public override SiteMapNode FindSiteMapNode(string rawUrl) { if (rawUrl == null) { throw new ArgumentNullException("rawUrl"); } if (rawUrl == String.Empty) { return(null); } BuildSiteMap(); SiteMapNode node; if (VirtualPathUtility.IsAppRelative(rawUrl)) { rawUrl = VirtualPathUtility.ToAbsolute(rawUrl, HttpRuntime.AppDomainAppVirtualPath, false); } if (!urlToNode.TryGetValue(rawUrl, out node)) { return(null); } return(CheckAccessibility(node)); }
void RewritePath(string filePath, string pathInfo, string queryString, bool setClientFilePath) { if (filePath == null) { throw new ArgumentNullException("filePath"); } if (!VirtualPathUtility.IsValidVirtualPath(filePath)) { throw new HttpException("'" + HttpUtility.HtmlEncode(filePath) + "' is not a valid virtual path."); } bool pathRelative = VirtualPathUtility.IsAppRelative(filePath); bool pathAbsolute = pathRelative ? false : VirtualPathUtility.IsAbsolute(filePath); HttpRequest req = Request; if (req == null) { return; } if (pathRelative || pathAbsolute) { if (pathRelative) { filePath = VirtualPathUtility.ToAbsolute(filePath); } else { filePath = filePath; } } else { filePath = VirtualPathUtility.AppendTrailingSlash(req.BaseVirtualDir) + filePath; } if (!StrUtils.StartsWith(filePath, HttpRuntime.AppDomainAppVirtualPath)) { throw new HttpException(404, "The virtual path '" + HttpUtility.HtmlEncode(filePath) + "' maps to another application.", filePath); } req.SetCurrentExePath(filePath); req.SetFilePath(filePath); if (setClientFilePath) { req.ClientFilePath = filePath; } // A null pathInfo or queryString is ignored and previous values remain untouched if (pathInfo != null) { req.SetPathInfo(pathInfo); } if (queryString != null) { req.QueryStringRaw = queryString; } }
public void IsAppRelative() { Assert.IsTrue(VPU.IsAppRelative("~"), "A0"); Assert.IsTrue(VPU.IsAppRelative("~/Stuff"), "A1"); Assert.IsFalse(VPU.IsAppRelative("./Stuff"), "A2"); Assert.IsFalse(VPU.IsAppRelative("/Stuff"), "A3"); Assert.IsFalse(VPU.IsAppRelative("/"), "A4"); Assert.IsFalse(VPU.IsAppRelative("~Stuff"), "A5"); Assert.IsTrue(VPU.IsAppRelative("~"), "A0"); Assert.IsTrue(VPU.IsAppRelative("~\\Stuff"), "A1"); Assert.IsFalse(VPU.IsAppRelative(".\\Stuff"), "A2"); Assert.IsFalse(VPU.IsAppRelative("\\Stuff"), "A3"); Assert.IsFalse(VPU.IsAppRelative("\\"), "A4"); Assert.IsFalse(VPU.IsAppRelative("~Stuff"), "A5"); }
internal string MapUrl(string url) { if (String.IsNullOrEmpty(url)) { return(url); } string appVPath = HttpRuntime.AppDomainAppVirtualPath; if (String.IsNullOrEmpty(appVPath)) { appVPath = "/"; } if (VirtualPathUtility.IsAppRelative(url)) { return(VirtualPathUtility.ToAbsolute(url, appVPath, true)); } else { return(VirtualPathUtility.ToAbsolute(UrlUtils.Combine(appVPath, url), appVPath, true)); } }
public VirtualPath(string vpath, string physicalPath, bool isFake) { IsRooted = VirtualPathUtility.IsRooted(vpath); IsAbsolute = VirtualPathUtility.IsAbsolute(vpath); IsAppRelative = VirtualPathUtility.IsAppRelative(vpath); if (isFake) { if (String.IsNullOrEmpty(physicalPath)) { throw new ArgumentException("physicalPath"); } _physicalPath = physicalPath; Original = "~/" + Path.GetFileName(_physicalPath); IsFake = true; } else { Original = vpath; IsFake = false; } }
public virtual bool IsAccessibleToUser(HttpContext context, SiteMapNode node) { if (context == null) { throw new ArgumentNullException("context"); } if (node == null) { throw new ArgumentNullException("node"); } if (!SecurityTrimmingEnabled) { return(true); } /* The node is accessible (according to msdn2) if: * * 1. The Roles exists on node and the current user is in at least one of the specified roles. * * 2. The current thread has an associated WindowsIdentity that has file access to the requested URL and * the URL is located within the directory structure for the application. * * 3. The current user is authorized specifically for the requested URL in the authorization element for * the current application and the URL is located within the directory structure for the application. */ /* 1. */ IList roles = node.Roles; if (roles != null && roles.Count > 0) { foreach (string rolename in roles) { if (rolename == "*" || context.User.IsInRole(rolename)) { return(true); } } } /* 2. */ /* XXX */ /* 3. */ string url = node.Url; if (!String.IsNullOrEmpty(url)) { // TODO check url is located within the current application if (VirtualPathUtility.IsAppRelative(url) || !VirtualPathUtility.IsAbsolute(url)) { url = VirtualPathUtility.Combine(VirtualPathUtility.AppendTrailingSlash(HttpRuntime.AppDomainAppVirtualPath), url); } AuthorizationSection config = (AuthorizationSection)WebConfigurationManager.GetSection( "system.web/authorization", url); if (config != null) { return(config.IsValidUser(context.User, context.Request.HttpMethod)); } } return(false); }
public void IsAppRelative_ArgException2() { Assert.IsFalse(VPU.IsAppRelative(null), "A1"); }
public void IsAppRelative_ArgException1() { Assert.IsFalse(VPU.IsAppRelative(""), "A1"); }