private void CreateInputHtmlCollection(SecureNameValueCollection collection, SecureHttpBuffer buffer, Uri redirectUrl, int majorCasVersion) { foreach (string text in collection) { buffer.CopyAtCurrentPosition("<input type='hidden' name='"); buffer.CopyAtCurrentPosition(text); buffer.CopyAtCurrentPosition("' value='"); if (text == "password") { SecureString securePassword; collection.TryGetSecureValue(text, out securePassword); using (SecureArray <char> secureArray = securePassword.TransformToSecureCharArray(new CharTransformDelegate(FbaFormPostProxyRequestHandler.EncodeForSingleQuotedAttribute))) { buffer.CopyAtCurrentPosition(secureArray); goto IL_14B; } goto IL_72; } goto IL_72; IL_14B: buffer.CopyAtCurrentPosition("'>"); continue; IL_72: string text2; if (!(text == "destination")) { collection.TryGetUnsecureValue(text, out text2); buffer.CopyAtCurrentPosition(EncodingUtilities.HtmlEncode(text2)); goto IL_14B; } collection.TryGetUnsecureValue(text, out text2); Uri uri; if (!Uri.TryCreate(text2, UriKind.Absolute, out uri)) { throw new HttpException(400, "destination value is not valid"); } StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append(redirectUrl.Scheme); stringBuilder.Append(Uri.SchemeDelimiter); stringBuilder.Append(redirectUrl.Authority); if (FbaFormPostProxyRequestHandler.IsOwaUrl(uri, OwaUrl.AuthPost, true)) { stringBuilder.Append(OwaUrl.ApplicationRoot.ImplicitUrl); } else if (string.IsNullOrEmpty(this.explicitLogonUser)) { stringBuilder.Append(redirectUrl.PathAndQuery); } else { stringBuilder.Append(uri.PathAndQuery); } buffer.CopyAtCurrentPosition(stringBuilder.ToString()); goto IL_14B; } }
protected void RenderErrorDetails() { if (!this.errorInformation.GroupMailbox) { Strings.IDs ds; if (HttpContext.Current != null && HttpContext.Current.Request != null && HttpContext.Current.Request.QueryString["msg"] != null && Enum.TryParse <Strings.IDs>(HttpContext.Current.Request.QueryString["msg"], out ds)) { string text = ErrorFE.SafeErrorMessagesNoHtmlEncoding.Contains(ds) ? Strings.GetLocalizedString(ds) : LocalizedStrings.GetHtmlEncoded(ds); List <string> list = Microsoft.Exchange.Clients.Common.ErrorInformation.ParseMessageParameters(text, HttpContext.Current.Request); if (list != null && list.Count > 0) { for (int i = 0; i < list.Count; i++) { list[i] = EncodingUtilities.HtmlEncode(list[i]); } if (ErrorFE.MessagesToRenderLogoutLinks.Contains(ds) || ErrorFE.MessagesToRenderLoginLinks.Contains(ds)) { ErrorFE.AddSafeLinkToMessageParametersList(ds, HttpContext.Current.Request, ref list); } base.Response.Write(string.Format(text, list.ToArray())); return; } if (!ErrorFE.MessagesToRenderLogoutLinks.Contains(ds) && !ErrorFE.MessagesToRenderLoginLinks.Contains(ds)) { base.Response.Write(text); return; } list = new List <string>(); ErrorFE.AddSafeLinkToMessageParametersList(ds, HttpContext.Current.Request, ref list); if (list.Count > 0) { base.Response.Write(string.Format(text, list.ToArray())); return; } } else { if (this.errorInformation.HttpCode == 404) { base.Response.Write(LocalizedStrings.GetHtmlEncoded(236137810)); return; } if (this.errorInformation.HttpCode == 302) { LegacyRedirectTypeOptions?legacyRedirectTypeOptions = HttpContext.Current.Items["redirectType"] as LegacyRedirectTypeOptions?; if (legacyRedirectTypeOptions == null || legacyRedirectTypeOptions != LegacyRedirectTypeOptions.Manual) { base.Response.Redirect(this.errorInformation.RedirectionUrl); return; } base.Response.Write(LocalizedStrings.GetHtmlEncoded(967320822)); base.Response.Write("<br/>"); base.Response.Write(string.Format("<a href=\"{0}\">{0}</a>", this.errorInformation.RedirectionUrl)); base.Response.Headers.Add("X-OWA-FEError", ErrorFE.FEErrorCodes.CasRedirect.ToString()); return; } else { base.Response.Write(LocalizedStrings.GetHtmlEncoded(236137783)); } } return; } if (this.errorInformation.GroupMailboxDestination == "conv") { base.Response.Write(LocalizedStrings.GetHtmlEncoded(-364732161)); return; } if (this.errorInformation.GroupMailboxDestination == "cal") { base.Response.Write(LocalizedStrings.GetHtmlEncoded(-292781713)); } }
public static void HtmlEncode(string s, TextWriter writer) { EncodingUtilities.HtmlEncode(s, writer, false); }