// Token: 0x0600055E RID: 1374 RVA: 0x0001E0B0 File Offset: 0x0001C2B0 private void CreateInputHtmlCollection(SecureNameValueCollection collection, SecureHttpBuffer buffer, Uri redirectUrl, int majorCasVersion) { foreach (string text in collection) { buffer.CopyAtCurrentPosition("<input type='hidden' name='"); buffer.CopyAtCurrentPosition(text); buffer.CopyAtCurrentPosition("' value='"); if (text == "password") { SecureString secureString; collection.TryGetSecureValue(text, out secureString); using (SecureArray <char> secureArray = SecureStringExtensions.TransformToSecureCharArray(secureString, new CharTransformDelegate(FbaFormPostProxyRequestHandler.EncodeForSingleQuotedAttribute))) { buffer.CopyAtCurrentPosition(secureArray); goto IL_14D; } goto IL_74; } goto IL_74; IL_14D: buffer.CopyAtCurrentPosition("'>"); continue; IL_74: string text2; if (!(text == "destination")) { collection.TryGetUnsecureValue(text, out text2); buffer.CopyAtCurrentPosition(EncodingUtilities.HtmlEncode(text2)); goto IL_14D; } collection.TryGetUnsecureValue(text, out text2); Uri uri; if (!Uri.TryCreate(text2, UriKind.Absolute, out uri)) { throw new HttpException(400, "destination value is not valid"); } StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append(redirectUrl.Scheme); stringBuilder.Append(Uri.SchemeDelimiter); stringBuilder.Append(redirectUrl.Authority); if (FbaFormPostProxyRequestHandler.IsOwaUrl(uri, OwaUrl.AuthPost, true)) { stringBuilder.Append(OwaUrl.ApplicationRoot.ImplicitUrl); } else if (string.IsNullOrEmpty(this.explicitLogonUser)) { stringBuilder.Append(redirectUrl.PathAndQuery); } else { stringBuilder.Append(uri.PathAndQuery); } buffer.CopyAtCurrentPosition(stringBuilder.ToString()); goto IL_14D; } }