huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Replace string.Equals with HttpMethods.IsX (#17805)

This commit is contained in:
Kahbazi 2019-12-12 09:10:27 +03:30 committed by Chris Ross
parent e0a03bda1a
commit 9a3aacb56a
15 changed files with 28 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Antiforgery/src/Internal/DefaultAntiforgery.cs
View File

@ -102,10 +102,10 @@ namespace Microsoft.AspNetCore.Antiforgery
CheckSSLConfig(httpContext);
var method = httpContext.Request.Method;
if (string.Equals(method, "GET", StringComparison.OrdinalIgnoreCase) ||
string.Equals(method, "HEAD", StringComparison.OrdinalIgnoreCase) ||
string.Equals(method, "OPTIONS", StringComparison.OrdinalIgnoreCase) ||
string.Equals(method, "TRACE", StringComparison.OrdinalIgnoreCase))
if (HttpMethods.IsGet(method) ||
HttpMethods.IsHead(method) ||
HttpMethods.IsOptions(method) ||
HttpMethods.IsTrace(method))
{
// Validation not needed for these request types.
return true;

5
src/Middleware/CORS/src/Infrastructure/CorsMiddleware.cs
View File

@ -143,10 +143,7 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
if (corsMetadata is IDisableCorsAttribute)
{
var isOptionsRequest = string.Equals(
context.Request.Method,
CorsConstants.PreflightHttpMethod,
StringComparison.OrdinalIgnoreCase);
var isOptionsRequest = HttpMethods.IsOptions(context.Request.Method);
var isCorsPreflightRequest = isOptionsRequest && context.Request.Headers.ContainsKey(CorsConstants.AccessControlRequestMethod);

2
src/Middleware/CORS/src/Infrastructure/CorsService.cs
View File

@ -81,7 +81,7 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
var requestHeaders = context.Request.Headers;
var origin = requestHeaders[CorsConstants.Origin];
var isOptionsRequest = string.Equals(context.Request.Method, CorsConstants.PreflightHttpMethod, StringComparison.OrdinalIgnoreCase);
var isOptionsRequest = HttpMethods.IsOptions(context.Request.Method);
var isPreflightRequest = isOptionsRequest && requestHeaders.ContainsKey(CorsConstants.AccessControlRequestMethod);
if (isOptionsRequest && !isPreflightRequest)

2
src/Middleware/HttpOverrides/src/HttpMethodOverrideMiddleware.cs
View File

@ -31,7 +31,7 @@ namespace Microsoft.AspNetCore.HttpOverrides
public async Task Invoke(HttpContext context)
{
if (string.Equals(context.Request.Method, "POST", StringComparison.OrdinalIgnoreCase))
if (HttpMethods.IsPost(context.Request.Method))
{
if (_options.FormFieldName != null)
{

2
src/Middleware/ResponseCaching/src/ResponseCachingMiddleware.cs
View File

@ -346,7 +346,7 @@ namespace Microsoft.AspNetCore.ResponseCaching
var bufferStream = context.ResponseCachingStream.GetBufferStream();
if (!contentLength.HasValue || contentLength == bufferStream.Length
|| (bufferStream.Length == 0
&& string.Equals(context.HttpContext.Request.Method, "HEAD", StringComparison.OrdinalIgnoreCase)))
&& HttpMethods.IsHead(context.HttpContext.Request.Method)))
{
var response = context.HttpContext.Response;
// Add a content-length if required

3
src/Mvc/Mvc.Core/src/BindPropertyAttribute.cs
View File

@ -2,6 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Core;
using Microsoft.AspNetCore.Mvc.ModelBinding;
@ -83,7 +84,7 @@ namespace Microsoft.AspNetCore.Mvc
private static bool IsNonGetRequest(ActionContext context)
{
return !string.Equals(context.HttpContext.Request.Method, "GET", StringComparison.OrdinalIgnoreCase);
return !HttpMethods.IsGet(context.HttpContext.Request.Method);
}
}
}

