AntiXssHeaders.zip
در صفحه اول آن
<script type="text/javascript"> alert('test'); </script>
<script type="text/javascript"> alert('test'); </script>
public enum CustomerType { Person = 0, Company = 1 } public class Customer { public CustomerType Type { get; set; } }
با وجود چنین کلاسی از مشتری و نیاز به انجام فعالیتهای مختلفی بر روی آن، احتمالا نیاز خواهد بود که در بخشهای مختلف کد، گذارهی switch ای مانند زیر را اضافه کنید:
switch (customer.Type) { case CustomerType.Person: // calculate discount, or send message or edit customer or anything else break; case CustomerType.Company: // calculate discount, or send message or edit customer or anything else break; default: throw new ArgumentOutOfRangeException(); }
برای انجام فعالیتهای مختلفی مانند محاسبه تخفیف، ارسال پیام و یا ویرایش مشتری، نیاز خواهد بود این گذاره تکرار شود که خود این موضوع بوی بد duplicate code است و به الگوی shotgun surgery نیز ختم خواهد شد.
حال فرض کنید نیاز است مشتریان حقوقی، خود به دو نوع مشتری حقوقی بخش خصوصی و مشتری حقوقی بخش دولتی تقسیم شوند. در پیاده سازی ذکر شده باید به CustomerType یک آیتم افزوده شود و در تمامی switchها نیز در صورت نیاز شرط مربوط به آن اضافه شود.
برای حل این نوع از کد بد بو، معمولا یک کلاس پدر را به نام مشتری ایجاد کرده و کلاسهای مختص هر یک از انواع مشتری را از آن به ارث میبرند (Replace type code with subclass):
یا میتوان طراحی را کمی متفاوتتر و به صورت زیر انجام داد:
دلیل مشابه دیگر ایجاد این الگوی بد کد استفاده از type code به عنوان وضعیت یک تایپ است. که در این صورت میتوان بجای type code از state object استفاده کرد (Replace type code with strategy). به این مورد در مباحث مربوط به refactoring به طور مفصل پرداخته شده است.
این کد بد بو در شرایط متفاوتی ایجاد میشود. با این حال یکی از پر تکرارترین آنها استفاده بد یا عدم استفاده از الگوهای طراحی شیء گرا است. تصحیص این الگوی بد، به خوانایی و نگهداری کد در بلند مدت کمک بسیار زیادی میکند.
class Car { } class CarProducer { public void DeliverTo(int carsCount, string town) { Car[] cars = new Car[carsCount]; ... } }
class Transporter { public string Name { get; private set; } public Transporter(string name) { this.Name = name; } public void Deliver(Car[] cars, string town) { Console.WriteLine("Delivering {0} car(s) to {1} by {2}", cars.Length, town, this.Name); } }
static class TransporterLocator { static IList<Transporter> transporters = new List<Transporter>(); public static void Register(Transporter transporter) { transporters.Add(transporter); } public static Transporter Locate(string name) { return transporters .Where(transporter => transporter.Name == name) .Single(); } }
class CarProducer { public void DeliverTo(int carsCount, string town) { Car[] cars = new Car[carsCount]; Transporter transporter = null; if (carsCount <= 12) transporter = TransporterLocator.Locate("truck"); else transporter = TransporterLocator.Locate("train"); transporter.Deliver(cars, town); } }
TransporterLocator.Register(new Transporter("truck")); TransporterLocator.Register(new Transporter("train")); CarProducer producer = new CarProducer(); producer.DeliverTo(7, "Tehran"); producer.DeliverTo(74, "Tehran");
TransporterLocator.Register(new Transporter("truck")); CarProducer producer = new CarProducer(); producer.DeliverTo(7, "Tehran"); producer.DeliverTo(74, "Tehran");
class CarProducer { private Transporter truck; private Transporter train; public CarProducer(Transporter truck, Transporter train) { if (truck == null) throw new ArgumentNullException("truck"); if (train == null) throw new ArgumentNullException("train"); this.truck = truck; this.train = train; } public void DeliverTo(int carsCount, string town) { Car[] cars = new Car[carsCount]; Transporter transporter = this.truck; if (carsCount > 12) transporter = this.train; transporter.Deliver(cars, town); } }
