Code:
/ DotNET / DotNET / 8.0 / untmp / WIN_WINDOWS / lh_tools_devdiv_wpf / Windows / wcp / TrustUi / MS / Internal / documents / Application / RestrictedTransactionalPackage.cs / 1 / RestrictedTransactionalPackage.cs
//------------------------------------------------------------------------------ //// Copyright (C) Microsoft Corporation. All rights reserved. // //// This class wraps TransactionalPackage, ensuring that only parts with // approved content types can be written. // // // History: // 04/12/2006: [....]: Created as a wrapper for TransactionalPackage to // limit which content types of parts can be written. //----------------------------------------------------------------------------- using System; using System.IO; using System.IO.Packaging; using System.Security; using System.Security.Permissions; using System.Windows.TrustUI; using MS.Internal; namespace MS.Internal.Documents.Application { ////// This class wraps TransactionalPackage, ensuring that only approved /// part content types can be written. /// internal sealed class RestrictedTransactionalPackage : TransactionalPackage { #region Constructors //------------------------------------------------------------------------- // Constructors //------------------------------------------------------------------------- ////// Requires an existing open Package; and returns a package which will /// capture changes with out applying them to the original. /// See the class description for details. /// ////// /// Package package = new RestrictedTransactionalPackage( /// Package.Open(source, FileMode.Open, FileAccess.Read)); /// /// An open package. ////// Critical: /// - Calls TransactionalPackage(Stream) which is critical. /// NotSafe: /// - only our caller knows where the stream came from, it must be from /// the user specified location /// [SecurityCritical] internal RestrictedTransactionalPackage(Stream original) : base(original) { } #endregion Constructors ////// /// /// Critical: /// 1) Accesses the value of the TempPackage, which is SecurityCriticalDataForSet. /// 2) Calls TransactionalPackage.MergeChanges which is SecurityCritical. /// NotSafe: /// - only the caller participating in constructing the stream can validate /// that this is an XpsDocument stream /// [SecurityCritical] internal override void MergeChanges(Stream target) { if (target == null) { throw new ArgumentNullException("target"); } if (TempPackage.Value != null) { foreach (PackagePart part in TempPackage.Value.GetParts()) { // Ensure that all parts being modified are permitted. if ((part != null) && (!IsValidContentType(part.ContentType))) { throw new NotSupportedException(SR.Get(SRID.PackagePartTypeNotWritable)); } } base.MergeChanges(target); } } ////// Creates a new PackagePart. /// ////// When creating a new PackagePart we must: /// a) ensure the part does not exist in package /// b) ensure there is a writable package /// c) create a temp part /// d) update active part reference to the temp part /// /// What if a PackagePart with the same Uri already exists? /// Package.CreatePart checks for this. /// /// Do we need to worry about updating relationships and other parts? /// Relationships are a part and are thus intrinsically handled. /// /// Uri for the part to create. /// Content type string. /// Compression options. ///A new PackagePart. protected override PackagePart CreatePartCore( Uri partUri, string contentType, CompressionOption compressionOption) { // Ensure that modifying this contentType is permitted. if (!IsValidContentType(contentType)) { throw new ArgumentException(SR.Get(SRID.PackagePartTypeNotWritable), "contentType"); } return base.CreatePartCore(partUri, contentType, compressionOption); } ////// Verifies that parts of the the given contentType are allowed to be modified. /// /// The content type of the part being modified. ///True if modification is allowed, false otherwise. /// Critical: /// 1) This code makes the actual security decision as to whether a specific /// content type can be written. /// TreatAsSafe: /// 1) The list of content types is a hardcoded constant list of strings that /// is only maintained here. The only data being used is the string content /// type to check. [SecurityCritical, SecurityTreatAsSafe] private bool IsValidContentType(string contentType) { // Check that the contentType is a valid string, and of one of the approved // contentTypes. // // The approved content types come from the Package-wide content types list // in the XPS Specification and Reference Guide. // Internally available at [....]