//------------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // //------------------------------------------------------------------------------ namespace System.Web.Configuration { using System; using System.Configuration; using System.IO; using System.Web.Util; using System.Security.Permissions; // // Maps a virtual directory to a physical directory and its config file. // public sealed class VirtualDirectoryMapping { VirtualPath _virtualDirectory; string _physicalDirectory; string _configFileBaseName; bool _isAppRoot; const string DEFAULT_BASE_NAME = "web.config"; public VirtualDirectoryMapping(string physicalDirectory, bool isAppRoot) : this(null, physicalDirectory, isAppRoot, DEFAULT_BASE_NAME) { } public VirtualDirectoryMapping(string physicalDirectory, bool isAppRoot, string configFileBaseName) : this(null, physicalDirectory, isAppRoot, configFileBaseName) { } private VirtualDirectoryMapping(VirtualPath virtualDirectory, string physicalDirectory, bool isAppRoot, string configFileBaseName) { _virtualDirectory = virtualDirectory; _isAppRoot = isAppRoot; PhysicalDirectory = physicalDirectory; ConfigFileBaseName = configFileBaseName; } internal VirtualDirectoryMapping Clone() { return new VirtualDirectoryMapping(_virtualDirectory, _physicalDirectory, _isAppRoot, _configFileBaseName); } // // Get the virtual directory. // Not settable because it is set when it is added to a collection. // public string VirtualDirectory { get { return (_virtualDirectory != null) ? _virtualDirectory.VirtualPathString : string.Empty; } } internal VirtualPath VirtualDirectoryObject { get { return _virtualDirectory; } } internal void SetVirtualDirectory(VirtualPath virtualDirectory) { _virtualDirectory = virtualDirectory; } // // The physical directory. // public string PhysicalDirectory { get { return _physicalDirectory; } set { string physicalDirectory = value; if (String.IsNullOrEmpty(physicalDirectory)) { physicalDirectory = null; } else { // remove trailing '\' if any if (UrlPath.PathEndsWithExtraSlash(physicalDirectory)) { physicalDirectory = physicalDirectory.Substring(0, physicalDirectory.Length - 1); } // Throw if the resulting physical path is not canonical, to prevent potential // security issues (VSWhidbey 418125) if (FileUtil.IsSuspiciousPhysicalPath(physicalDirectory)) { throw ExceptionUtil.ParameterInvalid("PhysicalDirectory"); } } _physicalDirectory = physicalDirectory; } } // // Indicates whether the virtual directory is the location of an application. // public bool IsAppRoot { get { return _isAppRoot; } set { _isAppRoot = value; } } // // The base name of the config file. // If not specified, "web.config" is used. // public string ConfigFileBaseName { get { return _configFileBaseName; } set { if (string.IsNullOrEmpty(value)) { throw ExceptionUtil.PropertyInvalid("ConfigFileBaseName"); } _configFileBaseName = value; } } internal void Validate() { if (_physicalDirectory != null) { // // Ensure that the caller has PathDiscovery to the resulting config file, // and that the web.config file does not have ".." that could lead to a // different directory. // string configFilename = Path.Combine(_physicalDirectory, _configFileBaseName); string fullConfigFilename = Path.GetFullPath(configFilename); if ( Path.GetDirectoryName(fullConfigFilename) != _physicalDirectory || Path.GetFileName(fullConfigFilename) != _configFileBaseName || FileUtil.IsSuspiciousPhysicalPath(configFilename)) { throw ExceptionUtil.ParameterInvalid("configFileBaseName"); } } } } }