yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'dev-v7' of https://github.com/umbraco/Umbraco-CMS into dev-v7

Browse Source
This commit is contained in:
Warren Buckley
2018-11-05 14:50:06 +00:00
parent 91ea16feb3 583828a5f3
commit 04bcd85e8e
2 changed files with 58 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Umbraco.Web.UI/umbraco/dialogs/editMacro.aspx
View File

@@ -17,7 +17,7 @@
Umbraco.Dialogs.EditMacro.getInstance().init({
useAspNetMasterPages: <%=UmbracoConfig.For.UmbracoSettings().Templates.UseAspNetMasterPages.ToString().ToLower() %>,
codeEditorElementId: "<%=Request.CleanForXss("objectId") %>",
renderingEngine: "<%=Request.GetItemAsString("renderingEngine", "Mvc")%>",
renderingEngine: "<%=Request.CleanForXss("renderingEngine", "Mvc")%>",
macroAlias: '<%= _macroAlias %>'
});
});

113
src/Umbraco.Web/HttpRequestExtensions.cs
View File

@@ -10,74 +10,75 @@ namespace Umbraco.Web
/// Extension methods for the HttpRequest and HttpRequestBase objects
/// </summary>
public static class HttpRequestExtensions
{
{
/// <summary>
/// Extracts the value from the query string and cleans it to prevent xss attacks.
/// </summary>
/// <param name="request"></param>
/// <param name="key"></param>
/// <param name="valueIfNotFound"></param>
/// <returns></returns>
public static string CleanForXss(this HttpRequest request, string key)
public static string CleanForXss(this HttpRequest request, string key, string valueIfNotFound = "")
{
var item = request.GetItemAsString(key);
var item = request.GetItemAsString(key, valueIfNotFound);
return item.CleanForXss();
}
/// <summary>
/// Safely get a request item as string, if the item does not exist, an empty string is returned.
/// </summary>
/// <param name="request"></param>
/// <param name="key"></param>
/// <param name="valueIfNotFound">The value to return if the key is not found in the collection</param>
/// <returns></returns>
public static string GetItemAsString(this HttpRequest request, string key, string valueIfNotFound = "")
{
return new HttpRequestWrapper(request).GetItemAsString(key, valueIfNotFound);
}
/// <summary>
/// Safely get a request item as string, if the item does not exist, an empty string is returned.
/// </summary>
/// <param name="request"></param>
/// <param name="key"></param>
/// <param name="valueIfNotFound">The value to return if the key is not found in the collection</param>
/// <returns></returns>
public static string GetItemAsString(this HttpRequest request, string key, string valueIfNotFound = "")
{
return new HttpRequestWrapper(request).GetItemAsString(key, valueIfNotFound);
}
/// <summary>
/// Safely get a request item as string, if the item does not exist, an empty string is returned.
/// </summary>
/// <param name="request"></param>
/// <param name="key"></param>
/// <param name="valueIfNotFound">The value to return if the key is not found in the collection</param>
/// <returns></returns>
public static string GetItemAsString(this HttpRequestBase request, string key, string valueIfNotFound = "")
{
var val = request[key];
return !val.IsNullOrWhiteSpace() ? val : valueIfNotFound;
}
/// <summary>
/// Safely get a request item as string, if the item does not exist, an empty string is returned.
/// </summary>
/// <param name="request"></param>
/// <param name="key"></param>
/// <param name="valueIfNotFound">The value to return if the key is not found in the collection</param>
/// <returns></returns>
public static string GetItemAsString(this HttpRequestBase request, string key, string valueIfNotFound = "")
{
var val = request[key];
return !val.IsNullOrWhiteSpace() ? val : valueIfNotFound;
}
/// <summary>
/// Safely get the item from the query string and convert it to type 'T', otherwise will return default(T).
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="request"></param>
/// <param name="key"></param>
/// <returns></returns>
public static T GetItemAs<T>(this HttpRequestBase request, string key)
{
var val = request[key];
var whitespaceCheck = !val.IsNullOrWhiteSpace() ? val : string.Empty;
if (whitespaceCheck.IsNullOrWhiteSpace())
return (T) typeof (T).GetDefaultValue();
var attempt = val.TryConvertTo<T>();
if (attempt.Success)
return attempt.Result;
return (T)typeof(T).GetDefaultValue();
}
/// <summary>
/// Safely get the item from the query string and convert it to type 'T', otherwise will return default(T).
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="request"></param>
/// <param name="key"></param>
/// <returns></returns>
public static T GetItemAs<T>(this HttpRequestBase request, string key)
{
var val = request[key];
var whitespaceCheck = !val.IsNullOrWhiteSpace() ? val : string.Empty;
if (whitespaceCheck.IsNullOrWhiteSpace())
return (T)typeof(T).GetDefaultValue();
var attempt = val.TryConvertTo<T>();
if (attempt.Success)
return attempt.Result;
return (T)typeof(T).GetDefaultValue();
}
/// <summary>
/// Safely get the item from the query string and convert it to type 'T', otherwise will return default(T).
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="request"></param>
/// <param name="key"></param>
/// <returns></returns>
public static T GetItemAs<T>(this HttpRequest request, string key)
{
return new HttpRequestWrapper(request).GetItemAs<T>(key);
}
/// <summary>
/// Safely get the item from the query string and convert it to type 'T', otherwise will return default(T).
/// </summary>
/// <typeparam name="T"></typeparam>
/// <param name="request"></param>
/// <param name="key"></param>
/// <returns></returns>
public static T GetItemAs<T>(this HttpRequest request, string key)
{
return new HttpRequestWrapper(request).GetItemAs<T>(key);
}
}
}
}