diff --git a/AjaxPro/Configuration/AjaxSettingsSectionHandler.cs b/AjaxPro/Configuration/AjaxSettingsSectionHandler.cs
index ff79764..f8b7d26 100644
--- a/AjaxPro/Configuration/AjaxSettingsSectionHandler.cs
+++ b/AjaxPro/Configuration/AjaxSettingsSectionHandler.cs
@@ -37,6 +37,7 @@
* MS 21-10-27 added allowed customized types for JSON deserialization
* MS 21-10-30 added contentSecurityPolicy to specify a nonce for all scripts
* MS 23-05-25 added a configuration to not throw an exception when a property is not supported to read from
+ * MS 24-10-10 added configuration ExceptionDetailsEnabled to hide exception detials
*
*
*
@@ -162,6 +163,11 @@ public object Create(object parent, object configContext, System.Xml.XmlNode sec
if (n.SelectSingleNode("@enabled") != null && n.SelectSingleNode("@enabled").InnerText == "true")
settings.IgnoreNotSupportedProperties = true;
}
+ else if (n.Name == "exceptionDetails")
+ {
+ if (n.SelectSingleNode("@enabled") != null && n.SelectSingleNode("@enabled").InnerText == "true")
+ settings.ExceptionDetailsEnabled = true;
+ }
else if (n.Name == "contentSecurityPolicy")
{
var a = n.SelectSingleNode("@nonce");
diff --git a/AjaxPro/JSON/Converters/ExceptionConverter.cs b/AjaxPro/JSON/Converters/ExceptionConverter.cs
index d468248..fdcef4a 100644
--- a/AjaxPro/JSON/Converters/ExceptionConverter.cs
+++ b/AjaxPro/JSON/Converters/ExceptionConverter.cs
@@ -27,6 +27,7 @@
* MS 06-05-24 initial version
* MS 06-09-24 use QuoteString instead of Serialize
* MS 06-09-26 improved performance using StringBuilder
+ * MS 24-10-10 added configuration ExceptionDetailsEnabled to hide exception detials
*
*
*/
@@ -83,25 +84,33 @@ public override void Serialize(object o, StringBuilder sb)
// in the object the callback JavaScript method will get.
sb.Append("{\"Message\":");
- JavaScriptUtil.QuoteString(ex.Message, sb);
- sb.Append(",\"Type\":");
- JavaScriptUtil.QuoteString(o.GetType().FullName, sb);
-#if (!JSONLIB)
- if (AjaxPro.Utility.Settings.DebugEnabled)
- {
- sb.Append(",\"Stack\":");
- JavaScriptUtil.QuoteString(ex.StackTrace, sb);
- if (ex.TargetSite != null)
+ if (!AjaxPro.Utility.Settings.ExceptionDetailsEnabled)
+ {
+ JavaScriptUtil.QuoteString("An error occurred.", sb);
+ }
+ else
+ {
+ JavaScriptUtil.QuoteString(ex.Message, sb);
+ sb.Append(",\"Type\":");
+ JavaScriptUtil.QuoteString(o.GetType().FullName, sb);
+#if (!JSONLIB)
+ if (AjaxPro.Utility.Settings.DebugEnabled)
{
- sb.Append(",\"TargetSite\":");
- JavaScriptUtil.QuoteString(ex.TargetSite.ToString(), sb);
- }
+ sb.Append(",\"Stack\":");
+ JavaScriptUtil.QuoteString(ex.StackTrace, sb);
- sb.Append(",\"Source\":");
