private static FileInfo GetFileInfo(string virtualPathWithPathInfo, string physicalPath, HttpResponse response) { FileInfo info; if (!FileUtil.FileExists(physicalPath)) { throw new HttpException(0x194, System.Web.SR.GetString("File_does_not_exist")); } if (physicalPath[physicalPath.Length - 1] == '.') { throw new HttpException(0x194, System.Web.SR.GetString("File_does_not_exist")); } try { info = new FileInfo(physicalPath); } catch (IOException exception) { if (!HttpRuntime.HasFilePermission(physicalPath)) { throw new HttpException(0x194, System.Web.SR.GetString("Error_trying_to_enumerate_files")); } throw new HttpException(0x194, System.Web.SR.GetString("Error_trying_to_enumerate_files"), exception); } catch (SecurityException exception2) { if (!HttpRuntime.HasFilePermission(physicalPath)) { throw new HttpException(0x191, System.Web.SR.GetString("File_enumerator_access_denied")); } throw new HttpException(0x191, System.Web.SR.GetString("File_enumerator_access_denied"), exception2); } if ((info.Attributes & FileAttributes.Hidden) != 0) { throw new HttpException(0x194, System.Web.SR.GetString("File_is_hidden")); } if ((info.Attributes & FileAttributes.Directory) != 0) { if (StringUtil.StringEndsWith(virtualPathWithPathInfo, '/')) { throw new HttpException(0x193, System.Web.SR.GetString("Missing_star_mapping")); } response.Redirect(virtualPathWithPathInfo + "/"); } return(info); }
internal static string GetSourceFileLines(string fileName, Encoding encoding, string sourceCode, int lineNumber) { if ((fileName != null) && !HttpRuntime.HasFilePermission(fileName)) { return(System.Web.SR.GetString("WithFile_No_Relevant_Line")); } StringBuilder builder = new StringBuilder(); if (lineNumber <= 0) { return(System.Web.SR.GetString("WithFile_No_Relevant_Line")); } TextReader reader = null; string virtualPathFromHttpLinePragma = ErrorFormatter.GetVirtualPathFromHttpLinePragma(fileName); if (virtualPathFromHttpLinePragma != null) { Stream stream = VirtualPathProvider.OpenFile(virtualPathFromHttpLinePragma); if (stream != null) { reader = Util.ReaderFromStream(stream, System.Web.VirtualPath.Create(virtualPathFromHttpLinePragma)); } } try { if ((reader == null) && (fileName != null)) { reader = new StreamReader(fileName, encoding, true, 0x1000); } } catch { } if (reader == null) { if (sourceCode == null) { return(System.Web.SR.GetString("WithFile_No_Relevant_Line")); } reader = new StringReader(sourceCode); } try { string str2; bool flag = false; if (ErrorFormatter.IsTextRightToLeft) { builder.Append("<div dir=\"ltr\">"); } int num = 1; Label_0098: str2 = reader.ReadLine(); if (str2 != null) { if (num == lineNumber) { builder.Append("<font color=red>"); } if ((num >= (lineNumber - 2)) && (num <= (lineNumber + 2))) { flag = true; string str3 = num.ToString("G", CultureInfo.CurrentCulture); builder.Append(System.Web.SR.GetString("WithFile_Line_Num", new object[] { str3 })); if (str3.Length < 3) { builder.Append(' ', 3 - str3.Length); } builder.Append(HttpUtility.HtmlEncode(str2)); if (num != (lineNumber + 2)) { builder.Append("\r\n"); } } if (num == lineNumber) { builder.Append("</font>"); } if (num <= (lineNumber + 2)) { num++; goto Label_0098; } } if (ErrorFormatter.IsTextRightToLeft) { builder.Append("</div>"); } if (!flag) { return(System.Web.SR.GetString("WithFile_No_Relevant_Line")); } } finally { reader.Close(); } return(builder.ToString()); }