/ // Externally available at http://www.microsoft.com/xps/ return ((!string.IsNullOrEmpty(contentType)) && ((contentType.Equals( @"application/xml", StringComparison.OrdinalIgnoreCase)) || // Core Properties Part (contentType.Equals( @"application/vnd.openxmlformats-package.core-properties+xml", StringComparison.OrdinalIgnoreCase)) || // Digital Signature Certificate Part (contentType.Equals( @"application/vnd.openxmlformats-package.digital-signature-certificate", StringComparison.OrdinalIgnoreCase)) || // Digital Signature Origin Part (contentType.Equals( @"application/vnd.openxmlformats-package.digital-signature-origin", StringComparison.OrdinalIgnoreCase)) || // Digital Signature XML Signature Part (contentType.Equals( @"application/vnd.openxmlformats-package.digital-signature-xmlsignature+xml", StringComparison.OrdinalIgnoreCase)) || // Relationships Part (contentType.Equals( @"application/vnd.openxmlformats-package.relationships+xml", StringComparison.OrdinalIgnoreCase)) )); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ConfigurationStrings.cs
- SspiSafeHandles.cs
- ColumnMapTranslator.cs
- TraceContext.cs
- XmlAttributes.cs
- DateTimePicker.cs
- FixedStringLookup.cs
- EntityModelBuildProvider.cs
- DataSourceProvider.cs
- TracePayload.cs
- HttpCookie.cs
- GlobalizationAssembly.cs
- UpdateDelegates.Generated.cs
- ZoneMembershipCondition.cs
- DiscoveryDocument.cs
- DeflateStream.cs
- RectAnimationBase.cs
- TreeIterator.cs
- TextSelection.cs
- Types.cs
- ArraySortHelper.cs
- KeySpline.cs
- WinCategoryAttribute.cs
- InternalConfigRoot.cs
- PackagePartCollection.cs
- Decimal.cs
- EdmItemError.cs
- ManipulationPivot.cs
- NetworkCredential.cs
- SQLSingleStorage.cs
- WizardStepCollectionEditor.cs
- XmlText.cs
- WhitespaceRule.cs
- UnionCqlBlock.cs
- FtpWebRequest.cs
- XmlSecureResolver.cs
- GlobalizationAssembly.cs
- XmlSerializableReader.cs
- TextFormatterContext.cs
- ProtocolsConfigurationHandler.cs
- ServiceProviders.cs
- CodeThrowExceptionStatement.cs
- AssemblyInfo.cs
- TextContainerChangeEventArgs.cs
- Polyline.cs
- ProfileWorkflowElement.cs
- SpinWait.cs
- MessagePropertyVariants.cs
- TraceXPathNavigator.cs
- DelegatingTypeDescriptionProvider.cs
- basenumberconverter.cs
- FormsAuthenticationTicket.cs
- TextEffectResolver.cs
- VScrollProperties.cs
- TextFormatterContext.cs
- GridItemPatternIdentifiers.cs
- AstTree.cs
- IsolatedStorageSecurityState.cs
- DisableDpiAwarenessAttribute.cs
- BindingNavigatorDesigner.cs
- DynamicDataExtensions.cs
- DBSchemaRow.cs
- Utilities.cs
- CultureTableRecord.cs
- OrderedDictionary.cs
- SchemaObjectWriter.cs
- controlskin.cs
- CustomLineCap.cs
- DependencyProperty.cs
- AttributeEmitter.cs
- List.cs
- Semaphore.cs
- TTSEngineProxy.cs
- StyleBamlRecordReader.cs
- HttpListenerResponse.cs
- DescendantOverDescendantQuery.cs
- SmtpCommands.cs
- IriParsingElement.cs
- TextMarkerSource.cs
- ToolStripSeparatorRenderEventArgs.cs
- TreeWalkHelper.cs
- XmlSerializerNamespaces.cs
- TemplatePropertyEntry.cs
- ExclusiveCanonicalizationTransform.cs
- safesecurityhelperavalon.cs
- PropertyGroupDescription.cs
- ReadOnlyNameValueCollection.cs
- DataGridRowClipboardEventArgs.cs
- IgnoreDeviceFilterElementCollection.cs
- AppPool.cs
- FocusWithinProperty.cs
- TypeUsageBuilder.cs
- UITypeEditor.cs
- SelectionHighlightInfo.cs
- ArrayExtension.cs
- HMACRIPEMD160.cs
- MediaContextNotificationWindow.cs
- UserCancellationException.cs
- NotSupportedException.cs
- _NativeSSPI.cs