- JavaScriptUtil.QuoteString(ex.Source, sb);
- }
+ if (ex.TargetSite != null)
+ {
+ sb.Append(",\"TargetSite\":");
+ JavaScriptUtil.QuoteString(ex.TargetSite.ToString(), sb);
+ }
+
+ sb.Append(",\"Source\":");
+ JavaScriptUtil.QuoteString(ex.Source, sb);
+ }
#endif
+ }
sb.Append("}");
}
diff --git a/AjaxPro/Security/DecryptTransformer.cs b/AjaxPro/Security/DecryptTransformer.cs
index f35757c..a4ea7bc 100644
--- a/AjaxPro/Security/DecryptTransformer.cs
+++ b/AjaxPro/Security/DecryptTransformer.cs
@@ -23,6 +23,11 @@
* CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
+/*
+ * MS 24-10-10 changed to set DES encryption obsolete
+ *
+ *
+ */
using System;
using System.Security.Cryptography;
@@ -76,7 +81,14 @@ internal ICryptoTransform GetCryptoServiceProvider(byte[] bytesKey)
rijndael.Mode = CipherMode.CBC;
return rijndael.CreateDecryptor(bytesKey, initVec);
- default:
+ case EncryptionAlgorithm.Aes:
+ AesCryptoServiceProvider aes = new AesCryptoServiceProvider();
+ aes.Mode = CipherMode.CBC;
+ aes.Key = bytesKey;
+ aes.IV = initVec;
+ return aes.CreateDecryptor();
+
+ default:
throw new CryptographicException("Algorithm ID '" + algorithmID + "' not supported!");
}
}
diff --git a/AjaxPro/Security/EncryptTransformer.cs b/AjaxPro/Security/EncryptTransformer.cs
index df27d43..f4cdc45 100644
--- a/AjaxPro/Security/EncryptTransformer.cs
+++ b/AjaxPro/Security/EncryptTransformer.cs
@@ -25,6 +25,7 @@
*/
/*
* MS 06-04-25 enums should have a zero value
+ * MS 24-10-10 changed to set DES encryption obsolete
*
*
*/
@@ -33,49 +34,51 @@
namespace AjaxPro.Cryptography
{
- ///
- ///
- ///
- public enum EncryptionAlgorithm
- {
- ///
- ///
- ///
- Des = 0,
-
- ///
- ///
- ///
- Rc2,
-
- ///
- ///
- ///
- Rijndael,
-
- ///
- ///
- ///
- TripleDes
- };
-
- ///
- ///
- ///
- internal class EncryptTransformer
- {
- private EncryptionAlgorithm algorithmID;
- private byte[] initVec;
- private byte[] encKey;
+ ///
+ ///
+ ///
+ public enum EncryptionAlgorithm
+ {
+ [Obsolete("Use EncryptionAlgorithm.Aes instead.")]
+ ///
+ ///
+ ///
+ Des = 0,
+
+ ///
+ ///
+ ///
+ Rc2,
+
+ ///
+ ///
+ ///
+ Rijndael,
+
+ ///
+ ///
+ ///
+ TripleDes,
+ Aes
+ };
+
+ ///
+ ///
+ ///
+ internal class EncryptTransformer
+ {
+ private EncryptionAlgorithm algorithmID;
+ private byte[] initVec;
+ private byte[] encKey;
///
/// Initializes a new instance of the class.
///
/// The alg id.
public EncryptTransformer(EncryptionAlgorithm algId)
- {
- algorithmID = algId;
- }
+ {
+ algorithmID = algId;
+ }
///
/// Gets the crypto service provider.
@@ -83,137 +86,161 @@ public EncryptTransformer(EncryptionAlgorithm algId)
/// The bytes key.
