public override string SanitizeTextBody(string contentType, string body) { if (contentType.Contains("urlencoded")) { try { // If it's been URL encoded, make sure it doesn't contain // a client_secret var builder = new UriBuilder() { Query = body }; var query = new UriQueryParamsCollection(body); if (query.ContainsKey("client_secret")) { query["client_secret"] = SanitizeValue; } return(query.ToString()); } catch { } } // If anything goes wrong, don't sanitize return(body); }
public string SanitizeQueryParameters(string queryParameters) { var query = new UriQueryParamsCollection(queryParameters); if (query.ContainsKey(SignatureQueryName)) { query[SignatureQueryName] = SanitizeValue; } return(query.ToString()); }
public override string SanitizeUri(string uri) { var builder = new UriBuilder(base.SanitizeUri(uri)); var query = new UriQueryParamsCollection(builder.Query); if (query.ContainsKey(SignatureQueryName)) { query[SignatureQueryName] = SanitizeValue; builder.Query = query.ToString(); } return(builder.Uri.ToString()); }
public override string SanitizeTextBody(string contentType, string body) { if (contentType.Contains("json")) { try { // Check for auth calls to readact any access tokens var reader = new Utf8JsonReader(Encoding.UTF8.GetBytes(body).AsSpan(), true, new JsonReaderState()); if (JsonDocument.TryParseValue(ref reader, out JsonDocument doc) && doc.RootElement.GetProperty("token_type").GetString() == "Bearer") { // If we found an auth call, sanitize it using (var stream = new System.IO.MemoryStream()) { using (var writer = new Utf8JsonWriter(stream)) { writer.WriteStartObject(); foreach (JsonProperty property in doc.RootElement.EnumerateObject()) { switch (doc.RootElement.GetProperty(property.Name).ValueKind) { case JsonValueKind.Null: writer.WriteNull(property.Name); break; case JsonValueKind.True: writer.WriteBoolean(property.Name, true); break; case JsonValueKind.False: writer.WriteBoolean(property.Name, false); break; case JsonValueKind.Number: writer.WriteNumber(property.Name, property.Value.GetDouble()); break; case JsonValueKind.String: writer.WriteString( property.Name, property.Name == "access_token" ? SanitizeValue : property.Value.GetString()); break; // Ignore nested objects and arrays... } } writer.WriteEndObject(); } return(Encoding.UTF8.GetString(stream.ToArray())); } } } catch { } } else if (contentType.Contains("urlencoded")) { try { // If it's been URL encoded, make sure it doesn't contain // a client_secret var builder = new UriBuilder() { Query = body }; var query = new UriQueryParamsCollection(body); if (query.ContainsKey("client_secret")) { query["client_secret"] = SanitizeValue; } return(query.ToString()); } catch { } } // If anything goes wrong, don't sanitize return(body); }
/// <summary> /// Initializes a new instance of the <see cref="BlobUriBuilder"/> /// class with the specified <see cref="Uri"/>. /// </summary> /// <param name="uri"> /// The <see cref="Uri"/> to a storage resource. /// </param> public BlobUriBuilder(Uri uri) { this.Scheme = uri.Scheme; this.Host = uri.Host; this.Port = uri.Port; this.AccountName = ""; this.ContainerName = ""; this.BlobName = ""; this.Snapshot = ""; //this.VersionId = ""; this.Sas = null; // Find the account, container, & blob names (if any) if (!String.IsNullOrEmpty(uri.AbsolutePath)) { // If path starts with a slash, remove it var path = (uri.AbsolutePath[0] == '/') ? uri.AbsolutePath.Substring(1) : uri.AbsolutePath; var startIndex = 0; if (IsHostIPEndPointStyle(uri.Host)) { var accountEndIndex = path.IndexOf("/", StringComparison.InvariantCulture); // Slash not found; path has account name & no container name if (accountEndIndex == -1) { this.AccountName = path; startIndex = path.Length; } else { this.AccountName = path.Substring(0, accountEndIndex); startIndex = accountEndIndex + 1; } } // Find the next slash (if it exists) var containerEndIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture); if (containerEndIndex == -1) { this.ContainerName = path.Substring(startIndex); // Slash not found; path has container name & no blob name } else { this.ContainerName = path.Substring(startIndex, containerEndIndex - startIndex); // The container name is the part between the slashes this.BlobName = path.Substring(containerEndIndex + 1); // The blob name is after the container slash } } // Convert the query parameters to a case-sensitive map & trim whitespace var paramsMap = new UriQueryParamsCollection(uri.Query); if (paramsMap.TryGetValue(SnapshotParameterName, out var snapshotTime)) { this.Snapshot = snapshotTime; // If we recognized the query parameter, remove it from the map paramsMap.Remove(SnapshotParameterName); } //if(paramsMap.TryGetValue(VersionIdParameterName, out var versionId)) //{ // this.VersionId = versionId; // // If we recognized the query parameter, remove it from the map // paramsMap.Remove(VersionIdParameterName); //} if (paramsMap.ContainsKey(SasVersionKey)) { this.Sas = new SasQueryParameters(paramsMap); } this.UnparsedParams = paramsMap.ToString(); }
