Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Xml / System / Xml / XmlSecureResolver.cs / 1305376 / XmlSecureResolver.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //[....] //----------------------------------------------------------------------------- namespace System.Xml { using System.Net; using System.Security; using System.Security.Policy; using System.Security.Permissions; using System.Runtime.Versioning; [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")] public class XmlSecureResolver : XmlResolver { XmlResolver resolver; PermissionSet permissionSet; public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {} public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {} public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) { this.resolver = resolver; this.permissionSet = permissionSet; } public override ICredentials Credentials { set { resolver.Credentials = value; } } public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) { permissionSet.PermitOnly(); return resolver.GetEntity(absoluteUri, role, ofObjectToReturn); } [ResourceConsumption(ResourceScope.Machine)] [ResourceExposure(ResourceScope.Machine)] public override Uri ResolveUri(Uri baseUri, string relativeUri) { return resolver.ResolveUri(baseUri, relativeUri); } public static Evidence CreateEvidenceForUrl(string securityUrl) { Evidence evidence = new Evidence(); if (securityUrl != null && securityUrl.Length > 0) { evidence.AddHostEvidence(new Url(securityUrl)); evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl)); Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute); if (uri.IsAbsoluteUri && !uri.IsFile) { evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl)); } // Allow same directory access for UNCs (SQLBUDT 394535) if (uri.IsAbsoluteUri && uri.IsUnc) { string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath); if (uncDir != null && uncDir.Length != 0) { evidence.AddHostEvidence(new UncDirectory(uncDir)); } } } return evidence; } [Serializable] private class UncDirectory : EvidenceBase, IIdentityPermissionFactory { private string uncDir; public UncDirectory(string uncDirectory) { this.uncDir = uncDirectory; } public IPermission CreateIdentityPermission(Evidence evidence) { return new FileIOPermission(FileIOPermissionAccess.Read, uncDir); } public override EvidenceBase Clone() { return new UncDirectory(uncDir); } private SecurityElement ToXml() { SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver"); root.AddAttribute("version", "1"); root.AddChild(new SecurityElement("UncDirectory", uncDir)); return root; } public override string ToString() { return ToXml().ToString(); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //[....] //----------------------------------------------------------------------------- namespace System.Xml { using System.Net; using System.Security; using System.Security.Policy; using System.Security.Permissions; using System.Runtime.Versioning; [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")] public class XmlSecureResolver : XmlResolver { XmlResolver resolver; PermissionSet permissionSet; public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {} public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {} public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) { this.resolver = resolver; this.permissionSet = permissionSet; } public override ICredentials Credentials { set { resolver.Credentials = value; } } public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) { permissionSet.PermitOnly(); return resolver.GetEntity(absoluteUri, role, ofObjectToReturn); } [ResourceConsumption(ResourceScope.Machine)] [ResourceExposure(ResourceScope.Machine)] public override Uri ResolveUri(Uri baseUri, string relativeUri) { return resolver.ResolveUri(baseUri, relativeUri); } public static Evidence