME check
// First, check for absence of separators and spaces
if (HttpValidationHelpers.IsInvalidMethodOrHeaderString(name))
{
throw new ArgumentException(SR.Format(SR.net_WebHeaderInvalidHeaderChars, "name"));
}
// Second, check for non CTL ASCII-7 characters (32-126)
if (ContainsNonAsciiChars(name))
{
throw new ArgumentException(SR.Format(SR.net_WebHeaderInvalidNonAsciiChars, "name"));
}
}
return(name);
}