Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Xml / System / Xml / XmlSecureResolver.cs / 1305376 / XmlSecureResolver.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //[....] //----------------------------------------------------------------------------- namespace System.Xml { using System.Net; using System.Security; using System.Security.Policy; using System.Security.Permissions; using System.Runtime.Versioning; [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")] public class XmlSecureResolver : XmlResolver { XmlResolver resolver; PermissionSet permissionSet; public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {} public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {} public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) { this.resolver = resolver; this.permissionSet = permissionSet; } public override ICredentials Credentials { set { resolver.Credentials = value; } } public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) { permissionSet.PermitOnly(); return resolver.GetEntity(absoluteUri, role, ofObjectToReturn); } [ResourceConsumption(ResourceScope.Machine)] [ResourceExposure(ResourceScope.Machine)] public override Uri ResolveUri(Uri baseUri, string relativeUri) { return resolver.ResolveUri(baseUri, relativeUri); } public static Evidence CreateEvidenceForUrl(string securityUrl) { Evidence evidence = new Evidence(); if (securityUrl != null && securityUrl.Length > 0) { evidence.AddHostEvidence(new Url(securityUrl)); evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl)); Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute); if (uri.IsAbsoluteUri && !uri.IsFile) { evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl)); } // Allow same directory access for UNCs (SQLBUDT 394535) if (uri.IsAbsoluteUri && uri.IsUnc) { string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath); if (uncDir != null && uncDir.Length != 0) { evidence.AddHostEvidence(new UncDirectory(uncDir)); } } } return evidence; } [Serializable] private class UncDirectory : EvidenceBase, IIdentityPermissionFactory { private string uncDir; public UncDirectory(string uncDirectory) { this.uncDir = uncDirectory; } public IPermission CreateIdentityPermission(Evidence evidence) { return new FileIOPermission(FileIOPermissionAccess.Read, uncDir); } public override EvidenceBase Clone() { return new UncDirectory(uncDir); } private SecurityElement ToXml() { SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver"); root.AddAttribute("version", "1"); root.AddChild(new SecurityElement("UncDirectory", uncDir)); return root; } public override string ToString() { return ToXml().ToString(); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- StrongNameIdentityPermission.cs
- EventWaitHandleSecurity.cs
- Transform.cs
- TypeLoadException.cs
- InlinedAggregationOperator.cs
- AdornerDecorator.cs
- MeasureItemEvent.cs
- ArglessEventHandlerProxy.cs
- TextContainerChangeEventArgs.cs
- CodeExporter.cs
- XPathPatternBuilder.cs
- SvcMapFileSerializer.cs
- DrawListViewItemEventArgs.cs
- DelayDesigner.cs
- SubpageParagraph.cs
- ThemeInfoAttribute.cs
- PeerCollaboration.cs
- CodeAttributeArgumentCollection.cs
- FieldTemplateFactory.cs
- OutOfMemoryException.cs
- SID.cs
- Stream.cs
- XmlProcessingInstruction.cs
- ConnectionsZone.cs
- RadioButtonRenderer.cs
- SchemaTableColumn.cs
- StrokeRenderer.cs
- ISFClipboardData.cs
- WebGetAttribute.cs
- MissingFieldException.cs
- XmlDataSourceNodeDescriptor.cs
- EDesignUtil.cs
- UnknownWrapper.cs
- CheckBox.cs
- IteratorFilter.cs
- TextCompositionManager.cs
- TraceContextEventArgs.cs
- PolyLineSegmentFigureLogic.cs
- ConfigXmlText.cs
- CornerRadius.cs
- dbdatarecord.cs
- AsymmetricSecurityBindingElement.cs
- PropertyPushdownHelper.cs
- GradientStop.cs
- BitmapData.cs
- ComponentChangedEvent.cs
- HotSpotCollection.cs
- ActivityDefaults.cs
- WebSysDescriptionAttribute.cs
- Select.cs
- OrderingExpression.cs
- XmlReturnWriter.cs
- SecurityTimestamp.cs
- SourceLineInfo.cs
- CompareInfo.cs
- _TimerThread.cs
- DataException.cs
- DependencyPropertyConverter.cs
- SystemIPAddressInformation.cs
- DockAndAnchorLayout.cs
- QueryModel.cs
- UserControlFileEditor.cs
- ConnectionProviderAttribute.cs
- DataControlCommands.cs
- WmlTextViewAdapter.cs
- ScalarOps.cs
- AgileSafeNativeMemoryHandle.cs
- AudienceUriMode.cs
- UInt32.cs
- EpmCustomContentDeSerializer.cs
- SqlFactory.cs
- QilInvoke.cs
- ManipulationVelocities.cs
- BufferedGraphicsManager.cs
- CopyAction.cs
- TablePattern.cs
- BroadcastEventHelper.cs
- UnionQueryOperator.cs
- RefExpr.cs
- CodeAttributeArgumentCollection.cs
- XmlAnyElementAttributes.cs
- SByte.cs
- BitmapDownload.cs
- XPathSingletonIterator.cs
- SmiMetaData.cs
- OnOperation.cs
- codemethodreferenceexpression.cs
- HtmlMeta.cs
- ObjectQueryState.cs
- ImageAutomationPeer.cs
- SafeLocalMemHandle.cs
- IntSecurity.cs
- EncryptedType.cs
- DatasetMethodGenerator.cs
- PackWebRequest.cs
- EncodedStreamFactory.cs
- XmlCharCheckingWriter.cs
- ServiceReference.cs
- PrintingPermission.cs
- TextPattern.cs