CreateEvidenceForUrl(string securityUrl) { Evidence evidence = new Evidence(); if (securityUrl != null && securityUrl.Length > 0) { evidence.AddHostEvidence(new Url(securityUrl)); evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl)); Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute); if (uri.IsAbsoluteUri && !uri.IsFile) { evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl)); } // Allow same directory access for UNCs (SQLBUDT 394535) if (uri.IsAbsoluteUri && uri.IsUnc) { string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath); if (uncDir != null && uncDir.Length != 0) { evidence.AddHostEvidence(new UncDirectory(uncDir)); } } } return evidence; } [Serializable] private class UncDirectory : EvidenceBase, IIdentityPermissionFactory { private string uncDir; public UncDirectory(string uncDirectory) { this.uncDir = uncDirectory; } public IPermission CreateIdentityPermission(Evidence evidence) { return new FileIOPermission(FileIOPermissionAccess.Read, uncDir); } public override EvidenceBase Clone() { return new UncDirectory(uncDir); } private SecurityElement ToXml() { SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver"); root.AddAttribute("version", "1"); root.AddChild(new SecurityElement("UncDirectory", uncDir)); return root; } public override string ToString() { return ToXml().ToString(); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TrustLevel.cs
- ThreadInterruptedException.cs
- XmlIlTypeHelper.cs
- ReflectionTypeLoadException.cs
- XsdDataContractImporter.cs
- IHttpResponseInternal.cs
- VerificationAttribute.cs
- BufferedWebEventProvider.cs
- EntityParameter.cs
- DataTableReaderListener.cs
- EffectiveValueEntry.cs
- TemplateEditingVerb.cs
- CheckBoxRenderer.cs
- Matrix3DValueSerializer.cs
- XmlSchemaGroupRef.cs
- IndicFontClient.cs
- ObjectContext.cs
- TeredoHelper.cs
- HashCryptoHandle.cs
- InternalCompensate.cs
- ToolbarAUtomationPeer.cs
- SoapExtensionReflector.cs
- GridViewPageEventArgs.cs
- BaseEntityWrapper.cs
- WebConfigurationHostFileChange.cs
- PageCodeDomTreeGenerator.cs
- MouseActionValueSerializer.cs
- KeyInfo.cs
- AnnouncementEndpoint.cs
- DiscoveryEndpoint.cs
- Pts.cs
- XmlDataDocument.cs
- MachineKeyConverter.cs
- HttpListenerTimeoutManager.cs
- AssemblyBuilder.cs
- Relationship.cs
- RuleSettings.cs
- DbCommandDefinition.cs
- CodeDomSerializerException.cs
- DataGridViewRowDividerDoubleClickEventArgs.cs
- XmlByteStreamReader.cs
- ConfigXmlDocument.cs
- JpegBitmapDecoder.cs
- SimpleFieldTemplateFactory.cs
- WinEventHandler.cs
- AttachedPropertyBrowsableAttribute.cs
- DefaultValueTypeConverter.cs
- EntityDataSourceWrapperCollection.cs
- GlyphInfoList.cs
- PeerChannelListener.cs
- QueryUtil.cs
- CoreSwitches.cs
- ExtendLockCommand.cs
- IISMapPath.cs
- ColumnTypeConverter.cs
- LogicalExpr.cs
- ObjectFactoryCodeDomTreeGenerator.cs
- BridgeDataRecord.cs
- ArrayList.cs
- ClientScriptManager.cs
- X509Certificate2Collection.cs
- WorkflowTransactionOptions.cs
- Keyboard.cs
- ErrorWrapper.cs
- _NegoStream.cs
- TrackingLocationCollection.cs
- SettingsBase.cs
- LinkTarget.cs
- TableLayoutPanelCellPosition.cs
- ToolStripPanelRenderEventArgs.cs
- TextSelectionHelper.cs
- ParameterBuilder.cs
- Html32TextWriter.cs
- CodeNamespace.cs
- SqlDataSourceCommandEventArgs.cs
- ColorPalette.cs
- PagedDataSource.cs
- CollectionViewGroup.cs
- FlowDocumentReaderAutomationPeer.cs
- MultiByteCodec.cs
- CellConstant.cs
- MsmqUri.cs
- BaseAppDomainProtocolHandler.cs
- BrushMappingModeValidation.cs
- MediaElement.cs
- PublisherIdentityPermission.cs
- UiaCoreApi.cs
- DrawingBrush.cs
- SiteMapNodeItem.cs
- NavigationFailedEventArgs.cs
- DynamicActionMessageFilter.cs
- OrderingExpression.cs
- ModelItemDictionaryImpl.cs
- HostedElements.cs
- XmlAtomicValue.cs
- Vector.cs
- SslStream.cs
- XmlDesigner.cs
- XmlSchemaDatatype.cs
- FrugalMap.cs