Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Xml / System / Xml / XmlSecureResolver.cs / 1305376 / XmlSecureResolver.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //[....] //----------------------------------------------------------------------------- namespace System.Xml { using System.Net; using System.Security; using System.Security.Policy; using System.Security.Permissions; using System.Runtime.Versioning; [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")] public class XmlSecureResolver : XmlResolver { XmlResolver resolver; PermissionSet permissionSet; public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {} public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {} public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) { this.resolver = resolver; this.permissionSet = permissionSet; } public override ICredentials Credentials { set { resolver.Credentials = value; } } public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) { permissionSet.PermitOnly(); return resolver.GetEntity(absoluteUri, role, ofObjectToReturn); } [ResourceConsumption(ResourceScope.Machine)] [ResourceExposure(ResourceScope.Machine)] public override Uri ResolveUri(Uri baseUri, string relativeUri) { return resolver.ResolveUri(baseUri, relativeUri); } public static Evidence CreateEvidenceForUrl(string securityUrl) { Evidence evidence = new Evidence(); if (securityUrl != null && securityUrl.Length > 0) { evidence.AddHostEvidence(new Url(securityUrl)); evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl)); Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute); if (uri.IsAbsoluteUri && !uri.IsFile) { evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl)); } // Allow same directory access for UNCs (SQLBUDT 394535) if (uri.IsAbsoluteUri && uri.IsUnc) { string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath); if (uncDir != null && uncDir.Length != 0) { evidence.AddHostEvidence(new UncDirectory(uncDir)); } } } return evidence; } [Serializable] private class UncDirectory : EvidenceBase, IIdentityPermissionFactory { private string uncDir; public UncDirectory(string uncDirectory) { this.uncDir = uncDirectory; } public IPermission CreateIdentityPermission(Evidence evidence) { return new FileIOPermission(FileIOPermissionAccess.Read, uncDir); } public override EvidenceBase Clone() { return new UncDirectory(uncDir); } private SecurityElement ToXml() { SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver"); root.AddAttribute("version", "1"); root.AddChild(new SecurityElement("UncDirectory", uncDir)); return root; } public override string ToString() { return ToXml().ToString(); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- RuleAction.cs
- DataSourceView.cs
- ControlPaint.cs
- ClonableStack.cs
- SHA256Managed.cs
- VisualStyleRenderer.cs
- PermissionRequestEvidence.cs
- InfoCardKeyedHashAlgorithm.cs
- DataBinder.cs
- WSSecurityJan2004.cs
- FusionWrap.cs
- MediaElementAutomationPeer.cs
- Label.cs
- WindowsSlider.cs
- VectorCollection.cs
- Part.cs
- SizeConverter.cs
- SecureUICommand.cs
- LeftCellWrapper.cs
- SymbolType.cs
- ScrollProviderWrapper.cs
- Rijndael.cs
- Environment.cs
- PropertyNames.cs
- FilterFactory.cs
- ConfigXmlReader.cs
- BamlRecordWriter.cs
- unsafeIndexingFilterStream.cs
- WebPartAuthorizationEventArgs.cs
- TextTreeUndoUnit.cs
- ElementNotAvailableException.cs
- UIElement.cs
- BulletedListEventArgs.cs
- HyperLinkColumn.cs
- LayoutEditorPart.cs
- Latin1Encoding.cs
- PieceNameHelper.cs
- Transform3DGroup.cs
- StylusOverProperty.cs
- TaskHelper.cs
- Interlocked.cs
- SwitchExpression.cs
- WebDisplayNameAttribute.cs
- ChtmlCalendarAdapter.cs
- HttpHandlerActionCollection.cs
- CommonGetThemePartSize.cs
- VerticalAlignConverter.cs
- StringUtil.cs
- RegexNode.cs
- DetailsView.cs
- RawStylusInput.cs
- RC2CryptoServiceProvider.cs
- ObfuscateAssemblyAttribute.cs
- VectorAnimation.cs
- recordstatefactory.cs
- TriggerAction.cs
- NativeWindow.cs
- XmlHierarchicalEnumerable.cs
- X509ChainPolicy.cs
- Point3DCollection.cs
- CodeObjectCreateExpression.cs
- LocationUpdates.cs
- IDataContractSurrogate.cs
- SerialPinChanges.cs
- TopClause.cs
- Converter.cs
- CutCopyPasteHelper.cs
- DetailsViewRowCollection.cs
- ContextProperty.cs
- DataGridViewAddColumnDialog.cs
- InsufficientMemoryException.cs
- BitmapEffectGroup.cs
- PassportAuthenticationEventArgs.cs
- TitleStyle.cs
- TypeUtil.cs
- DbConnectionPoolGroupProviderInfo.cs
- NetMsmqSecurity.cs
- ButtonChrome.cs
- SqlDataSourceWizardForm.cs
- DateTimeFormatInfo.cs
- DataExpression.cs
- DocumentCollection.cs
- DrawingAttributeSerializer.cs
- XmlAttributeHolder.cs
- EmptyArray.cs
- EditCommandColumn.cs
- InvariantComparer.cs
- XmlSchemaSimpleContent.cs
- StreamWithDictionary.cs
- figurelength.cs
- IntAverageAggregationOperator.cs
- XmlnsCompatibleWithAttribute.cs
- GridViewDeletedEventArgs.cs
- TextElement.cs
- KnowledgeBase.cs
- SessionStateModule.cs
- WorkflowCommandExtensionItem.cs
- SecurityStateEncoder.cs
- ExceptionRoutedEventArgs.cs
- PropertyStore.cs