public NameValueCollection CheckHeaders(NameValueCollection httpHeaders)
{
//locals
NameValueCollection cleanHeaders = new NameValueCollection();
string keyName = "";
string keyValue = "";
string[] lstSystemBlacklist = new string[] { "PATH_TRANSLATED", "INSTANCE_META_PATH", "INSTANCE_ID", "APPL_MD_PATH", "AUTH_TYPE", "REMOTE_USER", "REQUEST_METHOD", "REMOTE_ADDR", "REMOTE_HOST", "ALL_HTTP", "ALL_RAW", "QUERY_STRING", "ACCEPT", "ACCEPT_CHARSET", "ACCEPT_ENCODING", "ACCEPT_LANGUAGE", "AUTHORIZATION", "CONNECTION", "HTTP_CONTENT_TYPE", "HTTP_CONTENT_LENGTH", "PRAGMA", "REFERER", "USER_AGENT", "x-vdirs", "x-tomcat-docroot", "x-webserver-context", "X-ModCFML-SharedKey", "xajp-clientfingerprint", "xajp-managedthreadid" }; //list of headers that will be skipped because they are already processed through other means, duplicate, or not needed
string[] lstAllowBlank = new string[] { "" }; //send also if blank
string[] lstUserWhitelist = null; //if we have data here, only these headers will be sent
//fix for null headers (from Dominic)
for (int i = 0; i < httpHeaders.AllKeys.Length; i++)
{
if (httpHeaders[httpHeaders.AllKeys[i]] == null)
{
httpHeaders[httpHeaders.AllKeys[i]] = "";
}
}
//check for whitelist as specified by users
if (BonCodeAJP13Settings.BONCODEAJP13_WHITELIST_HEADERS.Length > 5)
{
lstUserWhitelist = BonCodeAJP13Settings.BONCODEAJP13_WHITELIST_HEADERS.Split(new char[] { ',' });
}
//"HTTP_CONNECTION","CONTENT_LENGTH","HTTP_ACCEPT","HTTP_ACCEPT_ENCODING","HTTP_ACCEPT_LANGUAGE","HTTP_COOKIE","HTTP_HOST","HTTP_USER_AGENT","HTTP_ACCEPT_CHARSET"
//check for headers that should not be sent based on user settings (assume headers are more than 5 characters
if ((BonCodeAJP13Settings.BONCODEAJP13_BLACKLIST_HEADERS.Length) > 5)
{
string[] lstUserBlacklist = BonCodeAJP13Settings.BONCODEAJP13_BLACKLIST_HEADERS.Split(new char[] {','});
int lshOriginalSize = lstSystemBlacklist.Length;
Array.Resize<string>(ref lstSystemBlacklist, lshOriginalSize + lstUserBlacklist.Length);
Array.Copy(lstUserBlacklist, 0, lstSystemBlacklist, lshOriginalSize, lstUserBlacklist.Length);
}
//iterate and ensure rules are met
for (int i = 0; i < httpHeaders.AllKeys.Length; i++)
{
keyName = httpHeaders.AllKeys[i];
keyValue = httpHeaders[keyName];
//only process if this key is not on the skip key list
if (!lstSystemBlacklist.Contains(keyName))
{
//if we have a white list of headers check against it or if not process header
if ((lstUserWhitelist == null) || (lstUserWhitelist.Length > 0 && lstUserWhitelist.Contains(keyName))) {
//clear keyvalue if key needs to be passed in attributes
if (BonCodeAJP13PacketHeaders.GetAttributeByte(keyName) != 0x00)
{
//skip key if it is one of the known attributes this will be added in attributes section
keyName = "";
keyValue = "";
}
//only pass on key if it is populated unless special exeption
if (BonCodeAJP13Settings.BONCODEAJP13_ALLOW_EMTPY_HEADERS || keyValue != "" || lstAllowBlank.Contains(keyName))
{
if (keyName != "")
{
cleanHeaders.Add(keyName, keyValue);
}
}
}
}//blacklist failure
}
return cleanHeaders;
}