public override bool IsValidForRequest(ControllerContext controllerContext, MethodInfo methodInfo) { var httpMethod = (string)(controllerContext.RouteData.Values["httpMethod"] ?? controllerContext.HttpContext.Request.GetHttpMethod()); return(HttpMethods.Contains(httpMethod)); }
internal bool SupportHttpMethod(string method) { // If the Httpmethods is empty, let it go if (HttpMethods.Count == 0) { return(true); } return(HttpMethods.Contains(method)); }
public RouteResolutionResult Apply(object request, string httpMethod) { if (!this.IsValid) { return(RouteResolutionResult.Error(this.ErrorMsg)); } if (HttpMethods != null && HttpMethods.Length != 0 && httpMethod != null && !HttpMethods.Contains(httpMethod) && !HttpMethods.Contains("ANY")) { return(RouteResolutionResult.Error("Allowed HTTP methods '{0}' does not support the specified '{1}' method." .Fmt(HttpMethods.Join(", "), httpMethod))); } var uri = this.Path; var unmatchedVariables = new List <string>(); foreach (var variable in this.variablesMap) { var property = variable.Value; var value = property.GetValue(request, null); if (value == null) { unmatchedVariables.Add(variable.Key); continue; } var variableValue = FormatVariable(value); uri = uri.Replace(VariablePrefix + variable.Key + VariablePostfix, variableValue); } if (unmatchedVariables.Any()) { var errMsg = "Could not match following variables: " + string.Join(",", unmatchedVariables.ToArray()); return(RouteResolutionResult.Error(errMsg)); } return(RouteResolutionResult.Success(uri)); }
/// <summary>Determines the request type.</summary> /// <param name="request"/> /// <returns/> public CORSFilter.CORSRequestType CheckRequestType(IHttpServletRequest request) { CORSFilter.CORSRequestType requestType = CORSFilter.CORSRequestType.InvalidCors; if (request == null) { throw new ArgumentException("HttpServletRequest object is null"); } string originHeader = request.GetHeader(RequestHeaderOrigin); // Section 6.1.1 and Section 6.2.1 if (originHeader != null) { if (originHeader.IsEmpty()) { requestType = CORSFilter.CORSRequestType.InvalidCors; } else { if (!IsValidOrigin(originHeader)) { requestType = CORSFilter.CORSRequestType.InvalidCors; } else { string method = request.GetMethod(); if (method != null && HttpMethods.Contains(method)) { if ("OPTIONS".Equals(method)) { string accessControlRequestMethodHeader = request.GetHeader(RequestHeaderAccessControlRequestMethod); if (accessControlRequestMethodHeader != null && !accessControlRequestMethodHeader.IsEmpty()) { requestType = CORSFilter.CORSRequestType.PreFlight; } else { if (accessControlRequestMethodHeader != null && accessControlRequestMethodHeader.IsEmpty()) { requestType = CORSFilter.CORSRequestType.InvalidCors; } else { requestType = CORSFilter.CORSRequestType.Actual; } } } else { if ("GET".Equals(method) || "HEAD".Equals(method)) { requestType = CORSFilter.CORSRequestType.Simple; } else { if ("POST".Equals(method)) { string contentType = request.GetContentType(); if (contentType != null) { contentType = contentType.ToLower().Trim(); if (SimpleHttpRequestContentTypeValues.Contains(contentType)) { requestType = CORSFilter.CORSRequestType.Simple; } else { requestType = CORSFilter.CORSRequestType.Actual; } } } else { if (ComplexHttpMethods.Contains(method)) { requestType = CORSFilter.CORSRequestType.Actual; } } } } } } } } else { requestType = CORSFilter.CORSRequestType.NotCors; } return(requestType); }
/// <summary>Handles CORS pre-flight request.</summary> /// <param name="request"> /// The /// <see cref="Javax.Servlet.Http.IHttpServletRequest"/> /// object. /// </param> /// <param name="response"> /// The /// <see cref="Javax.Servlet.Http.IHttpServletResponse"/> /// object. /// </param> /// <param name="filterChain"> /// The /// <see cref="Javax.Servlet.IFilterChain"/> /// object. /// </param> /// <exception cref="System.IO.IOException"/> /// <exception cref="Javax.Servlet.ServletException"/> public void HandlePreflightCORS(IHttpServletRequest request, IHttpServletResponse response, IFilterChain filterChain) { CORSFilter.CORSRequestType requestType = CheckRequestType(request); if (requestType != CORSFilter.CORSRequestType.PreFlight) { throw new ArgumentException("Expects a HttpServletRequest object of type " + CORSFilter.CORSRequestType.PreFlight.ToString().ToLower()); } string origin = request.GetHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.RequestHeaderOrigin); // Section 6.2.2 if (!IsOriginAllowed(origin)) { HandleInvalidCORS(request, response, filterChain); return; } // Section 6.2.3 string accessControlRequestMethod = request.GetHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.RequestHeaderAccessControlRequestMethod); if (accessControlRequestMethod == null || (!HttpMethods.Contains(accessControlRequestMethod.Trim()))) { HandleInvalidCORS(request, response, filterChain); return; } else { accessControlRequestMethod = accessControlRequestMethod.Trim(); } // Section 6.2.4 string accessControlRequestHeadersHeader = request.GetHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.RequestHeaderAccessControlRequestHeaders); IList <string> accessControlRequestHeaders = new LinkedList <string>(); if (accessControlRequestHeadersHeader != null && !accessControlRequestHeadersHeader.Trim().IsEmpty()) { string[] headers = accessControlRequestHeadersHeader.Trim().Split(","); foreach (string header in headers) { accessControlRequestHeaders.Add(header.Trim().ToLower()); } } // Section 6.2.5 if (!allowedHttpMethods.Contains(accessControlRequestMethod)) { HandleInvalidCORS(request, response, filterChain); return; } // Section 6.2.6 if (!accessControlRequestHeaders.IsEmpty()) { foreach (string header in accessControlRequestHeaders) { if (!allowedHttpHeaders.Contains(header)) { HandleInvalidCORS(request, response, filterChain); return; } } } // Section 6.2.7 if (supportsCredentials) { response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowOrigin, origin); response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowCredentials, "true"); } else { if (anyOriginAllowed) { response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowOrigin, "*"); } else { response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowOrigin, origin); } } // Section 6.2.8 if (preflightMaxAge > 0) { response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlMaxAge, preflightMaxAge.ToString()); } // Section 6.2.9 response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowMethods, accessControlRequestMethod); // Section 6.2.10 if ((allowedHttpHeaders != null) && (!allowedHttpHeaders.IsEmpty())) { response.AddHeader(Edu.Stanford.Nlp.Naturalli.Demo.CORSFilter.ResponseHeaderAccessControlAllowHeaders, Join(allowedHttpHeaders, ",")); } }