/// <devdoc> /// Validates that the WebResource.axd handler is registered in config and actually /// points to the correct handler type. /// </devdoc> private static void EnsureHandlerExistenceChecked() { // First we have to check that the handler is registered: // <add path="WebResource.axd" verb="GET" type="System.Web.Handlers.AssemblyResourceLoader" validate="True" /> if (!_handlerExistenceChecked) { HttpContext context = HttpContext.Current; IIS7WorkerRequest iis7WorkerRequest = (context != null) ? context.WorkerRequest as IIS7WorkerRequest : null; string webResourcePath = UrlPath.Combine(HttpRuntime.AppDomainAppVirtualPathString, _webResourceUrl); if (iis7WorkerRequest != null) { // check the IIS <handlers> section by mapping the handler string handlerTypeString = iis7WorkerRequest.MapHandlerAndGetHandlerTypeString(method: "GET", path: UrlPath.Combine(HttpRuntime.AppDomainAppVirtualPathString, _webResourceUrl), convertNativeStaticFileModule: false, ignoreWildcardMappings: true); if (!String.IsNullOrEmpty(handlerTypeString)) { _handlerExists = (typeof(AssemblyResourceLoader) == BuildManager.GetType(handlerTypeString, true /*throwOnFail*/, false /*ignoreCase*/)); } } else { // check the <httpHandlers> section HttpHandlerAction httpHandler = RuntimeConfig.GetConfig(VirtualPath.Create(webResourcePath)).HttpHandlers.FindMapping("GET", VirtualPath.Create(_webResourceUrl)); _handlerExists = (httpHandler != null) && (httpHandler.TypeInternal == typeof(AssemblyResourceLoader)); } _handlerExistenceChecked = true; } }
//////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// // Module Enter: Get the authorization configuration section // and see if this user is allowed or not void OnEnter(Object source, EventArgs eventArgs) { HttpApplication app; HttpContext context; app = (HttpApplication)source; context = app.Context; if (context.SkipAuthorization) { if (context.User == null || !context.User.Identity.IsAuthenticated) { PerfCounters.IncrementCounter(AppPerfCounter.ANONYMOUS_REQUESTS); } return; } // Get the authorization config object AuthorizationSection settings = RuntimeConfig.GetConfig(context).Authorization; // Check if the user is allowed, or the request is for the login page if (!settings.EveryoneAllowed && !settings.IsUserAllowed(context.User, context.Request.RequestType)) { ReportUrlAuthorizationFailure(context, this); } else { if (context.User == null || !context.User.Identity.IsAuthenticated) { PerfCounters.IncrementCounter(AppPerfCounter.ANONYMOUS_REQUESTS); } WebBaseEvent.RaiseSystemEvent(this, WebEventCodes.AuditUrlAuthorizationSuccess); } }
public static bool CheckUrlAccessForPrincipal(string virtualPath, IPrincipal user, string verb) { if (virtualPath == null) { throw new ArgumentNullException("virtualPath"); } if (user == null) { throw new ArgumentNullException("user"); } if (verb == null) { throw new ArgumentNullException("verb"); } verb = verb.Trim(); VirtualPath path = VirtualPath.Create(virtualPath); if (!path.IsWithinAppRoot) { throw new ArgumentException(System.Web.SR.GetString("Virtual_path_outside_application_not_supported"), "virtualPath"); } if (!s_EnabledDetermined) { if (!HttpRuntime.UseIntegratedPipeline) { HttpModulesSection httpModules = RuntimeConfig.GetConfig().HttpModules; int count = httpModules.Modules.Count; for (int i = 0; i < count; i++) { HttpModuleAction action = httpModules.Modules[i]; if (Type.GetType(action.Type, false) == typeof(UrlAuthorizationModule)) { s_Enabled = true; break; } } } else { foreach (ModuleConfigurationInfo info in HttpApplication.IntegratedModuleList) { if (Type.GetType(info.Type, false) == typeof(UrlAuthorizationModule)) { s_Enabled = true; break; } } } s_EnabledDetermined = true; } if (s_Enabled) { AuthorizationSection authorization = RuntimeConfig.GetConfig(path).Authorization; if (!authorization.EveryoneAllowed) { return(authorization.IsUserAllowed(user, verb)); } } return(true); }
