XmlSecureResolver.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Xml / System / Xml / XmlSecureResolver.cs / 1305376 / XmlSecureResolver.cs

                            //------------------------------------------------------------------------------ 
// 
//     Copyright (c) Microsoft Corporation.  All rights reserved.
// 
// [....] 
//-----------------------------------------------------------------------------
 
namespace System.Xml { 
    using System.Net;
    using System.Security; 
    using System.Security.Policy;
    using System.Security.Permissions;
    using System.Runtime.Versioning;
 
    [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")]
    public class XmlSecureResolver : XmlResolver { 
        XmlResolver resolver; 
        PermissionSet permissionSet;
 
        public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {}

        public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {}
 
        public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) {
            this.resolver = resolver; 
            this.permissionSet = permissionSet; 
        }
 
        public override ICredentials Credentials {
            set { resolver.Credentials = value; }
        }
 
        public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) {
            permissionSet.PermitOnly(); 
            return resolver.GetEntity(absoluteUri, role, ofObjectToReturn); 
        }
 
        [ResourceConsumption(ResourceScope.Machine)]
        [ResourceExposure(ResourceScope.Machine)]
        public override Uri ResolveUri(Uri baseUri, string relativeUri) {
            return resolver.ResolveUri(baseUri, relativeUri); 
        }
 
        public static Evidence CreateEvidenceForUrl(string securityUrl) { 
            Evidence evidence = new Evidence();
            if (securityUrl != null && securityUrl.Length > 0) { 
                evidence.AddHostEvidence(new Url(securityUrl));
                evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl));
                Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute);
                if (uri.IsAbsoluteUri && !uri.IsFile) { 
                    evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl));
                } 
 
                // Allow same directory access for UNCs (SQLBUDT 394535)
                if (uri.IsAbsoluteUri && uri.IsUnc) { 
                    string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath);
                    if (uncDir != null && uncDir.Length != 0) {
                        evidence.AddHostEvidence(new UncDirectory(uncDir));
                    } 
                }
            } 
            return evidence; 
        }
 
        [Serializable]
        private class UncDirectory : EvidenceBase, IIdentityPermissionFactory {
            private string uncDir;
 
            public UncDirectory(string uncDirectory) {
                this.uncDir = uncDirectory; 
            } 

            public IPermission CreateIdentityPermission(Evidence evidence) { 
                return new FileIOPermission(FileIOPermissionAccess.Read, uncDir);
            }

            public override EvidenceBase Clone() 
            {
                return new UncDirectory(uncDir); 
            } 

            private SecurityElement ToXml() { 
                SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver");
                root.AddAttribute("version", "1");
                root.AddChild(new SecurityElement("UncDirectory", uncDir));
                return root; 
            }
 
            public override string ToString() { 
                return ToXml().ToString();
            } 
        }
    }
}

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
//------------------------------------------------------------------------------ 
// 
//     Copyright (c) Microsoft Corporation.  All rights reserved.
// 
// [....] 
//-----------------------------------------------------------------------------
 
namespace System.Xml { 
    using System.Net;
    using System.Security; 
    using System.Security.Policy;
    using System.Security.Permissions;
    using System.Runtime.Versioning;
 
    [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")]
    public class XmlSecureResolver : XmlResolver { 
        XmlResolver resolver; 
        PermissionSet permissionSet;
 
        public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {}

        public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {}
 
        public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) {
            this.resolver = resolver; 
            this.permissionSet = permissionSet; 
        }
 
        public override ICredentials Credentials {
            set { resolver.Credentials = value; }
        }
 
        public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) {
            permissionSet.PermitOnly(); 
            return resolver.GetEntity(absoluteUri, role, ofObjectToReturn); 
        }
 
        [ResourceConsumption(ResourceScope.Machine)]
        [ResourceExposure(ResourceScope.Machine)]
        public override Uri ResolveUri(Uri baseUri, string relativeUri) {
            return resolver.ResolveUri(baseUri, relativeUri); 
        }
 
        public static Evidence CreateEvidenceForUrl(string securityUrl) { 
            Evidence evidence = new Evidence();
            if (securityUrl != null && securityUrl.Length > 0) { 
                evidence.AddHostEvidence(new Url(securityUrl));
                evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl));
                Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute);
                if (uri.IsAbsoluteUri && !uri.IsFile) { 
                    evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl));
                } 
 
                // Allow same directory access for UNCs (SQLBUDT 394535)
                if (uri.IsAbsoluteUri && uri.IsUnc) { 
                    string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath);
                    if (uncDir != null && uncDir.Length != 0) {
                        evidence.AddHostEvidence(new UncDirectory(uncDir));
                    } 
                }
            } 
            return evidence; 
        }
 
        [Serializable]
        private class UncDirectory : EvidenceBase, IIdentityPermissionFactory {
            private string uncDir;
 
            public UncDirectory(string uncDirectory) {
                this.uncDir = uncDirectory; 
            } 

            public IPermission CreateIdentityPermission(Evidence evidence) { 
                return new FileIOPermission(FileIOPermissionAccess.Read, uncDir);
            }

            public override EvidenceBase Clone() 
            {
                return new UncDirectory(uncDir); 
            } 

            private SecurityElement ToXml() { 
                SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver");
                root.AddAttribute("version", "1");
                root.AddChild(new SecurityElement("UncDirectory", uncDir));
                return root; 
            }
 
            public override string ToString() { 
                return ToXml().ToString();
            } 
        }
    }
}

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.

                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK