public object Create(object parent, object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
// unwrap the parent object
NameValueCollection nvcParent = null;
if (parent != null)
{
nvcParent = ((ClientTargetConfiguration)parent).Configuration;
}
// deleage the real work to NameValueSectionHandler
ClientTargetNameValueHandler nvcHandler = new ClientTargetNameValueHandler();
NameValueCollection nvcResult = (NameValueCollection)nvcHandler.Create(nvcParent, configContextObj, section);
if (nvcResult == null)
{
return(null);
}
//
// Return config data wrapped in an internal class, so
// semi-trusted code cannot leak configuration data.
//
ClientTargetConfiguration clientTargetResult = new ClientTargetConfiguration();
clientTargetResult.Configuration = nvcResult;
return(clientTargetResult);
}
public virtual object Create(Object parent, Object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
HttpConfigurationContext configContext = configContextObj as HttpConfigurationContext;
// section handlers can run in client mode with ConfigurationSettings.GetConfig("sectionName")
// detect this case and return null to be ensure no exploits from secure client scenarios
// see ASURT 123738
if (configContext == null)
{
return(null);
}
if (HandlerBase.IsPathAtAppLevel(configContext.VirtualPath) == PathLevel.BelowApp)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Cannot_specify_below_app_level, section.Name),
section);
}
return(new SecurityPolicyConfig((SecurityPolicyConfig)parent, section, ConfigurationException.GetXmlNodeFilename(section)));
}
public virtual object Create(Object parent, Object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
return(MachineKey.CreateConfig(parent, configContextObj, section));
}
public virtual object Create(Object parent, Object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
bool impersonation = false;
String username = null;
String password = null;
HandlerBase.CheckForChildNodes(section);
HandlerBase.GetAndRemoveBooleanAttribute(section, "impersonate", ref impersonation);
HandlerBase.GetAndRemoveStringAttribute(section, "userName", ref username);
HandlerBase.GetAndRemoveStringAttribute(section, "password", ref password);
HandlerBase.CheckForUnrecognizedAttributes(section);
HandlerBase.CheckForChildNodes(section);
if (username != null && username.Length < 1)
{
username = null;
}
if (password != null && (password.StartsWith("registry:") || password.StartsWith("Registry:")))
{
StringBuilder str = new StringBuilder(100);
int iRet = UnsafeNativeMethods.GetCredentialFromRegistry(password, str, 100);
if (iRet == 0)
{
password = str.ToString();
}
else
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Invalid_credentials_pass),
section);
}
}
if (username != null && (username.StartsWith("registry:") || username.StartsWith("Registry:")))
{
StringBuilder str = new StringBuilder(100);
int iRet = UnsafeNativeMethods.GetCredentialFromRegistry(username, str, 100);
if (iRet == 0)
{
username = str.ToString();
}
else
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Invalid_credentials_name),
section);
}
}
return(new IdentityConfig((IdentityConfig)parent, impersonation, username, password, section));
}
public virtual object Create(Object parent, Object configContextObj, Xml.XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
HttpConfigurationContext httpConfigContext = (HttpConfigurationContext)configContextObj;
return(new CustomErrors(section, httpConfigContext.VirtualPath, (CustomErrors)parent));
}
public virtual object Create(Object parent, object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
bool bTemp = false;
int iTemp = 0;
uint uiTemp = 0;
string sTemp = null;
int maxWorkerThreads = 0;
int maxIoThreads = 0;
int minWorkerThreads = 0;
int minIoThreads = 0;
int responseDeadlockInterval = 0;
HandlerBase.GetAndRemoveBooleanAttribute(section, "enable", ref bTemp);
GetAndRemoveProcessModelTimeout(section, "timeout", ref iTemp);
GetAndRemoveProcessModelTimeout(section, "idleTimeout", ref iTemp);
GetAndRemoveProcessModelTimeout(section, "shutdownTimeout", ref iTemp);
GetAndRemoveIntegerOrInfiniteAttribute(section, "requestLimit", ref iTemp);
GetAndRemoveIntegerOrInfiniteAttribute(section, "requestQueueLimit", ref iTemp);
GetAndRemoveIntegerOrInfiniteAttribute(section, "restartQueueLimit", ref iTemp);
HandlerBase.GetAndRemoveIntegerAttribute(section, "memoryLimit", ref iTemp);
GetAndRemoveUnsignedIntegerAttribute(section, "cpuMask", ref uiTemp);
HandlerBase.GetAndRemoveEnumAttribute(section, "logLevel", typeof(LogLevelEnum), ref iTemp);