/// <summary> /// Initializes a new instance of the <see cref="FileUriBuilder"/> /// class with the specified <see cref="Uri"/>. /// </summary> /// <param name="uri"> /// The <see cref="Uri"/> to a storage resource. /// </param> public FileUriBuilder(Uri uri) { this.Scheme = uri.Scheme; this.Host = uri.Host; this.Port = uri.Port; this.AccountName = ""; this.ShareName = ""; this.DirectoryOrFilePath = ""; this.Snapshot = ""; this.Sas = null; // Find the share & directory/file path (if any) if (!String.IsNullOrEmpty(uri.AbsolutePath)) { // If path starts with a slash, remove it var path = (uri.AbsolutePath[0] == '/') ? uri.AbsolutePath.Substring(1) : uri.AbsolutePath; var startIndex = 0; if (IsHostIPEndPointStyle(uri.Host)) { var accountEndIndex = path.IndexOf("/", StringComparison.InvariantCulture); // Slash not found; path has account name & no share name if (accountEndIndex == -1) { this.AccountName = path; startIndex = path.Length; } else { this.AccountName = path.Substring(0, accountEndIndex); startIndex = accountEndIndex + 1; } } // Find the next slash (if it exists) var shareEndIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture); if (shareEndIndex == -1) { this.ShareName = path.Substring(startIndex); // Slash not found; path has share name & no directory/file path } else { this.ShareName = path.Substring(startIndex, shareEndIndex - startIndex); // The share name is the part between the slashes this.DirectoryOrFilePath = path.Substring(shareEndIndex + 1); // The directory/file path name is after the share slash } } // Convert the query parameters to a case-sensitive map & trim whitespace var paramsMap = new UriQueryParamsCollection(uri.Query); if (paramsMap.TryGetValue(Constants.SnapshotParameterName, out var snapshotTime)) { this.Snapshot = snapshotTime; // If we recognized the query parameter, remove it from the map paramsMap.Remove(Constants.SnapshotParameterName); } if (paramsMap.ContainsKey(Constants.Sas.Parameters.Version)) { this.Sas = new SasQueryParameters(paramsMap); } this.UnparsedParams = paramsMap.ToString(); }
/// <summary> /// Parses a URL initializing QueueUriBuilder's fields including any SAS-related query parameters. /// Any other query parameters remain in the UnparsedParams field. /// </summary> /// <param name="uri"><see cref="Uri"/></param> public QueueUriBuilder(Uri uri) { this.Scheme = uri.Scheme; this.Host = uri.Host; this.Port = uri.Port; this.AccountName = ""; this.QueueName = ""; this.Messages = false; this.MessageId = ""; this.Sas = null; // Find the account, container, & blob names (if any) if (!String.IsNullOrEmpty(uri.AbsolutePath)) { // If path starts with a slash, remove it var path = (uri.AbsolutePath[0] == '/') ? uri.AbsolutePath.Substring(1) : uri.AbsolutePath; var startIndex = 0; if (IsHostIPEndPointStyle(uri.Host)) { var accountEndIndex = path.IndexOf("/", StringComparison.InvariantCulture); // Slash not found; path has account name & no queue name if (accountEndIndex == -1) { this.AccountName = path; startIndex = path.Length; } else { this.AccountName = path.Substring(0, accountEndIndex); startIndex = accountEndIndex + 1; } } // Find the next slash (if it exists) var queueEndIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture); // Slash not found; path has queue name & no message id if (queueEndIndex == -1) { this.QueueName = path.Substring(startIndex); } else { // The queue name is the part between the slashes this.QueueName = path.Substring(startIndex, queueEndIndex - startIndex); // skip "messages" this.Messages = true; startIndex = startIndex + (queueEndIndex - startIndex) + 1; startIndex = path.IndexOf("/", startIndex, StringComparison.InvariantCulture) + 1; if (startIndex != 0) { // set messageId this.MessageId = path.Substring(startIndex, path.Length - startIndex); } } } // Convert the query parameters to a case-sensitive map & trim whitespace var paramsMap = new UriQueryParamsCollection(uri.Query); if (paramsMap.ContainsKey(SasVersionKey)) { this.Sas = new SasQueryParameters(paramsMap); } this.UnparsedParams = paramsMap.ToString(); }