public IEnumerable<Product> GetProducts() { using (var stream = File.Read(Path.Combine(Environment.CurrentDirectory, "products.xml"))) { var serializer = new XmlSerializer(); return (IEnumerable<Product>)serializer.Deserialize(stream); } }
public IEnumerable<Product> GetCachedProducts() { var fullPath = Path.Combine(Environment.CurrentDirectory, "ProductCache.xml"); if (!File.Exists(fullPath)) return new Product[0]; using (var stream = File.Read(fullPath)) { var serializer = new XmlSerializer(); return (IEnumerable<Product>)serializer.Deserialize(stream); } }
IEnumerable<Product> GetProducts()
IEnumerable<Product> GetCachedProducts()
public class UserRepository : IUserRepository { public IList<User> Search(string value) { try { return CreateConnectionAndACommandAndReturnAList("WHERE value=@value", Parameter.New("value", value)); } catch (SqlException err) { var msg = String.Format("Ohh no! Failed to search after users with '{0}' as search string", value); throw new DataSourceException(msg, err); } } }
public void PrintName(string name) { Console.WriteLine(name); }
public void PrintName(string name) { if (name == null) throw new ArgumentNullException("name"); Console.WriteLine(name); }
public void PrintName(string name) { if (name == null) throw new ArgumentNullException("name"); if (name.Length < 5 || name.Length > 10) throw new ArgumentOutOfRangeException("name", name, "Name must be between 5 or 10 characters long"); if (name.Any(x => !char.IsAlphaNumeric(x)) throw new ArgumentOutOfRangeException("name", name, "May only contain alpha numerics"); Console.WriteLine(name); }
public User GetUser(int id) { }
var user = datasource.GetUser(userId); if (user == null) throw new InvalidOperationException("Failed to find user: " + userId); // actual logic here
public User GetUser(int id) { if (id <= 0) throw new ArgumentOutOfRangeException("id", id, "Valid ids are from 1 and above. Do you have a parsing error somewhere?"); var user = db.Execute<User>("WHERE Id = ?", id); if (user == null) throw new EntityNotFoundException("Failed to find user with id " + id); return user; }
کد زیر را در نظر بگیرید:
try { FutileAttemptToResist(); } catch (BorgException err) { _myDearLog.Error("I'm in da cube! Ohh no!", err); throw err; }
یکی دیگر از خطاهای رایج اضافه نکردن استثناء اصلی حین صدور استثناء جدید است:
try { GreaseTinMan(); } catch (InvalidOperationException err) { throw new TooScaredLion("The Lion was not in the m00d", err); //<---- استثناء اصلی بهتر است به استثناء جدید پاس داده شود }
در هنگام صدور یک استثناء بهتر است اطلاعات دقیقی را به آن ارسال کنیم تا دیباگ کردن آن به راحتی انجام شود. به عنوان مثال کد زیر را در نظر داشته باشید:
try { socket.Connect("somethingawful.com", 80); } catch (SocketException err) { throw new InvalidOperationException("Socket failed", err); }
void IncreaseStatusForUser(int userId, int newStatus) { try { var user = _repository.Get(userId); if (user == null) throw new UpdateException(string.Format("Failed to find user #{0} when trying to increase status to {1}", userId, newStatus)); user.Status = newStatus; _repository.Save(user); } catch (DataSourceException err) { var errMsg = string.Format("Failed to find modify user #{0} when trying to increase status to {1}", userId, newStatus); throw new UpdateException(errMsg, err); }
public NewException() public NewException(string description ) public NewException(string description, Exception inner) protected or private NewException(SerializationInfo info, StreamingContext context)
“The given key was not present in the dictionary.”
