SecurityHelper Class |
Namespace: CMS.Helpers
public static class SecurityHelper
The SecurityHelper type exposes the following members.
Name | Description | |
---|---|---|
RegSquerBrackets |
Regular expression for replacing square brackets from like expressions.
| |
SESSION_TOKEN_HEADER |
HTTP header which can contain session token.
|
Name | Description | |
---|---|---|
Pbkdf2IterationsCount |
Iterations count used within Rfc2898DeriveBytes.
More iterations will generate more resistant hashes to brute-force attacks, however performance issues might arise when set to high.
|
Name | Description | |
---|---|---|
CheckPasswordPolicy(String, String) |
Check password policy for specified password
| |
CheckPasswordPolicy(String, String, Int32, Int32, String) |
Check password policy for specified password
| |
EnsureCertificateSecurity |
If some module allows acceptation of untrusted or expired certificate, this method registers certificate validation callback.
| |
GenerateConfirmationEmailHash |
Generates hash for confirmation email which approves certain action (subscription to forum, password change, ...).
| |
GetMD5Hash |
Returns SHA2 hash for input data.
| |
GetPBKDF2Hash |
Returns PBKDF2 hash for password.
Rfc2898DeriveBytes implements PBKDF2 with HMACSHA1 (hard coded in the class).
| |
GetSecondsToShowScreenLockAction |
Gets the time period when client should contact server to check ScreenLock state.
| |
GetSecurityAccessEnum |
Gets the SecurityAccessEnum equivalent of the permission information from the given forum access encoded info.
| |
GetSHA1Hash |
Returns the SHA1 hash byte array for given password string.
| |
GetSHA2Hash |
Returns SHA2 hash for input data.
| |
HandleClickjacking |
Adds protection against clickjacking - adding headers works only in integrated mode
| |
IsAutoCompleteEnabledForLogin |
Returns whether Autocomplete is enabled for login usernames.
| |
IsScreenLockEnabled |
Returns whether ScreenLock feature is enabled for given site.
| |
IsXFrameOptionsExcluded |
Returns whether given path is excluded from adding X-Frame-Options HTTP header.
| |
LogScreenLockAction |
Logs the call of this method as request for ScreenLock feature.
| |
SetSecurityAccessEnum |
Gets the integer equivalent of the permission information specified by the SecurityAccessEnum.
| |
TryParseBasicAuthorizationHeader |
Tries to parse Authorization header (Basic Authentication). Retrieves both username and password from header if parsing succeeded.
| |
ValidateCertificate |
Returns true if current request should be excluded from checking
Otherwise return real value
| |
ValidateConfirmationEmailHash |
Returns whether hash for confirmation email is valid.
| |
ValidateSessionToken |
Validates if session token is equal given token. In case that session doesn't contain token returns true.
| |
VerifyPBKDF2Hash |
Returns true in case given password matches given PBKDF2 hash.
|