95 lines
3.7 KiB
C#
95 lines
3.7 KiB
C#
//------------------------------------------------------------
|
|
// Copyright (c) Microsoft Corporation. All rights reserved.
|
|
//------------------------------------------------------------
|
|
namespace System.ServiceModel.Activation
|
|
{
|
|
using System.Diagnostics;
|
|
using System.Runtime;
|
|
using System.Security;
|
|
using System.ServiceModel;
|
|
using System.Web;
|
|
using System.Web.Hosting;
|
|
|
|
class HttpModule : IHttpModule
|
|
{
|
|
static bool disabled;
|
|
|
|
[Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - called outside PermitOnly context.")]
|
|
public void Dispose()
|
|
{
|
|
}
|
|
|
|
[Fx.Tag.SecurityNote(Critical = "Entry-point from asp.net, accesses ProcessRequest which is SecurityCritical.")]
|
|
[SecurityCritical]
|
|
public void Init(HttpApplication context)
|
|
{
|
|
context.PostAuthenticateRequest += new EventHandler(ProcessRequest);
|
|
}
|
|
|
|
[Fx.Tag.SecurityNote(Critical = "Entry-point from asp.net, called outside PermitOnly context. ASP calls are critical." +
|
|
"HostedHttpRequestAsyncResult..ctor is critical because it captures HostedImpersonationContext." +
|
|
"(and makes it available later) so caller must ensure that this is called in the right place.")]
|
|
[SecurityCritical]
|
|
static void ProcessRequest(object sender, EventArgs e)
|
|
{
|
|
if (HttpModule.disabled)
|
|
{
|
|
return;
|
|
}
|
|
|
|
try
|
|
{
|
|
ServiceHostingEnvironment.SafeEnsureInitialized();
|
|
}
|
|
catch (SecurityException exception)
|
|
{
|
|
HttpModule.disabled = true;
|
|
|
|
DiagnosticUtility.TraceHandledException(exception, TraceEventType.Warning);
|
|
|
|
// If requesting a .svc file, the HttpHandler will try to handle it. It will call
|
|
// SafeEnsureInitialized() again, which will fail with the same exception (it is
|
|
// idempotent on failure). This is the correct behavior.
|
|
return;
|
|
}
|
|
|
|
HttpApplication application = (HttpApplication)sender;
|
|
|
|
// Check to see whether the extension is supported
|
|
string extension = application.Request.CurrentExecutionFilePathExtension;
|
|
if (string.IsNullOrEmpty(extension))
|
|
{
|
|
return;
|
|
}
|
|
|
|
ServiceHostingEnvironment.ServiceType serviceType = ServiceHostingEnvironment.GetServiceType(extension);
|
|
// do extension check first so that we do not need to do it in aspnetrouting/configurationbasedactivation
|
|
if (serviceType == ServiceHostingEnvironment.ServiceType.Unknown)
|
|
{
|
|
return;
|
|
}
|
|
|
|
// check for AspNetcompat
|
|
if (ServiceHostingEnvironment.AspNetCompatibilityEnabled)
|
|
{
|
|
// remap httphandler for xamlx in CBA, since there is No physical file and
|
|
// the xamlx httphandlerfactory will do file exist checking
|
|
if (serviceType == ServiceHostingEnvironment.ServiceType.Workflow && ServiceHostingEnvironment.IsConfigurationBasedService(application))
|
|
{
|
|
application.Context.RemapHandler(new HttpHandler());
|
|
}
|
|
return;
|
|
}
|
|
|
|
else if (serviceType == ServiceHostingEnvironment.ServiceType.WCF)
|
|
{
|
|
HostedHttpRequestAsyncResult.ExecuteSynchronous(application, false, false);
|
|
}
|
|
else if (serviceType == ServiceHostingEnvironment.ServiceType.Workflow)
|
|
{
|
|
HostedHttpRequestAsyncResult.ExecuteSynchronous(application, false, true);
|
|
}
|
|
}
|
|
}
|
|
}
|