Пример #1
0
        public override string SanitizeTextBody(string contentType, string body)
        {
            if (contentType.Contains("urlencoded"))
            {
                try
                {
                    // If it's been URL encoded, make sure it doesn't contain
                    // a client_secret
                    var builder = new UriBuilder()
                    {
                        Query = body
                    };
                    var query = new UriQueryParamsCollection(body);
                    if (query.ContainsKey("client_secret"))
                    {
                        query["client_secret"] = SanitizeValue;
                    }
                    return(query.ToString());
                }
                catch
                {
                }
            }

            // If anything goes wrong, don't sanitize
            return(body);
        }
Пример #2
0
        public string SanitizeQueryParameters(string queryParameters)
        {
            var query = new UriQueryParamsCollection(queryParameters);

            if (query.ContainsKey(SignatureQueryName))
            {
                query[SignatureQueryName] = SanitizeValue;
            }
            return(query.ToString());
        }
        public override string SanitizeUri(string uri)
        {
            var builder = new UriBuilder(base.SanitizeUri(uri));
            var query   = new UriQueryParamsCollection(builder.Query);

            if (query.ContainsKey(SignatureQueryName))
            {
                query[SignatureQueryName] = SanitizeValue;
                builder.Query             = query.ToString();
            }
            return(builder.Uri.ToString());
        }
        public override string SanitizeTextBody(string contentType, string body)
        {
            if (contentType.Contains("json"))
            {
                try
                {
                    // Check for auth calls to readact any access tokens
                    var reader = new Utf8JsonReader(Encoding.UTF8.GetBytes(body).AsSpan(), true, new JsonReaderState());
                    if (JsonDocument.TryParseValue(ref reader, out JsonDocument doc) &&
                        doc.RootElement.GetProperty("token_type").GetString() == "Bearer")
                    {
                        // If we found an auth call, sanitize it
                        using (var stream = new System.IO.MemoryStream())
                        {
                            using (var writer = new Utf8JsonWriter(stream))
                            {
                                writer.WriteStartObject();
                                foreach (JsonProperty property in doc.RootElement.EnumerateObject())
                                {
                                    switch (doc.RootElement.GetProperty(property.Name).ValueKind)
                                    {
                                    case JsonValueKind.Null:
                                        writer.WriteNull(property.Name);
                                        break;

                                    case JsonValueKind.True:
                                        writer.WriteBoolean(property.Name, true);
                                        break;

                                    case JsonValueKind.False:
                                        writer.WriteBoolean(property.Name, false);
                                        break;

                                    case JsonValueKind.Number:
                                        writer.WriteNumber(property.Name, property.Value.GetDouble());
                                        break;

                                    case JsonValueKind.String:
                                        writer.WriteString(
                                            property.Name,
                                            property.Name == "access_token" ?
                                            SanitizeValue :
                                            property.Value.GetString());
                                        break;
                                        // Ignore nested objects and arrays...
                                    }
                                }
                                writer.WriteEndObject();
                            }
                            return(Encoding.UTF8.GetString(stream.ToArray()));
                        }
                    }
                }
                catch
                {
                }
            }
            else if (contentType.Contains("urlencoded"))
            {
                try
                {
                    // If it's been URL encoded, make sure it doesn't contain
                    // a client_secret
                    var builder = new UriBuilder()
                    {
                        Query = body
                    };
                    var query = new UriQueryParamsCollection(body);
                    if (query.ContainsKey("client_secret"))
                    {
                        query["client_secret"] = SanitizeValue;
                    }
                    return(query.ToString());
                }
                catch
                {
                }
            }

            // If anything goes wrong, don't sanitize
            return(body);
        }
Пример #5
0
        /// <summary>
        /// Initializes a new instance of the <see cref="BlobUriBuilder"/>
        /// class with the specified <see cref="Uri"/>.
        /// </summary>
        /// <param name="uri">
        /// The <see cref="Uri"/> to a storage resource.
        /// </param>
        public BlobUriBuilder(Uri uri)
        {
            this.Scheme      = uri.Scheme;
            this.Host        = uri.Host;
            this.Port        = uri.Port;
            this.AccountName = "";

            this.ContainerName = "";
            this.BlobName      = "";

            this.Snapshot = "";
            //this.VersionId = "";
            this.Sas = null;

            // Find the account, container, & blob names (if any)
            if (!String.IsNullOrEmpty(uri.AbsolutePath))
            {
                // If path starts with a slash, remove it
                var path =
                    (uri.AbsolutePath[0] == '/')
                    ? uri.AbsolutePath.Substring(1)
                    : uri.AbsolutePath;

                var startIndex = 0;

                if (IsHostIPEndPointStyle(uri.Host))
                {
                    var accountEndIndex = path.IndexOf("/", StringComparison.InvariantCulture);

                    // Slash not found; path has account name & no container name
                    if (accountEndIndex == -1)
                    {
                        this.AccountName = path;
                        startIndex       = path.Length;
                    }
                    else
                    {
                        this.AccountName = path.Substring(0, accountEndIndex);
                        startIndex       = accountEndIndex + 1;
                    }
                }

                // Find the next slash (if it exists)
                var containerEndIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture);
                if (containerEndIndex == -1)
                {
                    this.ContainerName = path.Substring(startIndex); // Slash not found; path has container name & no blob name
                }
                else
                {
                    this.ContainerName = path.Substring(startIndex, containerEndIndex - startIndex); // The container name is the part between the slashes
                    this.BlobName      = path.Substring(containerEndIndex + 1);                      // The blob name is after the container slash
                }
            }

            // Convert the query parameters to a case-sensitive map & trim whitespace
            var paramsMap = new UriQueryParamsCollection(uri.Query);

            if (paramsMap.TryGetValue(SnapshotParameterName, out var snapshotTime))
            {
                this.Snapshot = snapshotTime;