“The key ‘abrakadabra’ was not present in the dictionary.”
public class SampleException : Exception { public SampleException(string description) : base(description) { if (description == null) throw new ArgumentNullException("description"); } public SampleException(string description, Exception inner) : base(description, inner) { if (description == null) throw new ArgumentNullException("description"); if (inner == null) throw new ArgumentNullException("inner"); } public SampleException(SerializationInfo info, StreamingContext context) : base(info, context) { } }
public class HttpException : Exception { System.Net.HttpStatusCode _statusCode; public HttpException(System.Net.HttpStatusCode statusCode, string description) : base(description) { if (description == null) throw new ArgumentNullException("description"); _statusCode = statusCode; } public HttpException(System.Net.HttpStatusCode statusCode, string description, Exception inner) : base(description, inner) { if (description == null) throw new ArgumentNullException("description"); if (inner == null) throw new ArgumentNullException("inner"); _statusCode = statusCode; } public HttpException(SerializationInfo info, StreamingContext context) : base(info, context) { } public System.Net.HttpStatusCode StatusCode { get; private set; } }
public override string Message { get { return base.Message + "\r\nStatus code: " + StatusCode; } }
public class HttpException : Exception { // [...] public HttpException(SerializationInfo info, StreamingContext context) : base(info, context) { // this is new StatusCode = (HttpStatusCode) info.GetInt32("HttpStatusCode"); } public HttpStatusCode StatusCode { get; private set; } public override string Message { get { return base.Message + "\r\nStatus code: " + StatusCode; } } // this is new public override void GetObjectData(SerializationInfo info, StreamingContext context) { base.GetObjectData(info, context); info.AddValue("HttpStatusCode", (int) StatusCode); } }
throw new Exception("Unknown FaileType"); throw new Exception("Unecpected workingDirectory");
"Unecpected workingDirectory"
"You tried to provide a working directory string that doesn't represent a working directory. It's not your fault, because it wasn't possible to design the FileStore class in such a way that this is a statically typed pre-condition, but please supply a valid path to an existing directory. "The invalid value was: "fllobdedy"."
Here’s a sampling of the great new features and improvements in ASP.NET Core for .NET 7:
AddCallCredentials
: Create clients that send authorized requests using bearer tokens.[JSImport]
/[JSExport]
support.INSERT INTO tableName VALUES ( '{ "name": "User1", "age": 41 }' );
INSERT INTO tableName VALUES ( JSON_ARRAY( JSON_OBJECT( "id", 1, "name", "User1", "age", 31, "skills", JSON_ARRAY("JS", "DB", "Git"), "address", JSON_OBJECT( "country", "Iran", "city", "Tehran") ), JSON_OBJECT( "id", 2, "name", "User2", "age", 31, "skills", JSON_ARRAY("C#"), "address", JSON_OBJECT( "country", "Iran", "city", "Sanandaj" ) ) ) );
UPDATE experiments.tableName SET jsonData = JSON_ARRAY_APPEND(jsonData, '$[1].skills', 'JS', '$[1].skills', 'DB', '$[1].skills', 'Kotlin' ) -- ["C#", "JS", "DB", "Kotlin"]
UPDATE experiments.tableName SET jsonData = JSON_ARRAY_INSERT(jsonData, '$[1].skills[4]', 'TS') -- ["C#", "JS", "DB", "Kotlin", "TS"]