private void OnEnter(object source, EventArgs eventArgs) { HttpApplication application = (HttpApplication)source; HttpContext context = application.Context; if (context.SkipAuthorization) { if ((context.User == null) || !context.User.Identity.IsAuthenticated) { PerfCounters.IncrementCounter(AppPerfCounter.ANONYMOUS_REQUESTS); } } else { AuthorizationSection authorization = RuntimeConfig.GetConfig(context).Authorization; if (!authorization.EveryoneAllowed && !authorization.IsUserAllowed(context.User, context.Request.RequestType)) { ReportUrlAuthorizationFailure(context, this); } else { if ((context.User == null) || !context.User.Identity.IsAuthenticated) { PerfCounters.IncrementCounter(AppPerfCounter.ANONYMOUS_REQUESTS); } WebBaseEvent.RaiseSystemEvent(this, 0xfa3); } } }
internal static CompilationSection GetCompilationConfig() { if (!UseMTConfig) { return(RuntimeConfig.GetConfig().Compilation); } return(GetConfig <CompilationSection>()); }
internal static PagesSection GetPagesConfig(HttpContext context) { if (!UseMTConfig) { return(RuntimeConfig.GetConfig(context).Pages); } return(GetConfig <PagesSection>(context)); }
internal static CompilationSection GetCompilationConfig(VirtualPath vpath) { if (!UseMTConfig) { return(RuntimeConfig.GetConfig(vpath).Compilation); } return(GetConfig <CompilationSection>(vpath)); }
internal static PagesSection GetPagesConfig(VirtualPath vpath) { if (!UseMTConfig) { return(RuntimeConfig.GetConfig(vpath).Pages); } return(GetConfig <PagesSection>(vpath)); }
// Counterpart for RuntimeConfig.GetConfig(string).Compilation static internal CompilationSection GetCompilationConfig(string vpath) { if (!UseMTConfig) { return(RuntimeConfig.GetConfig(vpath).Compilation); } return(GetConfig <CompilationSection>(vpath)); }
internal static PagesSection GetPagesConfig() { if (!UseMTConfig) { return(RuntimeConfig.GetConfig().Pages); } return(GetConfig <PagesSection>()); }
// Counterpart for RuntimeConfig.GetConfig(string).Pages static internal PagesSection GetPagesConfig(string vpath) { if (!UseMTConfig) { return(RuntimeConfig.GetConfig(vpath).Pages); } return(GetConfig <PagesSection>(vpath)); }
internal static CompilationSection GetCompilationConfig(HttpContext context) { if (!UseMTConfig) { return(RuntimeConfig.GetConfig(context).Compilation); } return(GetConfig <CompilationSection>(context)); }
/// <devdoc> /// To be supplied. /// </devdoc> public override void Save() { bool requiresControlStateInSession = false; object clientData = null; Triplet vsTrip = ViewState as Triplet; // no session view state to store. if ((ControlState != null) || ((vsTrip == null || vsTrip.Second != null || vsTrip.Third != null) && ViewState != null)) { HttpSessionState session = Page.Session; string sessionViewStateID = Convert.ToString(DateTime.Now.Ticks, 16); object state = null; requiresControlStateInSession = Page.Request.Browser.RequiresControlStateInSession; if (requiresControlStateInSession) { // ClientState will just be sessionID state = new Pair(ViewState, ControlState); clientData = sessionViewStateID; } else { // ClientState will be a <sessionID, ControlState> state = ViewState; clientData = new Pair(sessionViewStateID, ControlState); } string sessionKey = _viewStateSessionKey + sessionViewStateID; session[sessionKey] = state; Queue queue = session[_viewStateQueueKey] as Queue; if (queue == null) { queue = new Queue(); session[_viewStateQueueKey] = queue; } queue.Enqueue(sessionKey); SessionPageStateSection cfg = RuntimeConfig.GetConfig(Page.Request.Context).SessionPageState; int queueCount = queue.Count; if (cfg != null && queueCount > cfg.HistorySize || cfg == null && queueCount > SessionPageStateSection.DefaultHistorySize) { string oldSessionKey = (string)queue.Dequeue(); session.Remove(oldSessionKey); } } if (clientData != null) { Page.ClientState = Util.SerializeWithAssert(StateFormatter2, new Pair(requiresControlStateInSession, clientData), Purpose.WebForms_SessionPageStatePersister_ClientState); } }
public void Init(HttpApplication application) { UrlMappingsSection urlMappings = RuntimeConfig.GetConfig().UrlMappings; if (urlMappings.IsEnabled && (urlMappings.UrlMappings.Count > 0)) { application.BeginRequest += new EventHandler(this.OnEnter); } }
