bool IsRedirection(HttpWebResponseCore response)
{
// FIXME - there's likely a maximum number of redirection allowed because throwing an exception
switch ((int)response.RealStatusCode)
{
case 301: // Moved Permanently, RFC2616 10.3.2
// Silverlight always redirect (i.e. not just POST requests)
case 302: // Found, RFC2616 10.3.3
// main one used by ASP/ASPX Redirect
case 303: // See Other, RFC2616 10.3.4
case 304: // Not Modified, RFC2616 10.3.5
case 305: // Use Proxy, RFC2616 10.3.7
case 307: // Temporaray Redirect, RFC2616 10.3.8
// see DRT 867
return(true);
default:
return(false);
}
}
bool IsRedirection (HttpWebResponseCore response)
{
// FIXME - there's likely a maximum number of redirection allowed because throwing an exception
switch ((int) response.RealStatusCode) {
case 301: // Moved Permanently, RFC2616 10.3.2
// Silverlight always redirect (i.e. not just POST requests)
case 302: // Found, RFC2616 10.3.3
// main one used by ASP/ASPX Redirect
case 303: // See Other, RFC2616 10.3.4
case 304: // Not Modified, RFC2616 10.3.5
case 305: // Use Proxy, RFC2616 10.3.7
case 307: // Temporaray Redirect, RFC2616 10.3.8
// see DRT 867
return true;
default:
return false;
}
}
private void EndCallback(IAsyncResult result)
{
WebRequest wreq = (result.AsyncState as WebRequest);
// new in SL4 - unlike others it can be set (earlier) and is not checked later (CheckProtocolViolation)
if (wreq.Headers.ContainsKey("Proxy-Authorization"))
{
if (!SecurityManager.HasElevatedPermissions)
{
async_result.Exception = new SecurityException("'Proxy-Authorization' cannot be set unless running in elevated trust");
async_result.SetComplete();
return;
}
}
try {
HttpWebResponseCore wres = (HttpWebResponseCore)wreq.EndGetResponse(result);
// Redirection Error
// Normal Request allowed throw
// Policy Request throw ignore (no policy)
if (IsRedirection(wres))
{
if (IsDownloadingPolicy())
{
// redirection is NOT allowed for policy files
async_result.Exception = new SecurityException("Cannot redirect policy files");
async_result.SetComplete();
}
else
{
string location = wres.InternalHeaders ["Location"];
Uri redirect = new Uri(location, UriKind.RelativeOrAbsolute);
if (!redirect.IsAbsoluteUri)
{
redirect = new Uri(wreq.RequestUri, redirect);
}
// Silverlight does NOT redirect POST as POST to avoid cross site attacks - see DRT #866 or
// http://blogs.msdn.com/jackgr/archive/2010/04/19/silverlight-clients-and-appfabric-access-control.aspx
if ((String.Compare(method, "HEAD", StringComparison.OrdinalIgnoreCase) == 0) ||
(String.Compare(method, "GET", StringComparison.OrdinalIgnoreCase) == 0))
{
GetResponse(method, redirect, true);
}
else
{
GetResponse("GET", redirect, false);
}
}
}
else if (wres.StatusCode != HttpStatusCode.OK)
{
// policy file could be missing, but then it means no policy
if (!IsDownloadingPolicy())
{
async_result.Response = wres;
async_result.Exception = NotFound(wres.ResponseUri.Scheme, wres);
async_result.SetComplete();
}
else
{
async_result.SetComplete();
}
}
else
{
wres.SetMethod(Method);
async_result.Response = wres;
async_result.SetComplete();
}
}
catch (Exception e) {
async_result.Exception = NotFound(wreq.RequestUri.Scheme, async_result.Response ?? new NotFoundWebResponse());
async_result.SetComplete();
}
}