2
src/Mvc/Mvc.Core/src/RequireHttpsAttribute.cs
View File

@ -67,7 +67,7 @@ namespace Microsoft.AspNetCore.Mvc
{
// only redirect for GET requests, otherwise the browser might not propagate the verb and request
// body correctly.
if (!string.Equals(filterContext.HttpContext.Request.Method, "GET", StringComparison.OrdinalIgnoreCase))
if (!HttpMethods.IsGet(filterContext.HttpContext.Request.Method))
{
filterContext.Result = new StatusCodeResult(StatusCodes.Status403Forbidden);
}

7
src/Mvc/Mvc.Cors/src/CorsAuthorizationFilter.cs
View File

@ -103,11 +103,8 @@ namespace Microsoft.AspNetCore.Mvc.Cors
var accessControlRequestMethod =
httpContext.Request.Headers[CorsConstants.AccessControlRequestMethod];
if (string.Equals(
request.Method,
CorsConstants.PreflightHttpMethod,
StringComparison.OrdinalIgnoreCase) &&
!StringValues.IsNullOrEmpty(accessControlRequestMethod))
if (HttpMethods.IsOptions(request.Method)
&& !StringValues.IsNullOrEmpty(accessControlRequestMethod))
{
// If this was a preflight, there is no need to run anything else.
context.Result = new StatusCodeResult(StatusCodes.Status204NoContent);

3
src/Mvc/Mvc.Cors/src/CorsHttpMethodActionConstraint.cs
View File

@ -12,7 +12,6 @@ namespace Microsoft.AspNetCore.Mvc.Cors
{
private readonly string OriginHeader = "Origin";
private readonly string AccessControlRequestMethod = "Access-Control-Request-Method";
private readonly string PreflightHttpMethod = "OPTIONS";
public CorsHttpMethodActionConstraint(HttpMethodActionConstraint constraint)
: base(constraint.HttpMethods)
@ -34,7 +33,7 @@ namespace Microsoft.AspNetCore.Mvc.Cors
var request = context.RouteContext.HttpContext.Request;
// Perf: Check http method before accessing the Headers collection.
if (string.Equals(request.Method, PreflightHttpMethod, StringComparison.OrdinalIgnoreCase) &&
if (Http.HttpMethods.IsOptions(request.Method) &&
request.Headers.ContainsKey(OriginHeader) &&
request.Headers.TryGetValue(AccessControlRequestMethod, out var accessControlRequestMethod) &&
!StringValues.IsNullOrEmpty(accessControlRequestMethod))

3
src/Mvc/Mvc.ViewFeatures/src/DefaultHtmlGenerator.cs
View File

@ -12,6 +12,7 @@ using System.Reflection;
using System.Text.Encodings.Web;
using Microsoft.AspNetCore.Antiforgery;
using Microsoft.AspNetCore.Html;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.ModelBinding;
using Microsoft.AspNetCore.Mvc.Rendering;
using Microsoft.AspNetCore.Mvc.Routing;
@ -307,7 +308,7 @@ namespace Microsoft.AspNetCore.Mvc.ViewFeatures
{
defaultMethod = true;
}
else if (string.Equals(method, "post", StringComparison.OrdinalIgnoreCase))
else if (HttpMethods.IsPost(method))
{
defaultMethod = true;
}

9
src/Mvc/Mvc.ViewFeatures/src/Filters/AutoValidateAntiforgeryTokenAuthorizationFilter.cs
View File