// Sets the thread's CurrentCulture and CurrentUICulture to those associated // with the current HttpContext. We do this since the culture of a request can // change over its lifetime and isn't necessarily the default for the AppDomain, // e.g. if the culture was read from the request headers. private void SetRequestLevelCulture() { CultureInfo culture = null; CultureInfo uiculture = null; GlobalizationSection globConfig = RuntimeConfig.GetConfig(HttpContext).Globalization; if (!String.IsNullOrEmpty(globConfig.Culture)) { culture = HttpContext.CultureFromConfig(globConfig.Culture, true); } if (!String.IsNullOrEmpty(globConfig.UICulture)) { uiculture = HttpContext.CultureFromConfig(globConfig.UICulture, false); } if (HttpContext.DynamicCulture != null) { culture = HttpContext.DynamicCulture; } if (HttpContext.DynamicUICulture != null) { uiculture = HttpContext.DynamicUICulture; } // Page also could have its own culture settings Page page = HttpContext.CurrentHandler as Page; if (page != null) { if (page.DynamicCulture != null) { culture = page.DynamicCulture; } if (page.DynamicUICulture != null) { uiculture = page.DynamicUICulture; } } _originalThreadCurrentCulture = Thread.CurrentThread.CurrentCulture; _originalThreadCurrentUICulture = Thread.CurrentThread.CurrentUICulture; if (culture != null && culture != Thread.CurrentThread.CurrentCulture) { HttpRuntime.SetCurrentThreadCultureWithAssert(culture); } if (uiculture != null && uiculture != Thread.CurrentThread.CurrentUICulture) { Thread.CurrentThread.CurrentUICulture = uiculture; } }
internal static bool IsUserAllowedToPath(HttpContext context, VirtualPath virtualPath) { AuthorizationSection authorization = RuntimeConfig.GetConfig(context, virtualPath).Authorization; if (!authorization.EveryoneAllowed) { return(authorization.IsUserAllowed(context.User, context.Request.RequestType)); } return(true); }
internal static Encoding GetEncodingFromConfigPath(VirtualPath configPath) { Encoding fileEncoding = null; fileEncoding = RuntimeConfig.GetConfig(configPath).Globalization.FileEncoding; if (fileEncoding == null) { fileEncoding = Encoding.Default; } return(fileEncoding); }
private void SetDefaultsFromConfig() { HttpCookiesSection httpCookies = RuntimeConfig.GetConfig().HttpCookies; this._secure = httpCookies.RequireSSL; this._httpOnly = httpCookies.HttpOnlyCookies; if ((httpCookies.Domain != null) && (httpCookies.Domain.Length > 0)) { this._domain = httpCookies.Domain; } }
/// <internalonly/> /// <devdoc> /// </devdoc> protected internal override void RenderChildren(HtmlTextWriter writer) { // We need to register the script here since other controls might register // for focus during PreRender Page page = Page; if (page != null) { page.OnFormRender(); page.BeginFormRender(writer, UniqueID); } // DevDiv Bugs 154630: move custom hidden fields to the begining of the form HttpWriter httpWriter = writer.InnerWriter as HttpWriter; if (page != null && httpWriter != null && RuntimeConfig.GetConfig(Context).Pages.RenderAllHiddenFieldsAtTopOfForm) { // If the response is flushed or cleared during render, we won't be able // to move the hidden fields. Set HasBeenClearedRecently to false and // then check again when we're ready to move the fields. httpWriter.HasBeenClearedRecently = false; // Remember the index where the form begins int formBeginIndex = httpWriter.GetResponseBufferCountAfterFlush(); base.RenderChildren(writer); // Remember the index where the custom hidden fields begin int fieldsBeginIndex = httpWriter.GetResponseBufferCountAfterFlush(); page.EndFormRenderHiddenFields(writer, UniqueID); // we can only move the hidden fields if the response has not been flushed or cleared if (!httpWriter.HasBeenClearedRecently) { int fieldsEndIndex = httpWriter.GetResponseBufferCountAfterFlush(); httpWriter.MoveResponseBufferRangeForward(fieldsBeginIndex, fieldsEndIndex - fieldsBeginIndex, formBeginIndex); } page.EndFormRenderArrayAndExpandoAttribute(writer, UniqueID); page.EndFormRenderPostBackAndWebFormsScript(writer, UniqueID); page.OnFormPostRender(writer); } else { base.RenderChildren(writer); if (page != null) { page.EndFormRender(writer, UniqueID); page.OnFormPostRender(writer); } } }
