diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-10-14 19:58:54 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-10-14 19:58:54 -0700 |
| commit | 1147c2afd97ce408f2e4d08458ca68b108c35b1e (patch) | |
| tree | d812ae4d013142db03091abf61742a3753eb7ed2 /src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs | |
| parent | 0484ade3bd35282c8b30cfa27730498ab5168859 (diff) | |
| parent | 321267ee6a54e917395694f270d3f6fe7fae3c51 (diff) | |
| download | DotNetOpenAuth-1147c2afd97ce408f2e4d08458ca68b108c35b1e.zip DotNetOpenAuth-1147c2afd97ce408f2e4d08458ca68b108c35b1e.tar.gz DotNetOpenAuth-1147c2afd97ce408f2e4d08458ca68b108c35b1e.tar.bz2 | |
Merge branch 'v4.1'
Diffstat (limited to 'src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs')
| -rw-r--r-- | src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs b/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs index 2d049c1..7c03555 100644 --- a/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs +++ b/src/DotNetOpenAuth.Core/Messaging/MessagingUtilities.cs @@ -15,6 +15,9 @@ namespace DotNetOpenAuth.Messaging { using System.IO.Compression; using System.Linq; using System.Net; +#if CLR4 + using System.Net.Http; +#endif using System.Net.Mime; using System.Runtime.Serialization.Json; using System.Security; @@ -161,6 +164,28 @@ namespace DotNetOpenAuth.Messaging { return new OutgoingWebResponseActionResult(response); } +#if CLR4 + /// <summary> + /// Transforms an OutgoingWebResponse to a Web API-friendly HttpResponseMessage. + /// </summary> + /// <param name="outgoingResponse">The response to send to the user agent.</param> + /// <returns>The <see cref="HttpResponseMessage"/> instance to be returned by the Web API method.</returns> + public static HttpResponseMessage AsHttpResponseMessage(this OutgoingWebResponse outgoingResponse) { + HttpResponseMessage response = new HttpResponseMessage(outgoingResponse.Status) { + Content = new StreamContent(outgoingResponse.ResponseStream) + }; + + var responseHeaders = outgoingResponse.Headers; + foreach (var header in responseHeaders.AllKeys) { + if (!response.Headers.TryAddWithoutValidation(header, responseHeaders[header])) { + response.Content.Headers.TryAddWithoutValidation(header, responseHeaders[header]); + } + } + + return response; + } +#endif + /// <summary> /// Gets the original request URL, as seen from the browser before any URL rewrites on the server if any. /// Cookieless session directory (if applicable) is also included. @@ -357,6 +382,28 @@ namespace DotNetOpenAuth.Messaging { } /// <summary> + /// Creates the XML reader settings to use for reading XML from untrusted sources. + /// </summary> + /// <returns> + /// The new instance of <see cref="XmlReaderSettings"/>. + /// </returns> + /// <remarks> + /// The default values set here are based on recommendations from + /// http://msdn.microsoft.com/en-us/magazine/ee335713.aspx + /// </remarks> + internal static XmlReaderSettings CreateUntrustedXmlReaderSettings() { + return new XmlReaderSettings { + MaxCharactersFromEntities = 1024, + XmlResolver = null, +#if CLR4 + DtdProcessing = DtdProcessing.Prohibit, +#else + ProhibitDtd = true, +#endif + }; + } + + /// <summary> /// Clears any existing elements in a collection and fills the collection with a given set of values. /// </summary> /// <typeparam name="T">The type of value kept in the collection.</typeparam> |