///
internal ICryptoTransform GetCryptoServiceProvider(byte[] bytesKey)
- {
- switch(algorithmID)
- {
- case EncryptionAlgorithm.Des:
- DES des = new DESCryptoServiceProvider();
- des.Mode = CipherMode.CBC;
-
- if(null == bytesKey)
- {
- encKey = des.Key;
- }
- else
- {
- des.Key = bytesKey;
- encKey = des.Key;
- }
-
- if(null == initVec)
- {
- initVec = des.IV;
- }
- else
- {
- des.IV = initVec;
- }
- return des.CreateEncryptor();
-
- case EncryptionAlgorithm.TripleDes:
- TripleDES des3 = new TripleDESCryptoServiceProvider();
- des3.Mode = CipherMode.CBC;
-
- if(null == bytesKey)
- {
- encKey = des3.Key;
- }
- else
- {
- des3.Key = bytesKey;
- encKey = des3.Key;
- }
-
- if(null == initVec)
- {
- initVec = des3.IV;
- }
- else
- {
- des3.IV = initVec;
- }
- return des3.CreateEncryptor();
-
- case EncryptionAlgorithm.Rc2:
- RC2 rc2 = new RC2CryptoServiceProvider();
- rc2.Mode = CipherMode.CBC;
-
- if(null == bytesKey)
- {
- encKey = rc2.Key;
- }
- else
- {
- rc2.Key = bytesKey;
- encKey = rc2.Key;
- }
-
- if(null == initVec)
- {
- initVec = rc2.IV;
- }
- else
- {
- rc2.IV = initVec;
- }
- return rc2.CreateEncryptor();
-
- case EncryptionAlgorithm.Rijndael:
- Rijndael rijndael = new RijndaelManaged();
- rijndael.Mode = CipherMode.CBC;
-
- if(null == bytesKey)
- {
- encKey = rijndael.Key;
- }
- else
- {
- rijndael.Key = bytesKey;
- encKey = rijndael.Key;
- }
-
- if(null == initVec)
- {
- initVec = rijndael.IV;
- }
- else
- {
- rijndael.IV = initVec;
- }
- return rijndael.CreateEncryptor();
-
- default:
- throw new CryptographicException("Algorithm ID '" + algorithmID + "' not supported!");
- }
- }
+ {
+ switch (algorithmID)
+ {
+ case EncryptionAlgorithm.Des:
+ DES des = new DESCryptoServiceProvider();
+ des.Mode = CipherMode.CBC;
+
+ if (null == bytesKey)
+ {
+ encKey = des.Key;
+ }
+ else
+ {
+ des.Key = bytesKey;
+ encKey = des.Key;
+ }
+
+ if (null == initVec)
+ {
+ initVec = des.IV;
+ }
+ else
+ {
+ des.IV = initVec;
+ }
+ return des.CreateEncryptor();
+
+ case EncryptionAlgorithm.TripleDes:
+ TripleDES des3 = new TripleDESCryptoServiceProvider();
+ des3.Mode = CipherMode.CBC;
+
+ if (null == bytesKey)
+ {
+ encKey = des3.Key;
+ }
+ else
+ {
+ des3.Key = bytesKey;
+ encKey = des3.Key;
+ }
+
+ if (null == initVec)
+ {
+ initVec = des3.IV;
+ }
+ else
+ {
+ des3.IV = initVec;
+ }
+ return des3.CreateEncryptor();
+
+ case EncryptionAlgorithm.Rc2:
+ RC2 rc2 = new RC2CryptoServiceProvider();
+ rc2.Mode = CipherMode.CBC;
+
+ if (null == bytesKey)
+ {
+ encKey = rc2.Key;
+ }
+ else
+ {
+ rc2.Key = bytesKey;
+ encKey = rc2.Key;
+ }
+
+ if (null == initVec)
+ {
+ initVec = rc2.IV;
+ }
+ else
+ {
+ rc2.IV = initVec;
+ }
+ return rc2.CreateEncryptor();
+
+ case EncryptionAlgorithm.Rijndael:
+ Rijndael rijndael = new RijndaelManaged();
+ rijndael.Mode = CipherMode.CBC;
+
+ if (null == bytesKey)
+ {
+ encKey = rijndael.Key;
+ }
+ else
+ {
+ rijndael.Key = bytesKey;
+ encKey = rijndael.Key;
+ }
+
+ if (null == initVec)
+ {
+ initVec = rijndael.IV;
+ }
+ else
+ {
+ rijndael.IV = initVec;
+ }
+ return rijndael.CreateEncryptor();
+
+ case EncryptionAlgorithm.Aes:
+ AesCryptoServiceProvider aes = new AesCryptoServiceProvider();
+ aes.Mode = CipherMode.CBC;
+
+ if (null == bytesKey) if (null == bytesKey)
+ {
+ encKey = aes.Key; encKey = aes.Key;
+ }
+ else
+ {
+ aes.Key = bytesKey;
+ encKey = aes.Key;
+ }
+
+ if (null == initVec) if (null == initVec)
+ {
+ initVec = aes.IV;
+ }
+ else
+ {
+ aes.IV = initVec;
+ }
+ return aes.CreateEncryptor();
+
+ default:
+ throw new CryptographicException("Algorithm ID '" + algorithmID + "' not supported!");
+ }
+ }
///
/// Gets or sets the IV.