///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// public void ProcessRequest(HttpContext context) { FileInfo file; HttpRequest request = context.Request; HttpResponse response = context.Response; string FileName = request.PhysicalPath; Util.Debug.Trace("GET", "Path = " + request.Path); Util.Debug.Trace("GET", "File Name = " + FileName); // // Check whether the file exists // if (!FileUtil.FileExists(FileName)) { throw new HttpException(HttpStatus.NotFound, HttpRuntime.FormatResourceString(SR.File_does_not_exist)); } try { file = new FileInfo(FileName); } catch (IOException ioEx) { if (!HttpRuntime.HasFilePermission(FileName)) { throw new HttpException(HttpStatus.NotFound, HttpRuntime.FormatResourceString(SR.Error_trying_to_enumerate_files)); } else { throw new HttpException(HttpStatus.NotFound, HttpRuntime.FormatResourceString(SR.Error_trying_to_enumerate_files), ioEx); } } catch (SecurityException secEx) { if (!HttpRuntime.HasFilePermission(FileName)) { throw new HttpException(HttpStatus.Unauthorized, HttpRuntime.FormatResourceString(SR.File_enumerator_access_denied)); } else { throw new HttpException(HttpStatus.Unauthorized, HttpRuntime.FormatResourceString(SR.File_enumerator_access_denied), secEx); } } // // To be consistent with IIS, we won't serve out hidden files // if ((((int)file.Attributes) & ((int)FileAttributes.Hidden)) != 0) { throw new HttpException(HttpStatus.NotFound, HttpRuntime.FormatResourceString(SR.File_is_hidden)); } // // To prevent the trailing dot problem, error out all file names with trailing dot. // if (FileName[FileName.Length - 1] == '.') { throw new HttpException(HttpStatus.NotFound, HttpRuntime.FormatResourceString(SR.File_does_not_exist)); } // // If the file is a directory, then it must not have a slash in // end of it (if it does have a slash suffix, then the config file // mappings are missing and we will just return 403. Otherwise, // we will redirect the client to the URL with this slash. // if ((((int)file.Attributes) & ((int)FileAttributes.Directory)) != 0) { if (request.Path.EndsWith("/")) { // // Just return 403 // throw new HttpException(HttpStatus.Forbidden, HttpRuntime.FormatResourceString(SR.Missing_star_mapping)); } else { // // Redirect to a slash suffixed URL which will be // handled by the */ handler mapper // response.Redirect(request.Path + "/"); } } else { DateTime lastModified; string strETag; // // Determine Last Modified Time. We might need it soon // if we encounter a Range: and If-Range header // lastModified = new DateTime(file.LastWriteTime.Year, file.LastWriteTime.Month, file.LastWriteTime.Day, file.LastWriteTime.Hour, file.LastWriteTime.Minute, file.LastWriteTime.Second, 0); // // Generate ETag // strETag = GenerateETag(context, lastModified); // // OK. Send the static file out either // entirely or send out the requested ranges // try { BuildFileItemResponse(context, FileName, file.Length, lastModified, strETag); } catch (Exception e) { // // Check for ERROR_ACCESS_DENIED and set the HTTP // status such that the auth modules do their thing // if ((e is ExternalException) && IsSecurityError(((ExternalException)e).ErrorCode)) { throw new HttpException(HttpStatus.Unauthorized, HttpRuntime.FormatResourceString(SR.Resource_access_forbidden)); } } context.Response.Cache.SetLastModified(lastModified); context.Response.Cache.SetETag(strETag); // // We will always set Cache-Control to public // context.Response.Cache.SetCacheability(HttpCacheability.Public); } }