UPDATE experiments.tableName SET jsonData = JSON_INSERT(jsonData, '$[1].address.location', JSON_OBJECT('phone', 8989898))
UPDATE experiments.tableName SET jsonData = JSON_REPLACE(jsonData, '$[1].address.location.phone', 12345656)
UPDATE experiments.tableName SET jsonData = JSON_REMOVE(jsonData, '$[1].address')
UPDATE experiments.tableName SET jsonData = JSON_SET(jsonData, '$[1].address', JSON_OBJECT('country', 'Iran', 'city', '-', 'phone', 12345 )); /* { location: { "city": "-", "phone": 12345, "country": "Iran" } } */ UPDATE experiments.tableName SET jsonData = JSON_SET(jsonData, '$[1].address.city', 'Tehran'); /* { location: { "city": "-", "phone": 12345, "country": "Iran" } } */ UPDATE experiments.tableName SET jsonData = JSON_SET(jsonData, '$[1].address.postcode', '0098'); /* { location: {"city": "Tehran", "phone": 12345, "country": "Iran", "postcode": '0098' } } */
SELECT JSON_EXTRACT(jsonData, '$[1].address.city') FROM experiments.tableName; -- "Tehran" SELECT JSON_UNQUOTE(JSON_EXTRACT(jsonData, '$[1].address.city')) FROM experiments.tableName; -- Tehran
SELECT jsonData -> '$[1].address.city' FROM experiments.tableName; -- "Tehran"
SELECT jsonData ->> '$[1].address.city' FROM experiments.tableName; -- Tehran
SELECT jsonData ->> '$[1].address.city' FROM experiments.tableName WHERE jsonData ->> '$[1].address.city' = 'Tehran';
SELECT JSON_MERGE_PRESERVE('{ "id": "1", "name": "Product One", "price": 12.45, "discount": 10, "rating": 4, "category": ["fashion", "men"], "tags": ["fashion", "men", "jacket", "full sleeve"] }', '{ "id": "2", "name": "Product Two", "price": 30, "discount": 0, "rating": 3, "category": ["fashion", "men"], "tags": ["fashion", "men", "jacket", "full sleeve"] }');
{ "id": ["1", "2"], "name": ["Product One", "Product Two"], "tags": [ "fashion", "men", "jacket", "full sleeve", "fashion", "men", "jacket", "full sleeve" ], "price": [12.45, 30], "rating": [4, 3], "category": ["fashion", "men", "fashion", "men"], "discount": [10, 0] }
SELECT JSON_MERGE_PATCH('{ "id": "1", "name": "Product One", "price": 12.45, "discount": 10, "rating": 4, "category": ["fashion", "men"], "tags": ["fashion", "men", "jacket", "full sleeve"], "sku": "asdf123" }', '{ "id": "2", "name": "Product Two", "price": 30, "discount": 0, "rating": 3, "category": ["fashion", "men"], "tags": ["fashion", "men", "jacket", "full sleeve"] }');
{ "id": "2", "sku": "asdf123", "name": "Product Two", "tags": ["fashion", "men", "jacket", "full sleeve"], "price": 30, "rating": 3, "category": ["fashion", "men"], "discount": 0 }
AntiForgeryConfig.RequireSsl = true;
<configuration> <system.web> <authentication mode="Forms"> <forms requireSSL="true" cookieless="UseCookies"/> </authentication> </system.web> </configuration>
<configuration> <system.web> <httpCookies httpOnlyCookies="true" requireSSL="true" /> </system.web> </configuration>
<configuration> <system.web> <roleManager cookieRequireSSL="true" /> </system.web> </configuration>
var options = new CookieAuthenticationOptions() { CookieHttpOnly = true, CookieSecure = CookieSecureOption.Always, ExpireTimeSpan = TimeSpan.FromMinutes(10) };
filters.Add(new RequireHttpsAttribute(permanent: true));
using System.Web.Mvc; namespace MyWebsite { internal static class FilterConfig { internal static void RegisterGlobalFilters(GlobalFilterCollection filters) { filters.Add(new RequireHttpsAttribute(permanent: true)); } } }
