diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-04-28 19:53:51 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-04-28 19:59:55 -0700 |
| commit | 01d8c73f818d30b20f86630d35d230b5168215d1 (patch) | |
| tree | 1e40cde657224715575a9cea8df010bcde831238 /src/DotNetOpenAuth.Core/Messaging/Channel.cs | |
| parent | 9c732b8f4dff008a696d24f0f2c5269c0dcec8c0 (diff) | |
| download | DotNetOpenAuth-01d8c73f818d30b20f86630d35d230b5168215d1.zip DotNetOpenAuth-01d8c73f818d30b20f86630d35d230b5168215d1.tar.gz DotNetOpenAuth-01d8c73f818d30b20f86630d35d230b5168215d1.tar.bz2 | |
Moved some JSON serialization logic to MessagingUtilities and added a unit test.
Diffstat (limited to 'src/DotNetOpenAuth.Core/Messaging/Channel.cs')
| -rw-r--r-- | src/DotNetOpenAuth.Core/Messaging/Channel.cs | 29 |
1 files changed, 12 insertions, 17 deletions
diff --git a/src/DotNetOpenAuth.Core/Messaging/Channel.cs b/src/DotNetOpenAuth.Core/Messaging/Channel.cs index 2018801..672a942 100644 --- a/src/DotNetOpenAuth.Core/Messaging/Channel.cs +++ b/src/DotNetOpenAuth.Core/Messaging/Channel.cs @@ -38,6 +38,16 @@ namespace DotNetOpenAuth.Messaging { internal static readonly Encoding PostEntityEncoding = new UTF8Encoding(false); /// <summary> + /// A default set of XML dictionary reader quotas that are relatively safe from causing unbounded memory consumption. + /// </summary> + internal static readonly XmlDictionaryReaderQuotas DefaultUntrustedXmlDictionaryReaderQuotas = new XmlDictionaryReaderQuotas { + MaxArrayLength = 1, + MaxDepth = 2, + MaxBytesPerRead = 8 * 1024, + MaxStringContentLength = 16 * 1024, + }; + + /// <summary> /// The content-type used on HTTP POST requests where the POST entity is a /// URL-encoded series of key=value pairs. /// </summary> @@ -152,12 +162,7 @@ namespace DotNetOpenAuth.Messaging { this.messageTypeProvider = messageTypeProvider; this.WebRequestHandler = new StandardWebRequestHandler(); - this.XmlDictionaryReaderQuotas = new XmlDictionaryReaderQuotas { - MaxArrayLength = 1, - MaxDepth = 2, - MaxBytesPerRead = 8 * 1024, - MaxStringContentLength = 16 * 1024, - }; + this.XmlDictionaryReaderQuotas = DefaultUntrustedXmlDictionaryReaderQuotas; this.outgoingBindingElements = new List<IChannelBindingElement>(ValidateAndPrepareBindingElements(bindingElements)); this.incomingBindingElements = new List<IChannelBindingElement>(this.outgoingBindingElements); @@ -991,17 +996,7 @@ namespace DotNetOpenAuth.Messaging { [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "No apparent problem. False positive?")] protected virtual string SerializeAsJson(IMessage message) { Requires.NotNull(message, "message"); - - MessageDictionary messageDictionary = this.MessageDescriptions.GetAccessor(message); - using (var memoryStream = new MemoryStream()) { - using (var jsonWriter = JsonReaderWriterFactory.CreateJsonWriter(memoryStream, Encoding.UTF8)) { - MessageSerializer.Serialize(messageDictionary, jsonWriter); - jsonWriter.Flush(); - } - - string json = Encoding.UTF8.GetString(memoryStream.ToArray()); - return json; - } + return MessagingUtilities.SerializeAsJson(message, this.MessageDescriptions); } /// <summary> |