|
|
<?xml version="1.0"?>
<doc>
<assembly>
<name>ParamUtils</name>
</assembly>
<members>
<member name="T:ParamUtils.WebParam">
<summary>
<see cref="T:ParamUtils.WebParam">WebParam</see> is used to encapsulate one or more web request parameters into a single request parameter.
<para>This class also provides message authentication to ensure that the transported data has not been
tampered with during transport.
</para>
<para>Request parameter injection is also eliminated because web address will display something like:
<code>http://www.mydomain.com/ParamUtilTest/Default2.aspx?data=JmlkPTEyMzQmbmFtZT1yYW5keg%3d%3d-t0j9KL4WQHs%3d</code>
Any changes on the value of the parameter "data" will cause the <see cref="M:ParamUtils.WebParam.Decode(System.String,System.String)">Decode</see> method to
throw an exception, signifying that the data has been tampered.
</para>
<para>The code below is a sample on how to use Encode method:</para>
<code>
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
hl.NavigateUrl = "Default2.aspx?data=" + ParamUtils.WebParam.Encode(new Pair("id", "1234"), new Pair("name", "randz"));
Response.Write("hl.NavigateUrl: "+hl.NavigateUrl);
}
}
</code>
<para>The code below is a sample on how to "decode" the data from previous sample:</para>
<code>
public partial class Default2 : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
try
{
Response.Write("Request.Params[\"data\"] : " + Request.Params["data"].ToString() + "<br>");
Response.Write("ID: " + ParamUtils.WebParam.GetQuery(Request.Params["data"].ToString(), "id") + "<br>");
Response.Write("Name: " + ParamUtils.WebParam.GetQuery(Request.Params["data"].ToString(), "name") + "<br>");
Response.Write("ne: " + ParamUtils.WebParam.GetQuery(Request.Params["data"].ToString(), "ne") + "<br>");
}
catch (ArgumentException ex)
{
Response.Write("Argument Exception caught: " + ex.Message);
}
catch (Exception ex)
{
Response.Write("General Exception caught: " + ex.Message);
}
}
}
}
</code>
</summary>
</member>
<member name="M:ParamUtils.WebParam.GetQuery(System.String,System.String)">
<summary>
Retrieve the value of a query variable.
Throws <see cref="T:System.ArgumentException">ArgumentException</see> when the specified query name was not found.
</summary>
<param name="Data">Request parameter value encoded using <see cref="M:ParamUtils.WebParam.Encode(System.Web.UI.Pair[])">Encode</see> method.</param>
<param name="QueryName">Name of query variable to retrieve.</param>
<returns>Original string value of parameter</returns>
</member>
<member name="M:ParamUtils.WebParam.Encode(System.Web.UI.Pair[])">
<summary>
Encodes the request parameter into a "safe-to-display" value using <see cref="T:System.Security.Cryptography.MACTripleDES">MACTripleDES</see> and <see cref="T:System.Security.Cryptography.MD5CryptoServiceProvider">MD5</see> ComputeHash functions.
</summary>
<param name="parameters">One or more <see cref="T:System.Web.UI.Pair">Pair</see> parameter.</param>
<returns><see cref="M:System.Web.HttpUtility.UrlEncode(System.String)">UrlEncode</see> encoded string of hash produced using the request parameter value and the <see cref="P:ParamUtils.WebParam.HashKey">HashKey</see>.</returns>
</member>
<member name="M:ParamUtils.WebParam.ComputeHashValue(System.String,System.String)">
<summary>
Method to compute hash value of a string using <see cref="T:System.Security.Cryptography.MD5CryptoServiceProvider">System.Security.Cryptography.MD5CryptoServiceProvider</see> and
<see cref="T:System.Security.Cryptography.MACTripleDES">System.Security.Cryptography.MACTripleDES</see>.
</summary>
<param name="value">String data from which hash value computation will be performed.</param>
<param name="key">Hash key to be used.</param>
<returns>Base64String </returns>
<remarks></remarks>
</member>
<member name="M:ParamUtils.WebParam.Decode(System.String,System.String)">
<summary>
The methods provides a function to retrieve the original value of the encoded data. Also provides checking if the
data has not been tampered with during transport.
</summary>
<param name="value">Data to be decoded</param>
<param name="key">Encryption Key</param>
<returns>Decoded value</returns>
<remarks>
<para>
Throws <see cref="T:System.ArgumentException"/> with message "Invalid QueryString" when a general exception was caught.
</para>
<para>
Throws <see cref="T:System.ArgumentException"/> with message "Hash value did not match" when the stored hash and computed hash did not match. This
signifies that the data has been tampered with.
</para>
</remarks>
</member>
<member name="P:ParamUtils.WebParam.HashKey">
<summary>
Key that will be used in computation of Message Authentication Code key.
Key will also be used in verifying the validity of transported data.
</summary>
<remarks>
Gets / Sets value of Hash Key parameter to be used in Hash calculations
</remarks>
</member>
<member name="T:ParamUtils.Properties.Resources">
<summary>
A strongly-typed resource class, for looking up localized strings, etc.
</summary>
</member>
<member name="P:ParamUtils.Properties.Resources.ResourceManager">
<summary>
Returns the cached ResourceManager instance used by this class.
</summary>
</member>
<member name="P:ParamUtils.Properties.Resources.Culture">
<summary>
Overrides the current thread's CurrentUICulture property for all
resource lookups using this strongly typed resource class.
</summary>
</member>
<member name="P:ParamUtils.Properties.Resources.msgHashValueNotMatch">
<summary>
Looks up a localized string similar to Hash value does not match..
</summary>
</member>
<member name="P:ParamUtils.Properties.Resources.msgInvalidQueryString">
<summary>
Looks up a localized string similar to Invalid query string..
</summary>
</member>
<member name="P:ParamUtils.Properties.Resources.msgParamNotFound">
<summary>
Looks up a localized string similar to parameter not found..
</summary>
</member>
</members>
</doc>
|
By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.
If a file you wish to view isn't highlighted, and is a text file (not binary), please
let us know and we'll add colourisation support for it.
Submit an article or tip