HandlerBase.GetAndRemoveStringAttribute(section, "userName", ref sTemp);
HandlerBase.GetAndRemoveStringAttribute(section, "password", ref sTemp);
HandlerBase.GetAndRemoveBooleanAttribute(section, "webGarden", ref bTemp);
GetAndRemoveProcessModelTimeout(section, "clientConnectedCheck", ref iTemp);
HandlerBase.GetAndRemoveStringAttribute(section, "comImpersonationLevel", ref sTemp);
HandlerBase.GetAndRemoveStringAttribute(section, "comAuthenticationLevel", ref sTemp);
GetAndRemoveProcessModelTimeout(section, "responseDeadlockInterval", ref responseDeadlockInterval);
GetAndRemoveProcessModelTimeout(section, "responseRestartDeadlockInterval", ref iTemp);
HandlerBase.GetAndRemovePositiveIntegerAttribute(section, "maxWorkerThreads", ref maxWorkerThreads);
HandlerBase.GetAndRemovePositiveIntegerAttribute(section, "maxIoThreads", ref maxIoThreads);
HandlerBase.GetAndRemovePositiveIntegerAttribute(section, "minWorkerThreads", ref minWorkerThreads);
HandlerBase.GetAndRemovePositiveIntegerAttribute(section, "minIoThreads", ref minIoThreads);
HandlerBase.GetAndRemoveStringAttribute(section, "serverErrorMessageFile", ref sTemp);
GetAndRemoveIntegerOrInfiniteAttribute(section, "requestAcks", ref iTemp);
GetAndRemoveProcessModelTimeout(section, "pingFrequency", ref iTemp);
GetAndRemoveProcessModelTimeout(section, "pingTimeout", ref iTemp);
GetAndRemoveIntegerOrInfiniteAttribute(section, "asyncOption", ref iTemp);
HandlerBase.CheckForUnrecognizedAttributes(section);
HandlerBase.CheckForChildNodes(section);
return(new ProcessModelConfig(maxWorkerThreads, maxIoThreads, minWorkerThreads, minIoThreads, responseDeadlockInterval));
}
public virtual object Create(Object parent, Object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
GlobalizationConfig config = new GlobalizationConfig((GlobalizationConfig)parent);
config.LoadValuesFromConfigurationXml(section);
return(config);
}
public object Create(object parent, object configContextObj, XmlNode section)
{
// This line allows us to continue to return a config object of a public type
// like we did in the first release. Third parties rely on this to get the
// client script location. But if the section handler is run in client code
// we will return null, so we aren't exposing information through the
// client configuration system.
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
// delegate to SingleTagSectionHandler to do the real work
SingleTagSectionHandler singleTagSectionHandler = new SingleTagSectionHandler();
return(singleTagSectionHandler.Create(parent, configContextObj, section));
}
//
// As required by IConfigurationSectionHandler
//
public object Create(object parent, object configurationContext, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configurationContext))
{
return(null);
}
ParseState parseState = new ParseState();
parseState.SectionName = section.Name;
// the rule is going to be the previous rule followed by a list containing the new rules
parseState.Evaluator = new HttpCapabilitiesEvaluator((HttpCapabilitiesEvaluator)parent);
ArrayList rulelist = new ArrayList();
// check for random attributes
HandlerBase.CheckForUnrecognizedAttributes(section);
// iterate through XML section in order and apply the directives
ArrayList sublist;
sublist = RuleListFromElement(parseState, section, true);
if (sublist.Count > 0)
{
parseState.RuleList.Add(new CapabilitiesSection(CapabilitiesRule.Filter, null, null, sublist));
}
if (parseState.FileList.Count > 0)
{
parseState.IsExternalFile = true;
ResolveFiles(parseState, configurationContext);
}
// Add the new rules
parseState.Evaluator.AddRuleList(parseState.RuleList);
return(parseState.Evaluator);
}
public virtual object Create(Object parent, Object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
HttpConfigurationContext configContext = configContextObj as HttpConfigurationContext;
if (HandlerBase.IsPathAtAppLevel(configContext.VirtualPath) == PathLevel.BelowApp)
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Cannot_specify_below_app_level, "Authentication"),
section);
}
return(new AuthenticationConfig((AuthenticationConfig)parent, section));
}
/*
* Create
*
* Given a partially composed config object (possibly null)
* and some input from the config system, return a
* further partially composed config object
*/
public virtual object Create(Object parent, Object configContextObj, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configContextObj))
{
return(null);
}
HttpModulesConfiguration appConfig;
// start list as shallow clone of parent
if (parent == null)
{
appConfig = new HttpModulesConfiguration();
}
else
{