///
/// The IV.
internal byte[] IV
- {
- get
- {
- return initVec;
- }
- set
- {
- initVec = value;
- }
- }
+ {
+ get
+ {
+ return initVec;
+ }
+ set
+ {
+ initVec = value;
+ }
+ }
///
/// Gets the key.
///
/// The key.
internal byte[] Key
- {
- get
- {
- return encKey;
- }
- }
-
- }
+ {
+ get
+ {
+ return encKey;
+ }
+ }
+
+ }
}
diff --git a/AjaxPro/Utilities/AjaxSettings.cs b/AjaxPro/Utilities/AjaxSettings.cs
index 2100926..6d74c42 100644
--- a/AjaxPro/Utilities/AjaxSettings.cs
+++ b/AjaxPro/Utilities/AjaxSettings.cs
@@ -38,6 +38,7 @@
* MS 21-10-30 added contentSecurityPolicy to specify a nonce for all scripts
* MS 21-11-22 changed to set the default behavior to not allow custom types
* MS 23-05-25 added a configuration to not throw an exception when a property is not supported to read from
+ * MS 24-10-10 added configuration ExceptionDetailsEnabled to hide exception detials
*
*
*/
@@ -101,6 +102,7 @@ internal class AjaxSettings
private bool m_IsUseSimpleObjectNaming = false;
private bool m_IsOnlyAllowTypesInList = false;
private bool m_IsIgnoreNotSupportedProperties = false;
+ private bool m_ExceptionDetailsEnabled = false;
private System.Collections.Specialized.StringCollection m_OldStyle = new System.Collections.Specialized.StringCollection();
@@ -209,6 +211,12 @@ internal bool IgnoreNotSupportedProperties
set { m_IsIgnoreNotSupportedProperties = value; }
}
+ internal bool ExceptionDetailsEnabled
+ {
+ get { return m_ExceptionDetailsEnabled; }
+ set { m_ExceptionDetailsEnabled = value; }
+ }
+
///
/// Gets or sets several settings that will be used for old styled web applications.
///
diff --git a/AjaxPro/core.js b/AjaxPro/core.js
index 5917e27..a785742 100644
--- a/AjaxPro/core.js
+++ b/AjaxPro/core.js
@@ -174,7 +174,7 @@ Object.extend(AjaxPro, {
queue: null,
noUtcTime: false,
regExDate: function (str, p1, p2, offset, s) {
- var date = str.substring(1).replace('"', '');
+ var date = str.substring(1).replace(/"/g, '');
if (date.substring(0, 7) == "\\\/Date(") {
var d = date.match(/Date\((.*?)\)/)[1];
return "new Date(" + parseInt(d) + ")";
diff --git a/AjaxPro/web.config b/AjaxPro/web.config
index 00c3cb1..f269d05 100644
--- a/AjaxPro/web.config
+++ b/AjaxPro/web.config
@@ -61,6 +61,12 @@
-->
+