示例#1
0
        /// <summary>
        /// Limits the length of the query string.
        /// </summary>
        /// <param name="builder">The OWIN builder instance.</param>
        /// <param name="options">The max querystring length options.</param>
        /// <returns>The OWIN builder instance.</returns>
        /// <exception cref="System.ArgumentNullException">builder</exception>
        /// <exception cref="System.ArgumentNullException">options</exception>
        public static BuildFunc MaxQueryStringLength(this BuildFunc builder, MaxQueryStringLengthOptions options)
        {
            builder.MustNotNull("builder");
            options.MustNotNull("options");

            builder(_ => MaxQueryStringLength(options));
            return builder;
        }
示例#2
0
        /// <summary>
        /// Limits the length of the query string.
        /// </summary>
        /// <param name="builder">The IAppBuilder instance.</param>
        /// <param name="options">The max querystring length options.</param>
        /// <returns>The IAppBuilder instance.</returns>
        /// <exception cref="System.ArgumentNullException">builder</exception>
        public static IAppBuilder MaxQueryStringLength(this IAppBuilder builder, MaxQueryStringLengthOptions options)
        {
            builder.MustNotNull("builder");
            options.MustNotNull("options");

            builder
               .UseOwin()
               .MaxQueryStringLength(options);

            return builder;
        }
示例#3
0
        /// <summary>
        /// Limits the number of concurrent requests that can be handled used by the subsequent stages in the owin pipeline.
        /// </summary>
        /// <param name="options">The max concurrent request options.</param>
        /// <returns>An OWIN middleware delegate.</returns>
        /// <exception cref="System.ArgumentNullException">options</exception>
        public static MidFunc MaxQueryStringLength(MaxQueryStringLengthOptions options)
        {
            options.MustNotNull("options");

            return
                next =>
                async env =>
                {
                    var context = new OwinContext(env);
                    QueryString queryString = context.Request.QueryString;
                    if (queryString.HasValue)
                    {
                        int maxQueryStringLength = options.MaxQueryStringLength;
                        string unescapedQueryString = Uri.UnescapeDataString(queryString.Value);
                        options.Tracer.AsVerbose("Querystring of request with an unescaped length of {0}", unescapedQueryString.Length);
                        if (unescapedQueryString.Length > maxQueryStringLength)
                        {
                            options.Tracer.AsInfo("Querystring (Length {0}) too long (allowed {1}). Request rejected.",
                                unescapedQueryString.Length,
                                maxQueryStringLength);
                            context.Response.StatusCode = 414;
                            context.Response.ReasonPhrase = options.LimitReachedReasonPhrase(context.Response.StatusCode);
                            return;
                        }
                        options.Tracer.AsVerbose("Querystring length check passed.");
                    }
                    else
                    {
                        options.Tracer.AsVerbose("No querystring.");
                    }
                    await next(env);
                };
        }