@ -3,6 +3,7 @@
using System;
using Microsoft.AspNetCore.Antiforgery;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.Extensions.Logging;
@ -23,10 +24,10 @@ namespace Microsoft.AspNetCore.Mvc.ViewFeatures.Filters
}
var method = context.HttpContext.Request.Method;
if (string.Equals("GET", method, StringComparison.OrdinalIgnoreCase) ||
string.Equals("HEAD", method, StringComparison.OrdinalIgnoreCase) ||
string.Equals("TRACE", method, StringComparison.OrdinalIgnoreCase) ||
string.Equals("OPTIONS", method, StringComparison.OrdinalIgnoreCase))
if (HttpMethods.IsGet(method) ||
HttpMethods.IsHead(method) ||
HttpMethods.IsTrace(method) ||
HttpMethods.IsOptions(method))
{
return false;
}

2
src/Security/Authentication/JwtBearer/samples/JwtBearerSample/Startup.cs
View File

@ -78,7 +78,7 @@ namespace JwtBearerSample
todoApp.Run(async context =>
{
var response = context.Response;
if (context.Request.Method.Equals("POST", System.StringComparison.OrdinalIgnoreCase))
if (HttpMethods.IsPost(context.Request.Method))
{
var reader = new StreamReader(context.Request.Body);
var body = await reader.ReadToEndAsync();

8
src/Security/Authentication/OpenIdConnect/src/OpenIdConnectHandler.cs
View File

@ -78,13 +78,13 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
{
OpenIdConnectMessage message = null;
if (string.Equals(Request.Method, "GET", StringComparison.OrdinalIgnoreCase))
if (HttpMethods.IsGet(Request.Method))
{
message = new OpenIdConnectMessage(Request.Query.Select(pair => new KeyValuePair<string, string[]>(pair.Key, pair.Value)));
}
// assumption: if the ContentType is "application/x-www-form-urlencoded" it should be safe to read as it is small.
else if (string.Equals(Request.Method, "POST", StringComparison.OrdinalIgnoreCase)
else if (HttpMethods.IsPost(Request.Method)
&& !string.IsNullOrEmpty(Request.ContentType)
// May have media/type; charset=utf-8, allow partial match.
&& Request.ContentType.StartsWith("application/x-www-form-urlencoded", StringComparison.OrdinalIgnoreCase)
@ -482,7 +482,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
OpenIdConnectMessage authorizationResponse = null;
if (string.Equals(Request.Method, "GET", StringComparison.OrdinalIgnoreCase))
if (HttpMethods.IsGet(Request.Method))
{
authorizationResponse = new OpenIdConnectMessage(Request.Query.Select(pair => new KeyValuePair<string, string[]>(pair.Key, pair.Value)));
@ -501,7 +501,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
}
}
// assumption: if the ContentType is "application/x-www-form-urlencoded" it should be safe to read as it is small.
else if (string.Equals(Request.Method, "POST", StringComparison.OrdinalIgnoreCase)
else if (HttpMethods.IsPost(Request.Method)
&& !string.IsNullOrEmpty(Request.ContentType)
// May have media/type; charset=utf-8, allow partial match.
&& Request.ContentType.StartsWith("application/x-www-form-urlencoded", StringComparison.OrdinalIgnoreCase)

2
src/Servers/Kestrel/test/Interop.FunctionalTests/ChromeTests.cs
View File

@ -83,7 +83,7 @@ namespace Interop.FunctionalTests
.ConfigureServices(AddTestLogging)
.Configure(app => app.Run(async context =>
{
if (string.Equals(context.Request.Query["TestMethod"], "POST", StringComparison.OrdinalIgnoreCase))
if (HttpMethods.IsPost(context.Request.Query["TestMethod"]))
{
await context.Response.WriteAsync(_postHtml);
}

2
src/SignalR/clients/ts/FunctionalTests/Startup.cs
View File

@ -136,7 +136,7 @@ namespace FunctionalTests
}
}
if (string.Equals(context.Request.Method, "OPTIONS", StringComparison.OrdinalIgnoreCase))
if (HttpMethods.IsOptions(context.Request.Method))
{
context.Response.StatusCode = StatusCodes.Status204NoContent;
return Task.CompletedTask;