public virtual IDictionary DetermineUserCapabilities(WebPartManager webPartManager) { if (webPartManager == null) { throw new ArgumentNullException("webPartManager"); } Page page = webPartManager.Page; if (page == null) { throw new ArgumentException(System.Web.SR.GetString("PropertyCannotBeNull", new object[] { "Page" }), "webPartManager"); } HttpRequest requestInternal = page.RequestInternal; if (requestInternal == null) { throw new ArgumentException(System.Web.SR.GetString("PropertyCannotBeNull", new object[] { "Page.Request" }), "webPartManager"); } IPrincipal user = null; if (requestInternal.IsAuthenticated) { user = page.User; } if (user != null) { if (this._supportedUserCapabilities == null) { this._supportedUserCapabilities = this.CreateSupportedUserCapabilities(); } if ((this._supportedUserCapabilities != null) && (this._supportedUserCapabilities.Count != 0)) { WebPartsSection webParts = RuntimeConfig.GetConfig().WebParts; if (webParts != null) { WebPartsPersonalizationAuthorization authorization = webParts.Personalization.Authorization; if (authorization != null) { IDictionary dictionary = new HybridDictionary(); foreach (WebPartUserCapability capability in this._supportedUserCapabilities) { if (authorization.IsUserAllowed(user, capability.Name)) { dictionary[capability] = capability; } } return(dictionary); } } } } return(new HybridDictionary()); }
private void SetDefaultsFromConfig() { HttpCookiesSection config = RuntimeConfig.GetConfig().HttpCookies; _secure = config.RequireSSL; _httpOnly = config.HttpOnlyCookies; if (config.Domain != null && config.Domain.Length > 0) { _domain = config.Domain; } }
public void Init(HttpApplication application) { bool urlMappingsEnabled = false; UrlMappingsSection urlMappings = RuntimeConfig.GetConfig().UrlMappings; urlMappingsEnabled = urlMappings.IsEnabled && (urlMappings.UrlMappings.Count > 0); if (urlMappingsEnabled) { application.BeginRequest += new EventHandler(OnEnter); } }
internal static bool RequestRequiresAuthorization(HttpContext context) { if (context.SkipAuthorization) { return(false); } AuthorizationSection authorization = RuntimeConfig.GetConfig(context).Authorization; if (_AnonUser == null) { _AnonUser = new GenericPrincipal(new GenericIdentity(string.Empty, string.Empty), new string[0]); } return(!authorization.IsUserAllowed(_AnonUser, context.Request.RequestType)); }
public void Init(HttpApplication app) { bool flag = false; SessionStateSection sessionState = RuntimeConfig.GetAppConfig().SessionState; if (!this.s_oneTimeInit) { s_lock.AcquireWriterLock(); try { if (!this.s_oneTimeInit) { this.InitModuleFromConfig(app, sessionState); flag = true; if (!CheckTrustLevel(sessionState)) { s_trustLevelInsufficient = true; } s_timeout = (int)sessionState.Timeout.TotalMinutes; s_useHostingIdentity = sessionState.UseHostingIdentity; if ((sessionState.Mode == SessionStateMode.InProc) && this._usingAspnetSessionIdManager) { s_allowInProcOptimization = true; } if (((sessionState.Mode != SessionStateMode.Custom) && (sessionState.Mode != SessionStateMode.Off)) && !sessionState.RegenerateExpiredSessionId) { s_allowDelayedStateStoreItemCreation = true; } s_configExecutionTimeout = RuntimeConfig.GetConfig().HttpRuntime.ExecutionTimeout; s_configRegenerateExpiredSessionId = sessionState.RegenerateExpiredSessionId; s_configCookieless = sessionState.Cookieless; s_configMode = sessionState.Mode; this.s_oneTimeInit = true; } } finally { s_lock.ReleaseWriterLock(); } } if (!flag) { this.InitModuleFromConfig(app, sessionState); } if (s_trustLevelInsufficient) { throw new HttpException(System.Web.SR.GetString("Session_state_need_higher_trust")); } }