protected void Application_BeginRequest(Object sender, EventArgs e) { if (!HttpContext.Current.Request.IsSecureConnection) { var builder = new UriBuilder { Scheme = "https", Host = Request.Url.Host, // use the RawUrl since it works with URL Rewriting Path = Request.RawUrl }; Response.Status = "301 Moved Permanently"; Response.AddHeader("Location", builder.ToString()); } }
<httpProtocol> <customHeaders> <add name="Strict-Transport-Security" value="max-age=16070400; includeSubDomains" />
<rewrite> <rules> <rule name="Redirect to HTTPS" stopProcessing="true"> <match url="(.*)" /> <conditions> <add input="{HTTPS}" pattern="off" ignoreCase="true" /> <add input="{HTTP_HOST}" negate="true" pattern="localhost" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" /> </rule>
var fullBaseUrl = Url.Action(result: MVC.Home.Index(), protocol: this.Request.Url.Scheme);
User-agent: * Sitemap: https://www.dntips.ir/Sitemap
public static int FindDuplicateImagesCount(string pdfFileName) { int count = 0; var pdf = new PdfReader(pdfFileName); var md5 = new MD5CryptoServiceProvider(); var enc = new UTF8Encoding(); var imagesHashList = new List<string>(); int intPageNum = pdf.NumberOfPages; for (int i = 1; i <= intPageNum; i++) { var page = pdf.GetPageN(i); var resources = PdfReader.GetPdfObject(page.Get(PdfName.RESOURCES)) as PdfDictionary; if (resources == null) continue; var xObject = PdfReader.GetPdfObject(resources.Get(PdfName.XOBJECT)) as PdfDictionary; if (xObject == null) continue; foreach (var name in xObject.Keys) { var pdfObject = xObject.Get(name); if (!pdfObject.IsIndirect()) continue; var imgObject = PdfReader.GetPdfObject(pdfObject) as PdfDictionary; if (imgObject == null) continue; var subType = PdfReader.GetPdfObject(imgObject.Get(PdfName.SUBTYPE)) as PdfName; if (subType == null) continue; if (!PdfName.IMAGE.Equals(subType)) continue; byte[] imageBytes = PdfReader.GetStreamBytesRaw((PRStream)imgObject); var md5Hash = enc.GetString(md5.ComputeHash(imageBytes)); if (!imagesHashList.Contains(md5Hash)) { imagesHashList.Add(md5Hash); } else { Console.WriteLine("Found duplicate image @page: {0}.", i); count++; } } } pdf.Close(); return count; }
public class PdfSmartCopy2 : PdfSmartCopy { public PdfSmartCopy2(Document document, Stream os) : base(document, os) { } /// <summary> /// This is a forgotten feature in iTextSharp 5.3.4. /// Actually its PdfSmartCopy is useless without this! /// </summary> protected override PdfIndirectReference CopyIndirect(PRIndirectReference inp, bool keepStructure, bool directRootKids) { return base.CopyIndirect(inp); } } public static void RemoveDuplicateObjects(string inFile, string outFile) { var document = new Document(); var copy = new PdfSmartCopy2(document, new FileStream(outFile, FileMode.Create)); document.Open(); var reader = new PdfReader(inFile); var n = reader.NumberOfPages; for (int page = 0; page < n; ) { copy.AddPage(copy.GetImportedPage(reader, ++page)); } copy.FreeReader(reader); document.Close(); }
private static void CreateTestFile() { using (var pdfDoc = new Document(PageSize.A4)) { var pdfWriter = PdfWriter.GetInstance(pdfDoc, new FileStream("Test.pdf", FileMode.Create)); pdfDoc.Open(); var table = new PdfPTable(new float[] { 1, 2 }); table.AddCell(Image.GetInstance("01.png")); table.AddCell(Image.GetInstance("01.png")); pdfDoc.Add(table); } }
اینبار دو تصویر داریم که هر دو به یک stream اشاره میکنند. تصاویر فوق به کمک برنامه iText RUPS تهیه شدهاند.