private static FileInfo GetFileInfo(string virtualPathWithPathInfo, string physicalPath, HttpResponse response) { // Check whether the file exists if (!FileUtil.FileExists(physicalPath)) { throw new HttpException(HttpStatus.NotFound, SR.GetString(SR.File_does_not_exist)); } // To prevent the trailing dot problem, error out all file names with trailing dot. if (physicalPath[physicalPath.Length - 1] == '.') { throw new HttpException(HttpStatus.NotFound, SR.GetString(SR.File_does_not_exist)); } FileInfo fileInfo; try { fileInfo = new FileInfo(physicalPath); } catch (IOException ioEx) { if (!HttpRuntime.HasFilePermission(physicalPath)) { throw new HttpException(HttpStatus.NotFound, SR.GetString(SR.Error_trying_to_enumerate_files)); } else { throw new HttpException(HttpStatus.NotFound, SR.GetString(SR.Error_trying_to_enumerate_files), ioEx); } } catch (SecurityException secEx) { if (!HttpRuntime.HasFilePermission(physicalPath)) { throw new HttpException(HttpStatus.Unauthorized, SR.GetString(SR.File_enumerator_access_denied)); } else { throw new HttpException(HttpStatus.Unauthorized, SR.GetString(SR.File_enumerator_access_denied), secEx); } } // To be consistent with IIS, we won't serve out hidden files if ((((int)fileInfo.Attributes) & ((int)FileAttributes.Hidden)) != 0) { throw new HttpException(HttpStatus.NotFound, SR.GetString(SR.File_is_hidden)); } // If the file is a directory, then it must not have a slash in // end of it (if it does have a slash suffix, then the config file // mappings are missing and we will just return 403. Otherwise, // we will redirect the client to the URL with this slash. if ((((int)fileInfo.Attributes) & ((int)FileAttributes.Directory)) != 0) { if (StringUtil.StringEndsWith(virtualPathWithPathInfo, '/')) { // Just return 403 throw new HttpException(HttpStatus.Forbidden, SR.GetString(SR.Missing_star_mapping)); } else { // Redirect to a slash suffixed URL which will be // handled by the */ handler mapper response.Redirect(virtualPathWithPathInfo + "/"); } } return(fileInfo); }
/* * Return the text of the error line in the source file, with a few * lines around it. It is returned in HTML format. */ internal static string GetSourceFileLines(string fileName, Encoding encoding, string sourceCode, int lineNumber) { // Don't show any source file if the user doesn't have access to it (ASURT 122430) if (fileName != null && !HttpRuntime.HasFilePermission(fileName)) { return(HttpRuntime.FormatResourceString(SR.WithFile_No_Relevant_Line)); } // REVIEW: write directly to the main builder StringBuilder sb = new StringBuilder(); if (lineNumber <= 0) { return(HttpRuntime.FormatResourceString(SR.WithFile_No_Relevant_Line)); } TextReader reader = null; fileName = ResolveHttpFileName(fileName); try { // Open the source file reader = new StreamReader(fileName, encoding, true, 4096); } catch (Exception) { // Can't open the file? Use the dynamically generated content... reader = new StringReader(sourceCode); } try { bool fFoundLine = false; for (int i = 1; ; i++) { // Get the current line from the source file string sourceLine = reader.ReadLine(); if (sourceLine == null) { break; } // If it's the error line, make it red if (i == lineNumber) { sb.Append("<font color=red>"); } // Is it in the range we want to display if (i >= lineNumber - errorRange && i <= lineNumber + errorRange) { fFoundLine = true; String linestr = i.ToString("G"); sb.Append(HttpRuntime.FormatResourceString(SR.WithFile_Line_Num, linestr)); if (linestr.Length < 3) { sb.Append(' ', 3 - linestr.Length); } sb.Append(HttpUtility.HtmlEncode(sourceLine)); if (i != lineNumber + errorRange) { sb.Append("\r\n"); } } if (i == lineNumber) { sb.Append("</font>"); } if (i > lineNumber + errorRange) { break; } } if (!fFoundLine) { return(HttpRuntime.FormatResourceString(SR.WithFile_No_Relevant_Line)); } } finally { // Make sure we always close the reader reader.Close(); } return(sb.ToString()); }