admin/marco.pms.api
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Chnaged the function to chek if base64 is valid or not

Browse Source
This commit is contained in:
ashutosh.nehete 2025-08-01 18:22:31 +05:30
parent 3915e9b9d0
commit c8435020a4
1 changed files with 29 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
Marco.Pms.Services/Controllers/TenantController.cs
View File

@ -18,7 +18,6 @@ using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using System.Net; using System.Net;
using System.Text.Json; using System.Text.Json;
using System.Text.RegularExpressions;
// For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860 // For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860
@ -243,7 +242,8 @@ namespace Marco.Pms.Services.Controllers
{ {
if (!string.IsNullOrWhiteSpace(model.TaxId)) if (!string.IsNullOrWhiteSpace(model.TaxId))
{ {
return await _context.Tenants.AnyAsync(t => t.TaxId == model.TaxId); await using var context = await _dbContextFactory.CreateDbContextAsync();
return await context.Tenants.AnyAsync(t => t.TaxId == model.TaxId);
} }
return false; return false;
@ -252,7 +252,8 @@ namespace Marco.Pms.Services.Controllers
{ {
if (!string.IsNullOrWhiteSpace(model.DomainName)) if (!string.IsNullOrWhiteSpace(model.DomainName))
{ {
return await _context.Tenants.AnyAsync(t => t.DomainName == model.DomainName); await using var context = await _dbContextFactory.CreateDbContextAsync();
return await context.Tenants.AnyAsync(t => t.DomainName == model.DomainName);
} }
return false; return false;
@ -474,29 +475,40 @@ namespace Marco.Pms.Services.Controllers
private bool IsBase64String(string? input) private bool IsBase64String(string? input)
{ {
if (string.IsNullOrWhiteSpace(input)) if (string.IsNullOrWhiteSpace(input))
{
return false; return false;
}
// Normalize string string base64Data = input;
input = input.Trim(); const string dataUriMarker = "base64,";
int markerIndex = input.IndexOf(dataUriMarker, StringComparison.Ordinal);
// Length must be multiple of 4 // If the marker is found, extract the actual Base64 data
if (input.Length % 4 != 0) if (markerIndex >= 0)
return false; {
base64Data = input.Substring(markerIndex + dataUriMarker.Length);
// Valid Base64 characters with correct padding }
var base64Regex = new Regex(@"^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$");
if (!base64Regex.IsMatch(input)) // Now, validate the extracted payload
base64Data = base64Data.Trim();
// Check for valid length (must be a multiple of 4) and non-empty
if (base64Data.Length == 0 || base64Data.Length % 4 != 0)
{
return false; return false;
}
// The most reliable test is to simply try to convert it.
// The .NET converter is strict and will throw a FormatException
// for invalid characters or incorrect padding.
try try
{ {
// Decode and re-encode to confirm validity Convert.FromBase64String(base64Data);
var bytes = Convert.FromBase64String(input); return true;
var reEncoded = Convert.ToBase64String(bytes);
return input == reEncoded;
} }
catch catch (FormatException)
{ {
// The string is not a valid Base64 payload.
return false; return false;
} }
} }