                // If we recognized the query parameter, remove it from the map
                paramsMap.Remove(SnapshotParameterName);
            }

            //if(paramsMap.TryGetValue(VersionIdParameterName, out var versionId))
            //{
            //    this.VersionId = versionId;

            //    // If we recognized the query parameter, remove it from the map
            //    paramsMap.Remove(VersionIdParameterName);
            //}

            if (paramsMap.ContainsKey(SasVersionKey))
            {
                this.Sas = new SasQueryParameters(paramsMap);
            }

            this.UnparsedParams = paramsMap.ToString();
        }
Пример #6
0
        /// <summary>
        /// Initializes a new instance of the <see cref="FileUriBuilder"/>
        /// class with the specified <see cref="Uri"/>.
        /// </summary>
        /// <param name="uri">
        /// The <see cref="Uri"/> to a storage resource.
        /// </param>
        public FileUriBuilder(Uri uri)
        {
            this.Scheme      = uri.Scheme;
            this.Host        = uri.Host;
            this.Port        = uri.Port;
            this.AccountName = "";

            this.ShareName           = "";
            this.DirectoryOrFilePath = "";

            this.Snapshot = "";
            this.Sas      = null;

            // Find the share & directory/file path (if any)

            if (!String.IsNullOrEmpty(uri.AbsolutePath))
            {
                // If path starts with a slash, remove it

                var path =
                    (uri.AbsolutePath[0] == '/')
                    ? uri.AbsolutePath.Substring(1)
                    : uri.AbsolutePath;

                var startIndex = 0;

                if (IsHostIPEndPointStyle(uri.Host))
                {
                    var accountEndIndex = path.IndexOf("/", StringComparison.InvariantCulture);

                    // Slash not found; path has account name & no share name
                    if (accountEndIndex == -1)
                    {
                        this.AccountName = path;
                        startIndex       = path.Length;
                    }
                    else
                    {
                        this.AccountName = path.Substring(0, accountEndIndex);
                        startIndex       = accountEndIndex + 1;
                    }
                }

                // Find the next slash (if it exists)

                var shareEndIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture);
                if (shareEndIndex == -1)
                {
                    this.ShareName = path.Substring(startIndex); // Slash not found; path has share name & no directory/file path
                }
                else
                {
                    this.ShareName           = path.Substring(startIndex, shareEndIndex - startIndex); // The share name is the part between the slashes
                    this.DirectoryOrFilePath = path.Substring(shareEndIndex + 1);                      // The directory/file path name is after the share slash
                }
            }

            // Convert the query parameters to a case-sensitive map & trim whitespace

            var paramsMap = new UriQueryParamsCollection(uri.Query);

            if (paramsMap.TryGetValue(Constants.SnapshotParameterName, out var snapshotTime))
            {
                this.Snapshot = snapshotTime;

                // If we recognized the query parameter, remove it from the map
                paramsMap.Remove(Constants.SnapshotParameterName);
            }

            if (paramsMap.ContainsKey(Constants.Sas.Parameters.Version))
            {
                this.Sas = new SasQueryParameters(paramsMap);
            }

            this.UnparsedParams = paramsMap.ToString();
        }
Пример #7
0
        /// <summary>
        /// Parses a URL initializing QueueUriBuilder's fields including any SAS-related query parameters.
        /// Any other query parameters remain in the UnparsedParams field.
        /// </summary>
        /// <param name="uri"><see cref="Uri"/></param>
        public QueueUriBuilder(Uri uri)
        {
            this.Scheme      = uri.Scheme;
            this.Host        = uri.Host;
            this.Port        = uri.Port;
            this.AccountName = "";
            this.QueueName   = "";
            this.Messages    = false;
            this.MessageId   = "";
            this.Sas         = null;

            // Find the account, container, & blob names (if any)
            if (!String.IsNullOrEmpty(uri.AbsolutePath))
            {
                // If path starts with a slash, remove it
                var path =
                    (uri.AbsolutePath[0] == '/')
                    ? uri.AbsolutePath.Substring(1)
                    : uri.AbsolutePath;

                var startIndex = 0;

                if (IsHostIPEndPointStyle(uri.Host))
                {
                    var accountEndIndex = path.IndexOf("/", StringComparison.InvariantCulture);

                    // Slash not found; path has account name & no queue name
                    if (accountEndIndex == -1)
                    {
                        this.AccountName = path;
                        startIndex       = path.Length;
                    }
                    else
                    {
                        this.AccountName = path.Substring(0, accountEndIndex);
                        startIndex       = accountEndIndex + 1;
                    }
                }

                // Find the next slash (if it exists)
                var queueEndIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture);

                // Slash not found; path has queue name & no message id
                if (queueEndIndex == -1)
                {
                    this.QueueName = path.Substring(startIndex);
                }
                else
                {
                    // The queue name is the part between the slashes
                    this.QueueName = path.Substring(startIndex, queueEndIndex - startIndex);

                    // skip "messages"
                    this.Messages = true;
                    startIndex    = startIndex + (queueEndIndex - startIndex) + 1;
                    startIndex    = path.IndexOf("/", startIndex, StringComparison.InvariantCulture) + 1;

                    if (startIndex != 0)
                    {
                        // set messageId
                        this.MessageId = path.Substring(startIndex, path.Length - startIndex);
                    }
                }
            }

            // Convert the query parameters to a case-sensitive map & trim whitespace
            var paramsMap = new UriQueryParamsCollection(uri.Query);

            if (paramsMap.ContainsKey(SasVersionKey))
            {
                this.Sas = new SasQueryParameters(paramsMap);
            }
            this.UnparsedParams = paramsMap.ToString();
        }