public override void Load() { // depend on HiddenFieldPageStatePersister for heavy lifting and crypto base.Load(); CompressedSerializedData compressedData = ViewState as CompressedSerializedData; if (compressedData == null && ControlState != null) { // the underlying data was not compressed return; } // decompress using (MemoryStream uncompressedStream = new MemoryStream()) { using (GZipStream zipStream = new GZipStream(uncompressedStream, CompressionMode.Decompress, leaveOpen: true)) { zipStream.Write(compressedData.RawData, 0, compressedData.RawData.Length); } uncompressedStream.Position = 0; ObjectStateFormatter formatter = new ObjectStateFormatter(); Pair pair = (Pair)formatter.Deserialize(uncompressedStream); // extract ViewState = pair.First; ControlState = pair.Second; } }
private void context_PreRequestHandlerExecute(object sender, EventArgs e) { var app = sender as HttpApplication; if (app != null) { var ctx = app.Context; if (ctx.Request.AppRelativeCurrentExecutionFilePath.ToLowerInvariant().Contains("MakeTransfer.aspx".ToLowerInvariant())) { return; } if (ctx.Handler != null) { var page = ctx.Handler as Page; if (page != null) { page.PreRender += page_PreRender; if (ctx.Request.HttpMethod.Equals("POST", StringComparison.OrdinalIgnoreCase)) { var cookie = ctx.Request.Cookies[cookieName]; var hidden = ctx.Request.Form[hiddenField]; var cookieValue = string.Empty; if (cookie != null) { cookieValue = cookie.Value; } if (string.IsNullOrWhiteSpace(cookieValue) && string.IsNullOrWhiteSpace(hidden)) { throw new Exception("Cookie and Form field missing"); } if (string.IsNullOrWhiteSpace(cookieValue)) { throw new Exception("Cookie missing"); } if (string.IsNullOrWhiteSpace(hidden)) { throw new Exception("Form field missing"); } var tokenField = string.Empty; var osf = new ObjectStateFormatter(); try { tokenField = osf.Deserialize(hidden).ToString(); //tokenField = hidden; } catch { throw new Exception("Invalid form field format"); } if (string.IsNullOrWhiteSpace(tokenField)) { throw new Exception("Invalid token"); } if (!tokenField.Equals(cookieValue)) { throw new Exception("Tokens mismatch"); } } } } } }
/// <summary> /// Deserializes a string generated by <see cref="UploadSession.Serialize" /> into an <see cref="UploadSession" /> instance. /// </summary> /// <param name="value">The string to deserialize.</param> /// <returns>An <see cref="UploadSession" /> instance.</returns> public static UploadSession Deserialize(string value) { ObjectStateFormatter formatter = new ObjectStateFormatter(); object[] values = formatter.Deserialize(value) as object[]; if (values != null && values.Length > 0) return new UploadSession(values); else return null; }
public void readExternal (java.io.ObjectInput __p1) { Page page = CurrentPage; ObjectStateFormatter osf = new ObjectStateFormatter (page); ObjectInputStream inputStream = new ObjectInputStream (__p1); if (page.NeedViewStateEncryption || page.EnableViewStateMac) _state = osf.Deserialize ((string) inputStream.readObject ()); else _state = osf.Deserialize (inputStream); }
public static object StringDeserialize(string objString) { ObjectStateFormatter osf = new ObjectStateFormatter(); return osf.Deserialize(objString); }
internal static object GetStringDeserialized(string value) { value = value.Replace(' ', '+'); // TODO: decrypt ObjectStateFormatter formatter = new ObjectStateFormatter(); if (string.IsNullOrEmpty(value)) return null; else if (value.StartsWith("session-")) return UploadSession.Deserialize(value.Substring("session-".Length)); else if (value.StartsWith("request-")) return UploadRequest.Deserialize(value.Substring("request-".Length)); else if (value.StartsWith("sessionlist-")) { string[] uploadSessionStrings = (string[])formatter.Deserialize(value.Substring("sessionlist-".Length)); List<UploadSession> sessions = new List<UploadSession>(); foreach (string sessionString in uploadSessionStrings) sessions.Add(UploadSession.Deserialize(sessionString)); return sessions; } else if (value.StartsWith("requestlist-")) { string[] uploadRequestStrings = (string[])formatter.Deserialize(value.Substring("requestlist-".Length)); List<UploadRequest> requests = new List<UploadRequest>(); foreach (string requestString in uploadRequestStrings) requests.Add(UploadRequest.Deserialize(requestString)); return requests; } else return formatter.Deserialize(value); }