Imported Upstream version 3.6.0

Former-commit-id: da6be194a6b1221998fc28233f2503bd61dd9d14

mcs/class/Microsoft.Web.Infrastructure/Microsoft.Web.Infrastructure.DynamicValidationHelper/LazyWebROCollection.cs

@@ -0,0 +1,138 @@
+//  
+// Author:
+//       Marek Habersack <grendel@twistedcode.net>
+// 
+// Copyright (c) 2011 Novell, Inc (http://novell.com/)
+// 
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+// 
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+using System;
+using System.Collections;
+using System.Collections.Specialized;
+using System.Runtime.Serialization;
+using System.Web;
+using System.Web.Util;
+
+namespace Microsoft.Web.Infrastructure.DynamicValidationHelper
+{
+	sealed class LazyWebROCollection : WebROCollection
+	{
+		WebROCollection wrapped;
+		RequestValidationSource validationSource;
+		
+		public LazyWebROCollection (RequestValidationSource validationSource, WebROCollection wrapped)
+		{
+			if (wrapped == null)
+				throw new ArgumentNullException ("wrapped");
+			
+			this.validationSource = validationSource;
+			this.wrapped = wrapped;
+		}
+		
+		public new string this [int index] {
+			get { return Get (index); }
+		}
+
+		public new string this [string name] {
+			get { return Get (name); }
+			set{ Set (name,value); }
+		}
+		
+		public override string[] AllKeys {
+			get { return wrapped.AllKeys; }
+		}
+
+		public override int Count {
+			get { return wrapped.Count; }
+		}
+		
+		public override NameObjectCollectionBase.KeysCollection Keys {
+			get { return wrapped.Keys; }
+		}
+
+		public new void Add (NameValueCollection c)
+		{
+			wrapped.Add (c);
+		}
+			
+		public override void Add (string name, string val)
+		{
+			wrapped.Add (name, val);
+		}
+		
+		public override void Clear ()
+		{
+			wrapped.Clear ();
+		}
+
+		public override string Get (string name)
+		{
+			return Validate (name, wrapped.Get (name));
+		}
+
+		public override string Get (int index)
+		{
+			return Validate (wrapped.GetKey (index), wrapped.Get (index));
+		}
+
+		public override void GetObjectData (SerializationInfo info, StreamingContext context)
+		{
+			wrapped.GetObjectData (info, context);
+		}
+		
+		public override IEnumerator GetEnumerator ()
+		{
+			return wrapped.GetEnumerator ();
+		}
+
+		public override string GetKey (int index)
+		{
+			return wrapped.GetKey (index);
+		}
+
+		public override string[] GetValues (int index)
+		{
+			return wrapped.GetValues (index);
+		}
+
+		public override string[] GetValues (string name)
+		{
+			return wrapped.GetValues (name);
+		}
+
+		public override void OnDeserialization (object sender)
+		{
+			wrapped.OnDeserialization (sender);
+		}
+		
+		public override void Set (string name, string value)
+		{
+			wrapped.Set (name, value);
+		}
+		
+		string Validate (string key, string value)
+		{
+			if (String.IsNullOrEmpty (value))
+				return value;
+
+			HttpRequest.ValidateString (key, value, validationSource);
+			return value;
+		}
+	}
+}

mcs/class/Microsoft.Web.Infrastructure/Microsoft.Web.Infrastructure.DynamicValidationHelper/ValidationUtility.cs

@@ -0,0 +1,103 @@
+// 
+// ValidationUtility.cs
+//  
+// Author:
+//       Marek Habersack <grendel@twistedcode.net>
+// 
+// Copyright (c) 2011 Novell, Inc (http://novell.com/)
+// 
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+// 
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+using System;
+using System.ComponentModel;
+using System.Collections.Specialized;
+using System.Security;
+using System.Web;
+using System.Web.Util;
+
+namespace Microsoft.Web.Infrastructure.DynamicValidationHelper
+{
+	[EditorBrowsable (EditorBrowsableState.Never)]
+	public static class ValidationUtility
+	{
+		private const string UNVALIDATED_DATA_KEY = "__MWI_UNVALIDATED_DATA_KEY";
+
+		[SecuritySafeCritical]
+		public static void EnableDynamicValidation (HttpContext context)
+		{
+			HttpRequest req = context != null ? context.Request : null;
+			if (req == null)
+				return;
+
+			// We might get called more than once.. (weird, isnt it?)
+			if (context.Items [UNVALIDATED_DATA_KEY] != null)
+				return;
+
+			// Store unvalidated values at context so we can access them later.
+			context.Items [UNVALIDATED_DATA_KEY] = new object [] { req.FormUnvalidated, req.QueryStringUnvalidated };
+
+			// Just to be safe, make sure it's on
+			req.ValidateInput ();
+			req.SetFormCollection (new LazyWebROCollection (RequestValidationSource.Form, req.FormUnvalidated), true);
+			req.SetQueryStringCollection (new LazyWebROCollection (RequestValidationSource.QueryString, req.QueryStringUnvalidated), true);
+		}
+
+		[SecuritySafeCritical]
+		public static bool? IsValidationEnabled (HttpContext context)
+		{
+			HttpRequest req = context != null ? context.Request : null;
+			if (req == null)
+				return true;
+
+			return req.InputValidationEnabled;
+		}
+
+		[SecuritySafeCritical]
+		public static void GetUnvalidatedCollections (HttpContext context, out Func <NameValueCollection> formGetter, out Func <NameValueCollection> queryStringGetter)
+		{
+			if (context == null)
+				throw new ArgumentNullException ("context");
+			formGetter = null;
+			queryStringGetter = null;
+			
+			formGetter = () => {
+				HttpRequest req = context != null ? context.Request : null;
+				if (req == null)
+					return null;
+				return GetUnvalidatedCollection (context, 0) ?? req.FormUnvalidated;
+			};
+
+			queryStringGetter = () => {
+				HttpRequest req = context != null ? context.Request : null;
+				if (req == null)
+					return null;
+				return GetUnvalidatedCollection (context, 1) ?? req.QueryStringUnvalidated;
+			};
+		}
+
+		private static NameValueCollection GetUnvalidatedCollection (HttpContext context, int offset)
+		{
+			if (context.Items [UNVALIDATED_DATA_KEY] == null)
+				return null;
+
+			var data = context.Items [UNVALIDATED_DATA_KEY] as object [];
+			return data [offset] as NameValueCollection;
+		}
+	}
+}