Consider this code:
if (request.Headers.Contains(headerName)) ...
where request is an instance of System.Net.Http.HttpRequestMessage . headerName is pretty arbitrary; Let's say it comes from user input. If its value is "Content-Type" , an exception is thrown:
System.InvalidOperationException: Invalid header name. Ensure that request headers are used with HttpRequestMessage, response headers with HttpResponseMessage, and content headers with HttpContent objects.
How exactly am I "sure" of this? The Headers collection internally knows which header names are allowed, and this list is different for request.Headers than for request.Content.Headers . It seems that I have 2 options for checking an arbitrary string:
- Keep my own whitelist for verification based on BCL documentation or source code.
- Use try / catch logic.
None of these approaches seem perfect. Is there a way to use the knowledge already contained in System.Net.Http to perform this check?
source share