| SecurityHelper Class |
Contains methods for ensuring security
Inheritance HierarchyNamespace: CMS.Helpers
Assembly: CMS.Helpers (in CMS.Helpers.dll) Version: 8.2.23
SyntaxC#
public static class SecurityHelper
The SecurityHelper type exposes the following members.
Methods| Name | Description | |
|---|---|---|
  | EnsureCertificateSecurity |
If some module allows acceptation of untrusted or expired certificate, this method register certificate validation callback.
|
| EscapeLikeQueryPatterns | Obsolete.
Escapes characters for query which use LIKE pattern.
|
| GenerateConfirmationEmailHash |
Generates hash for confirmation email which approves certain action (subscription to forum, password change, ...).
|
| GetMD5Hash |
Returns SHA2 hash for input data.
|
| GetSafeQueryString(String) | Obsolete.
Returns safe sql query string - escapes apostrophes and escapes wildcard characters _, %, [].
|
| GetSafeQueryString(String, Boolean) | Obsolete.
Returns safe sql query string - escapes apostrophes and optionally escapes wildcard characters _, %, [].
|
| GetSecondsToShowScreenLockAction |
Gets the time period when client should contact server to check ScreenLock state.
|
| GetSecurityAccessEnum |
Gets the SecurityAccessEnum equivalent of the permission information from the given forum access encoded info.
|
| GetSHA1Hash |
Returns the SHA1 hash byte array for given password string.
|
| GetSHA2Hash |
Returns SHA2 hash for input data.
|
| HandleClickjacking |
Adds protection against clickjacking - adding headers works only in integrated mode
|
| CheckPasswordPolicy(String, String) |
Check password policy for specified password
|
| CheckPasswordPolicy(String, String, Int32, Int32, String) |
Check password policy for specified password
|
| IsAutoCompleteEnabledForLogin |
Returns whether Autocomplete is enabled for login usernames.
|
| IsScreenLockEnabled |
Returns whether ScreenLock feature is enabled for given site.
|
| IsXFrameOptionsExcluded |
Returns whether given path is excluded from adding X-Frame-Options HTTP header.
|
| LogScreenLockAction |
Logs the call of this method as request for ScreenLock feature.
|
| SetSecurityAccessEnum |
Gets the integer equivalent of the permission information specified by the SecurityAccessEnum.
|
| TryParseBasicAuthorizationHeader |
Tries to parse Authorization header (Basic Authentication). Retrieves both username and password from header if parsing succeeded.
|
| ValidateCertificate |
Returns true if current request should be excluded from checking
Otherwise return real value
|
| ValidateConfirmationEmailHash |
Returns whether hash for confirmation email is valid.
|
| ValidateSessionToken |
Validates if session token is equal given token. In case that session doesn't contain token returns true.
|
Fields| Name | Description | |
|---|---|---|
 | EMAIL_CONFIRMATION_DATETIME_FORMAT |
Date time format used in e-mail confirmation hashing methods.
|
| RegSquerBrackets |
Regular expression for replacing squere brackets from like expressions.
|
| SESSION_TOKEN_HEADER |
Http header which can contain session token.
|
Properties| Name | Description | |
|---|---|---|
 | UseViewStateUserKey |
Use viewstate user key.
|
See Also