appConfig = new HttpModulesConfiguration((HttpModulesConfiguration)parent);
}
// process XML section in order and apply the directives
HandlerBase.CheckForUnrecognizedAttributes(section);
foreach (XmlNode child in section.ChildNodes)
{
// skip whitespace and comments
if (HandlerBase.IsIgnorableAlsoCheckForNonElement(child))
{
continue;
}
// process <add> and <clear> elements
if (child.Name == "add")
{
String name = HandlerBase.RemoveRequiredAttribute(child, "name");
String classname = HandlerBase.RemoveRequiredAttribute(child, "type");
bool insert = false;
/* position and validate removed See ASURT 96814
* int iTemp = 0;
* XmlNode attribute = HandlerBase.GetAndRemoveEnumAttribute(child, "position", typeof(HttpModulesConfigurationPosition), ref iTemp);
* if (attribute != null) {
* HttpModulesConfigurationPosition pos = (HttpModulesConfigurationPosition)iTemp;
* if (pos == HttpModulesConfigurationPosition.Start) {
* insert = true;
* }
* }
*
* bool validate = true;
* HandlerBase.GetAndRemoveBooleanAttribute(child, "validate", ref validate);
*/
if (IsSpecialModule(classname))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Special_module_cannot_be_added_manually, classname),
child);
}
if (IsSpecialModuleName(name))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Special_module_cannot_be_added_manually, name),
child);
}
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
if (appConfig.ContainsEntry(name))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Module_already_in_app, name),
child);
}
else
{
try {
appConfig.Add(name, classname, insert);
}
catch (Exception e) {
throw new ConfigurationException(e.Message, e, child);
}
}
}
else if (child.Name == "remove")
{
String name = HandlerBase.RemoveRequiredAttribute(child, "name");
/*
* bool validate = true;
* HandlerBase.GetAndRemoveBooleanAttribute(child, "validate", ref validate);
*/
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
if (!appConfig.RemoveEntry(name))
{
if (IsSpecialModuleName(name))
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Special_module_cannot_be_removed_manually, name),
child);
}
else
{
throw new ConfigurationException(
HttpRuntime.FormatResourceString(SR.Module_not_in_app, name),
child);
}
}
}
else if (child.Name == "clear")
{
HandlerBase.CheckForUnrecognizedAttributes(child);
HandlerBase.CheckForChildNodes(child);
appConfig.RemoveRange(0, appConfig.Count);
}
else
{
HandlerBase.ThrowUnrecognizedElement(child);
}
}
// inheritance rule for modules config:
// machine-level and site-level config allows inheritance, dir- (app-) level does not.
return(appConfig);
}
//
// As required by IConfigurationSectionHandler
//
public object Create(object parent, object configurationContext, XmlNode section)
{
// if called through client config don't even load HttpRuntime
if (!HandlerBase.IsServerConfiguration(configurationContext))
{
return(null);
}
ParseState parseState = new ParseState();
parseState.SectionName = section.Name;
// the rule is going to be the previous rule followed by a list containing the new rules
parseState.Evaluator = new HttpCapabilitiesDefaultProvider((HttpCapabilitiesDefaultProvider)parent);
int userAgentCacheKeyLength = 0;
// Get the useragent string cachekey length
if (parent != null)
{
userAgentCacheKeyLength = ((HttpCapabilitiesDefaultProvider)parent).UserAgentCacheKeyLength;
}
HandlerBase.GetAndRemovePositiveIntegerAttribute(section, "userAgentCacheKeyLength", ref userAgentCacheKeyLength);
if (userAgentCacheKeyLength == 0)
{
userAgentCacheKeyLength = _defaultUserAgentCacheKeyLength;
}
parseState.Evaluator.UserAgentCacheKeyLength = userAgentCacheKeyLength;
string browserCapabilitiesProviderType = null;
if (parent != null)
{
browserCapabilitiesProviderType = ((HttpCapabilitiesDefaultProvider)parent).BrowserCapabilitiesProviderType;
}
HandlerBase.GetAndRemoveNonEmptyStringAttribute(section, "provider", ref browserCapabilitiesProviderType);
parseState.Evaluator.BrowserCapabilitiesProviderType = browserCapabilitiesProviderType;
// check for random attributes
HandlerBase.CheckForUnrecognizedAttributes(section);
// iterate through XML section in order and apply the directives
ArrayList sublist;
sublist = RuleListFromElement(parseState, section, true);
if (sublist.Count > 0)
{
parseState.RuleList.Add(new CapabilitiesSection(CapabilitiesRule.Filter, null, null, sublist));
}
if (parseState.FileList.Count > 0)
{
parseState.IsExternalFile = true;
ResolveFiles(parseState, configurationContext);
}
// Add the new rules
parseState.Evaluator.AddRuleList(parseState.RuleList);
return(parseState.Evaluator);
}