Click or drag to resize
SecurityHelper Class
Contains methods for ensuring security
Inheritance Hierarchy

Namespace: CMS.Helpers
Assembly: CMS.Helpers (in CMS.Helpers.dll) Version: 9.0.0
public static class SecurityHelper

The SecurityHelper type exposes the following members.

Date time format used in e-mail confirmation hashing methods.
Public fieldStatic memberRegSquerBrackets
Regular expression for replacing squere brackets from like expressions.
Public fieldStatic memberSESSION_TOKEN_HEADER
Http header which can contain session token.
Public propertyStatic memberUseViewStateUserKey
Use viewstate user key.
Public methodStatic memberEnsureCertificateSecurity
If some module allows acceptation of untrusted or expired certificate, this method registers certificate validation callback.
Public methodStatic memberGenerateConfirmationEmailHash
Generates hash for confirmation email which approves certain action (subscription to forum, password change, ...).
Public methodStatic memberGetMD5Hash
Returns SHA2 hash for input data.
Public methodStatic memberGetSecondsToShowScreenLockAction
Gets the time period when client should contact server to check ScreenLock state.
Public methodStatic memberGetSecurityAccessEnum
Gets the SecurityAccessEnum equivalent of the permission information from the given forum access encoded info.
Public methodStatic memberGetSHA1Hash
Returns the SHA1 hash byte array for given password string.
Public methodStatic memberGetSHA2Hash
Returns SHA2 hash for input data.
Public methodStatic memberHandleClickjacking
Adds protection against clickjacking - adding headers works only in integrated mode
Public methodStatic memberCheckPasswordPolicy(String, String)
Check password policy for specified password
Public methodStatic memberCheckPasswordPolicy(String, String, Int32, Int32, String)
Check password policy for specified password
Public methodStatic memberIsAutoCompleteEnabledForLogin
Returns whether Autocomplete is enabled for login usernames.
Public methodStatic memberIsScreenLockEnabled
Returns whether ScreenLock feature is enabled for given site.
Public methodStatic memberIsXFrameOptionsExcluded
Returns whether given path is excluded from adding X-Frame-Options HTTP header.
Public methodStatic memberLogScreenLockAction
Logs the call of this method as request for ScreenLock feature.
Public methodStatic memberSetSecurityAccessEnum
Gets the integer equivalent of the permission information specified by the SecurityAccessEnum.
Public methodStatic memberTryParseBasicAuthorizationHeader
Tries to parse Authorization header (Basic Authentication). Retrieves both username and password from header if parsing succeeded.
Public methodStatic memberValidateCertificate
Returns true if current request should be excluded from checking Otherwise return real value
Public methodStatic memberValidateConfirmationEmailHash
Returns whether hash for confirmation email is valid.
Public methodStatic memberValidateSessionToken
Validates if session token is equal given token. In case that session doesn't contain token returns true.
See Also