File: UnvalidatedRequestValues.cs

package info (click to toggle)
mono 6.14.1%2Bds2-1
links: PTS, VCS
area: main
in suites: forky, sid
size: 1,282,732 kB
sloc: cs: 11,182,461; xml: 2,850,281; ansic: 699,123; cpp: 122,919; perl: 58,604; javascript: 30,841; asm: 21,845; makefile: 19,602; sh: 10,973; python: 4,772; pascal: 925; sql: 859; sed: 16; php: 1
file content (155 lines) | stat: -rw-r--r-- 5,445 bytes
parent folder | download | duplicates (7)
//------------------------------------------------------------------------------
// <copyright file="UnvalidatedRequestValues.cs" company="Microsoft">
//     Copyright (c) Microsoft Corporation.  All rights reserved.
// </copyright>                                                                
//------------------------------------------------------------------------------

namespace System.Web {
    using System;
    using System.Collections.Specialized;

    // Allows access to Form, QueryString, and other request values without going through the active
    // request validator. Useful for allowing granular access to particular inputs (like user input
    // that can contain HTML) without disabling validation for the request at large.

    public sealed class UnvalidatedRequestValues {

        private readonly HttpRequest _request;

        internal UnvalidatedRequestValues(HttpRequest request) {
            _request = request;
        }

        // Corresponds to the unvalidated version of Request.Form
        private HttpValueCollection _form;
        public NameValueCollection Form {
            get {
                if (_form == null) {
                    HttpValueCollection originalForm = _request.EnsureForm();
                    _form = new HttpValueCollection(originalForm); // copy ctor disables validation
                }
                return _form;
            }
        }

        // Forces reevaluation of the Form, e.g. as the result of Server.Execute replacing it
        internal void InvalidateForm() {
            _form = null;
        }

        // Corresponds to the unvalidated version of Request.QueryString
        private HttpValueCollection _queryString;
        public NameValueCollection QueryString {
            get {
                if (_queryString == null) {
                    HttpValueCollection originalQueryString = _request.EnsureQueryString();
                    _queryString = new HttpValueCollection(originalQueryString); // copy ctor disables validation
                }
                return _queryString;
            }
        }

        // Forces reevaluation of the QueryString, e.g. as the result of Server.Execute replacing it
        internal void InvalidateQueryString() {
            _queryString = null;
        }

        // Corresponds to the unvalidated version of Request.Headers
        private HttpHeaderCollection _headers;
        public NameValueCollection Headers {
            get {
                if (_headers == null) {
                    HttpHeaderCollection originalHeaders = _request.EnsureHeaders();
                    _headers = new HttpHeaderCollection(originalHeaders); // copy ctor disables validation
                }
                return _headers;
            }
        }

        // Corresponds to the unvalidated version of Request.Cookies
        private HttpCookieCollection _cookies;
        public HttpCookieCollection Cookies {
            get {
                if (_cookies == null) {
                    HttpCookieCollection originalCookies = _request.EnsureCookies();
                    _cookies = new HttpCookieCollection(originalCookies); // copy ctor disables validation
                }
                return _cookies;
            }
        }

        // Corresponds to the unvalidated version of Request.Files
        private HttpFileCollection _files;
        public HttpFileCollection Files {
            get {
                if (_files == null) {
                    HttpFileCollection originalFiles = _request.EnsureFiles();
                    _files = new HttpFileCollection(originalFiles); // copy ctor disables validation
                }
                return _files;
            }
        }

        public string RawUrl {
            get {
                return _request.EnsureRawUrl();
            }
        }

        public string Path {
            get {
                return _request.GetUnvalidatedPath();
            }
        }

        public string PathInfo {
            get {
                return _request.GetUnvalidatedPathInfo();
            }
        }

        public string this[string field] {
            get {
                // The original logic in HttpRequest.get_Item looked in these four collections, so we should
                // also, even though ServerVariables doesn't go through validation.

                string qsValue = QueryString[field];
                if (qsValue != null) {
                    return qsValue;
                }

                string formValue = Form[field];
                if (formValue != null) {
                    return formValue;
                }

                HttpCookie cookie = Cookies[field];
                if (cookie != null) {
                    return cookie.Value;
                }

                string svValue = _request.ServerVariables[field];
                if (svValue != null) {
                    return svValue;
                }

                return null;
            }
        }

        private Uri _url;
        public Uri Url {
            get {
                if (_url == null) {
                    _url = _request.BuildUrl(() => Path);
                }
                return _url;
            }
        }

        // Forces reevaluation of the Url, e.g. as the result of Server.Execute replacing it
        internal void InvalidateUrl() {
            _url = null;
        }
    }
}