static internal bool RequestRequiresAuthorization(HttpContext context) { if (context.SkipAuthorization) { return(false); } AuthorizationSection settings = RuntimeConfig.GetConfig(context).Authorization; // Check if the anonymous user is allowed if (_AnonUser == null) { _AnonUser = new GenericPrincipal(new GenericIdentity(String.Empty, String.Empty), new String[0]); } return(!settings.IsUserAllowed(_AnonUser, context.Request.RequestType)); }
public void SaveAs(string filename) { if (!Path.IsPathRooted(filename) && RuntimeConfig.GetConfig().HttpRuntime.RequireRootedSaveAsPath) { throw new HttpException(System.Web.SR.GetString("SaveAs_requires_rooted_path", new object[] { filename })); } FileStream s = new FileStream(filename, FileMode.Create); try { this._stream.WriteTo(s); s.Flush(); } finally { s.Close(); } }
public override void Save() { bool x = false; object y = null; Triplet viewState = base.ViewState as Triplet; if ((base.ControlState != null) || ((((viewState == null) || (viewState.Second != null)) || (viewState.Third != null)) && (base.ViewState != null))) { HttpSessionState session = base.Page.Session; string str = Convert.ToString(DateTime.Now.Ticks, 0x10); object obj3 = null; x = base.Page.Request.Browser.RequiresControlStateInSession; if (x) { obj3 = new Pair(base.ViewState, base.ControlState); y = str; } else { obj3 = base.ViewState; y = new Pair(str, base.ControlState); } string str2 = "__SESSIONVIEWSTATE" + str; session[str2] = obj3; Queue queue = session["__VIEWSTATEQUEUE"] as Queue; if (queue == null) { queue = new Queue(); session["__VIEWSTATEQUEUE"] = queue; } queue.Enqueue(str2); SessionPageStateSection sessionPageState = RuntimeConfig.GetConfig(base.Page.Request.Context).SessionPageState; int count = queue.Count; if (((sessionPageState != null) && (count > sessionPageState.HistorySize)) || ((sessionPageState == null) && (count > 9))) { string name = (string)queue.Dequeue(); session.Remove(name); } } if (y != null) { base.Page.ClientState = Util.SerializeWithAssert(base.StateFormatter, new Pair(x, y)); } }
internal HttpBufferlessInputStream(HttpContext context, bool persistEntityBody, bool disableMaxRequestLength) { _context = context; _persistEntityBody = persistEntityBody; _disableMaxRequestLength = disableMaxRequestLength; // Check max-request-length for preloaded content HttpRuntimeSection section = RuntimeConfig.GetConfig(_context).HttpRuntime; _maxRequestLength = section.MaxRequestLengthBytes; _fileThreshold = section.RequestLengthDiskThresholdBytes; if (_persistEntityBody) { _rawContent = new HttpRawUploadedContent(_fileThreshold, _context.Request.ContentLength); } int contentLength = _context.Request.ContentLength; _remainingBytes = (contentLength > 0) ? contentLength : Int32.MaxValue; _length = contentLength; }
/* * Save into file */ /// <devdoc> /// <para> /// Initiates a utility method to save an uploaded file to disk. /// </para> /// </devdoc> public void SaveAs(String filename) { // VSWhidbey 82855 if (!Path.IsPathRooted(filename)) { HttpRuntimeSection config = RuntimeConfig.GetConfig().HttpRuntime; if (config.RequireRootedSaveAsPath) { throw new HttpException(SR.GetString(SR.SaveAs_requires_rooted_path, filename)); } } FileStream f = new FileStream(filename, FileMode.Create); try { _stream.WriteTo(f); f.Flush(); } finally { f.Close(); } }
private static void EnsureHandlerExistenceChecked() { if (!_handlerExistenceChecked) { HttpContext current = HttpContext.Current; IIS7WorkerRequest request = (current != null) ? (current.WorkerRequest as IIS7WorkerRequest) : null; string path = UrlPath.Combine(HttpRuntime.AppDomainAppVirtualPathString, "WebResource.axd"); if (request != null) { string str2 = request.MapHandlerAndGetHandlerTypeString("GET", path, false); if (!string.IsNullOrEmpty(str2)) { _handlerExists = typeof(AssemblyResourceLoader) == BuildManager.GetType(str2, true, false); } } else { HttpHandlerAction action = RuntimeConfig.GetConfig(VirtualPath.Create(path)).HttpHandlers.FindMapping("GET", VirtualPath.Create("WebResource.axd")); _handlerExists = (action != null) && (action.TypeInternal == typeof(AssemblyResourceLoader)); } _handlerExistenceChecked = true; } }