File: UnvalidatedRequestValues.cs
Project: ndp\fx\src\xsp\system\Web\System.Web.csproj (System.Web)
//------------------------------------------------------------------------------
// <copyright file="UnvalidatedRequestValues.cs" company="Microsoft">
//     Copyright (c) Microsoft Corporation.  All rights reserved.
// </copyright>                                                                
//------------------------------------------------------------------------------
 
namespace System.Web {
    using System;
    using System.Collections.Specialized;
 
    // Allows access to Form, QueryString, and other request values without going through the active
    // request validator. Useful for allowing granular access to particular inputs (like user input
    // that can contain HTML) without disabling validation for the request at large.
 
    public sealed class UnvalidatedRequestValues {
 
        private readonly HttpRequest _request;
 
        internal UnvalidatedRequestValues(HttpRequest request) {
            _request = request;
        }
 
        // Corresponds to the unvalidated version of Request.Form
        private HttpValueCollection _form;
        public NameValueCollection Form {
            get {
                if (_form == null) {
                    HttpValueCollection originalForm = _request.EnsureForm();
                    _form = new HttpValueCollection(originalForm); // copy ctor disables validation
                }
                return _form;
            }
        }
 
        // Forces reevaluation of the Form, e.g. as the result of Server.Execute replacing it
        internal void InvalidateForm() {
            _form = null;
        }
 
        // Corresponds to the unvalidated version of Request.QueryString
        private HttpValueCollection _queryString;
        public NameValueCollection QueryString {
            get {
                if (_queryString == null) {
                    HttpValueCollection originalQueryString = _request.EnsureQueryString();
                    _queryString = new HttpValueCollection(originalQueryString); // copy ctor disables validation
                }
                return _queryString;
            }
        }
 
        // Forces reevaluation of the QueryString, e.g. as the result of Server.Execute replacing it
        internal void InvalidateQueryString() {
            _queryString = null;
        }
 
        // Corresponds to the unvalidated version of Request.Headers
        private HttpHeaderCollection _headers;
        public NameValueCollection Headers {
            get {
                if (_headers == null) {
                    HttpHeaderCollection originalHeaders = _request.EnsureHeaders();
                    _headers = new HttpHeaderCollection(originalHeaders); // copy ctor disables validation
                }
                return _headers;
            }
        }
 
        // Corresponds to the unvalidated version of Request.Cookies
        private HttpCookieCollection _cookies;
        public HttpCookieCollection Cookies {
            get {
                if (_cookies == null) {
                    HttpCookieCollection originalCookies = _request.EnsureCookies();
                    _cookies = new HttpCookieCollection(originalCookies); // copy ctor disables validation
                }
                return _cookies;
            }
        }
 
        // Corresponds to the unvalidated version of Request.Files
        private HttpFileCollection _files;
        public HttpFileCollection Files {
            get {
                if (_files == null) {
                    HttpFileCollection originalFiles = _request.EnsureFiles();
                    _files = new HttpFileCollection(originalFiles); // copy ctor disables validation
                }
                return _files;
            }
        }
 
        public string RawUrl {
            get {
                return _request.EnsureRawUrl();
            }
        }
 
        public string Path {
            get {
                return _request.GetUnvalidatedPath();
            }
        }
 
        public string PathInfo {
            get {
                return _request.GetUnvalidatedPathInfo();
            }
        }
 
        public string this[string field] {
            get {
                // The original logic in HttpRequest.get_Item looked in these four collections, so we should
                // also, even though ServerVariables doesn't go through validation.
 
                string qsValue = QueryString[field];
                if (qsValue != null) {
                    return qsValue;
                }
 
                string formValue = Form[field];
                if (formValue != null) {
                    return formValue;
                }
 
                HttpCookie cookie = Cookies[field];
                if (cookie != null) {
                    return cookie.Value;
                }
 
                string svValue = _request.ServerVariables[field];
                if (svValue != null) {
                    return svValue;
                }
 
                return null;
            }
        }
 
        private Uri _url;
        public Uri Url {
            get {
                if (_url == null) {
                    _url = _request.BuildUrl(() => Path);
                }
                return _url;
            }
        }
 
        // Forces reevaluation of the Url, e.g. as the result of Server.Execute replacing it
        internal void InvalidateUrl() {
            _url = null;
        }
    }
}