Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Xml / System / Xml / XmlSecureResolver.cs / 1305376 / XmlSecureResolver.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //[....] //----------------------------------------------------------------------------- namespace System.Xml { using System.Net; using System.Security; using System.Security.Policy; using System.Security.Permissions; using System.Runtime.Versioning; [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")] public class XmlSecureResolver : XmlResolver { XmlResolver resolver; PermissionSet permissionSet; public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {} public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {} public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) { this.resolver = resolver; this.permissionSet = permissionSet; } public override ICredentials Credentials { set { resolver.Credentials = value; } } public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) { permissionSet.PermitOnly(); return resolver.GetEntity(absoluteUri, role, ofObjectToReturn); } [ResourceConsumption(ResourceScope.Machine)] [ResourceExposure(ResourceScope.Machine)] public override Uri ResolveUri(Uri baseUri, string relativeUri) { return resolver.ResolveUri(baseUri, relativeUri); } public static Evidence CreateEvidenceForUrl(string securityUrl) { Evidence evidence = new Evidence(); if (securityUrl != null && securityUrl.Length > 0) { evidence.AddHostEvidence(new Url(securityUrl)); evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl)); Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute); if (uri.IsAbsoluteUri && !uri.IsFile) { evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl)); } // Allow same directory access for UNCs (SQLBUDT 394535) if (uri.IsAbsoluteUri && uri.IsUnc) { string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath); if (uncDir != null && uncDir.Length != 0) { evidence.AddHostEvidence(new UncDirectory(uncDir)); } } } return evidence; } [Serializable] private class UncDirectory : EvidenceBase, IIdentityPermissionFactory { private string uncDir; public UncDirectory(string uncDirectory) { this.uncDir = uncDirectory; } public IPermission CreateIdentityPermission(Evidence evidence) { return new FileIOPermission(FileIOPermissionAccess.Read, uncDir); } public override EvidenceBase Clone() { return new UncDirectory(uncDir); } private SecurityElement ToXml() { SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver"); root.AddAttribute("version", "1"); root.AddChild(new SecurityElement("UncDirectory", uncDir)); return root; } public override string ToString() { return ToXml().ToString(); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //[....] //----------------------------------------------------------------------------- namespace System.Xml { using System.Net; using System.Security; using System.Security.Policy; using System.Security.Permissions; using System.Runtime.Versioning; [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")] public class XmlSecureResolver : XmlResolver { XmlResolver resolver; PermissionSet permissionSet; public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {} public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {} public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) { this.resolver = resolver; this.permissionSet = permissionSet; } public override ICredentials Credentials { set { resolver.Credentials = value; } } public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) { permissionSet.PermitOnly(); return resolver.GetEntity(absoluteUri, role, ofObjectToReturn); } [ResourceConsumption(ResourceScope.Machine)] [ResourceExposure(ResourceScope.Machine)] public override Uri ResolveUri(Uri baseUri, string relativeUri) { return resolver.ResolveUri(baseUri, relativeUri); } public static Evidence CreateEvidenceForUrl(string securityUrl) { Evidence evidence = new Evidence(); if (securityUrl != null && securityUrl.Length > 0) { evidence.AddHostEvidence(new Url(securityUrl)); evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl)); Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute); if (uri.IsAbsoluteUri && !uri.IsFile) { evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl)); } // Allow same directory access for UNCs (SQLBUDT 394535) if (uri.IsAbsoluteUri && uri.IsUnc) { string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath); if (uncDir != null && uncDir.Length != 0) { evidence.AddHostEvidence(new UncDirectory(uncDir)); } } } return evidence; } [Serializable] private class UncDirectory : EvidenceBase, IIdentityPermissionFactory { private string uncDir; public UncDirectory(string uncDirectory) { this.uncDir = uncDirectory; } public IPermission CreateIdentityPermission(Evidence evidence) { return new FileIOPermission(FileIOPermissionAccess.Read, uncDir); } public override EvidenceBase Clone() { return new UncDirectory(uncDir); } private SecurityElement ToXml() { SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver"); root.AddAttribute("version", "1"); root.AddChild(new SecurityElement("UncDirectory", uncDir)); return root; } public override string ToString() { return ToXml().ToString(); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- DataGridViewIntLinkedList.cs
- DBSqlParser.cs
- HttpChannelHelper.cs
- ProcessDesigner.cs
- ArrayElementGridEntry.cs
- Switch.cs
- HwndStylusInputProvider.cs
- BoolExpr.cs
- BindToObject.cs
- PolyQuadraticBezierSegment.cs
- FontCacheUtil.cs
- FilterElement.cs
- EmptyStringExpandableObjectConverter.cs
- ProfileSection.cs
- CallbackHandler.cs
- TabletDeviceInfo.cs
- TextEditor.cs
- _IPv6Address.cs
- RequestStatusBarUpdateEventArgs.cs
- Timer.cs
- CharacterShapingProperties.cs
- PixelFormat.cs
- XmlIlVisitor.cs
- DataSourceHelper.cs
- Stroke.cs
- DispatchWrapper.cs
- TextHidden.cs
- Assert.cs
- TextContainerChangeEventArgs.cs
- ErrorEventArgs.cs
- XPathDocumentIterator.cs
- TextTreeUndoUnit.cs
- PrintPreviewGraphics.cs
- NamedPermissionSet.cs
- ProxyWebPartConnectionCollection.cs
- LineSegment.cs
- HttpHandlerActionCollection.cs
- ImpersonateTokenRef.cs
- InputScopeNameConverter.cs
- HostingPreferredMapPath.cs
- BaseCollection.cs
- documentsequencetextview.cs
- Positioning.cs
- templategroup.cs
- Profiler.cs
- Certificate.cs
- UrlRoutingHandler.cs
- TemplatedEditableDesignerRegion.cs
- WindowsListView.cs
- WindowsSysHeader.cs
- PersonalizableAttribute.cs
- ReadOnlyDictionary.cs
- DocumentViewerAutomationPeer.cs
- GradientStop.cs
- XPathQilFactory.cs
- ValueTypeFixupInfo.cs
- SchemaImporter.cs
- DbResourceAllocator.cs
- UIntPtr.cs
- EntityDataSourceContextDisposingEventArgs.cs
- ThicknessAnimationUsingKeyFrames.cs
- MetadataArtifactLoaderComposite.cs
- HttpChannelFactory.cs
- EntitySetBase.cs
- WindowsScrollBar.cs
- ForeignConstraint.cs
- CodeMemberProperty.cs
- RemoveStoryboard.cs
- MemberRestriction.cs
- TriggerBase.cs
- Floater.cs
- HtmlAnchor.cs
- DoWorkEventArgs.cs
- Inflater.cs
- ThreadAttributes.cs
- XsdCachingReader.cs
- EventArgs.cs
- PenLineJoinValidation.cs
- LocationReferenceEnvironment.cs
- TableStyle.cs
- ByValueEqualityComparer.cs
- MergePropertyDescriptor.cs
- WinFormsSpinner.cs
- StyleSheetRefUrlEditor.cs
- HttpRequestTraceRecord.cs
- DataTableNewRowEvent.cs
- EventListenerClientSide.cs
- PlatformCulture.cs
- ScrollChrome.cs
- ThemeDirectoryCompiler.cs
- BulletChrome.cs
- SrgsSemanticInterpretationTag.cs
- ConvertersCollection.cs
- SafeUserTokenHandle.cs
- ExcludePathInfo.cs
- StateElementCollection.cs
- PolyBezierSegment.cs
- TitleStyle.cs
- PublisherMembershipCondition.cs
- Manipulation.cs