Code:
/ Dotnetfx_Vista_SP2 / Dotnetfx_Vista_SP2 / 8.0.50727.4016 / DEVDIV / depot / DevDiv / releases / Orcas / QFE / wpf / src / Framework / MS / Internal / AppModel / ProgressPage.cs / 1 / ProgressPage.cs
//+------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // // Description: // Deployment progress page. This is primarily a proxy to the native progress page, which supersedes // the managed one from up to v3.5. See Host\DLL\ProgressPage.hxx for details. // // History: // 2007/12/xx ChangoV Created // //----------------------------------------------------------------------- using System; using System.Runtime.InteropServices; using System.Windows.Interop; using System.Windows.Threading; using System.Security; namespace MS.Internal.AppModel { ////// Critical due to SUC. /// Even if a partilar method is considered safe, applying [SecurityTreatAsSafe] to it here won't help /// much, because the transparency model still requires SUC-d methods to be called only from /// SecurityCritical ones. /// [ComImport, Guid("1f681651-1024-4798-af36-119bbe5e5665")] [InterfaceType(ComInterfaceType.InterfaceIsIUnknown)] [SecurityCritical, SuppressUnmanagedCodeSecurity] interface INativeProgressPage { void Show(); void Hide(); void ShowProgressMessage(string message); void SetApplicationName(string appName); void SetPublisherName(string publisherName); void OnDownloadProgress(ulong bytesDownloaded, ulong bytesTotal); }; ////// IProgressPage is public. It was introduced for the Media Center integration, which is now considered /// deprecated, but we have to support it at least for as long as we keep doing in-place upgrades. /// interface IProgressPage2 : IProgressPage { void ShowProgressMessage(string message); }; class NativeProgressPageProxy : IProgressPage2 { internal NativeProgressPageProxy(INativeProgressPage npp) { _npp = npp; } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: No concern about "spoofing" progress messages. A web site could just render an HTML /// page that looks like our progress page. /// [SecurityCritical, SecurityTreatAsSafe] public void ShowProgressMessage(string message) { _npp.ShowProgressMessage(message); } public Uri DeploymentPath { set { } get { throw new System.NotImplementedException(); } } /// /// The native progress page sends a stop/cancel request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_STOP). /// public DispatcherOperationCallback StopCallback { set { } get { throw new System.NotImplementedException(); } } ////// The native progress page sends a Refresh request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_REFRESH). /// public System.Windows.Threading.DispatcherOperationCallback RefreshCallback { set { } get { return null; } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The application name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string ApplicationName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetApplicationName(value); } get { throw new System.NotImplementedException(); } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The publisher name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string PublisherName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetPublisherName(value); } get { throw new System.NotImplementedException(); } } /// /// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: Sending even arbitrary progress updates not considered harmful. /// [SecurityCritical, SecurityTreatAsSafe] public void UpdateProgress(long bytesDownloaded, long bytesTotal) { _npp.OnDownloadProgress((ulong)bytesDownloaded, (ulong)bytesTotal); } INativeProgressPage _npp; }; } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //+------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // // Description: // Deployment progress page. This is primarily a proxy to the native progress page, which supersedes // the managed one from up to v3.5. See Host\DLL\ProgressPage.hxx for details. // // History: // 2007/12/xx ChangoV Created // //----------------------------------------------------------------------- using System; using System.Runtime.InteropServices; using System.Windows.Interop; using System.Windows.Threading; using System.Security; namespace MS.Internal.AppModel { /// /// Critical due to SUC. /// Even if a partilar method is considered safe, applying [SecurityTreatAsSafe] to it here won't help /// much, because the transparency model still requires SUC-d methods to be called only from /// SecurityCritical ones. /// [ComImport, Guid("1f681651-1024-4798-af36-119bbe5e5665")] [InterfaceType(ComInterfaceType.InterfaceIsIUnknown)] [SecurityCritical, SuppressUnmanagedCodeSecurity] interface INativeProgressPage { void Show(); void Hide(); void ShowProgressMessage(string message); void SetApplicationName(string appName); void SetPublisherName(string publisherName); void OnDownloadProgress(ulong bytesDownloaded, ulong bytesTotal); }; ////// IProgressPage is public. It was introduced for the Media Center integration, which is now considered /// deprecated, but we have to support it at least for as long as we keep doing in-place upgrades. /// interface IProgressPage2 : IProgressPage { void ShowProgressMessage(string message); }; class NativeProgressPageProxy : IProgressPage2 { internal NativeProgressPageProxy(INativeProgressPage npp) { _npp = npp; } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: No concern about "spoofing" progress messages. A web site could just render an HTML /// page that looks like our progress page. /// [SecurityCritical, SecurityTreatAsSafe] public void ShowProgressMessage(string message) { _npp.ShowProgressMessage(message); } public Uri DeploymentPath { set { } get { throw new System.NotImplementedException(); } } /// /// The native progress page sends a stop/cancel request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_STOP). /// public DispatcherOperationCallback StopCallback { set { } get { throw new System.NotImplementedException(); } } ////// The native progress page sends a Refresh request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_REFRESH). /// public System.Windows.Threading.DispatcherOperationCallback RefreshCallback { set { } get { return null; } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The application name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string ApplicationName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetApplicationName(value); } get { throw new System.NotImplementedException(); } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The publisher name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string PublisherName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetPublisherName(value); } get { throw new System.NotImplementedException(); } } /// /// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: Sending even arbitrary progress updates not considered harmful. /// [SecurityCritical, SecurityTreatAsSafe] public void UpdateProgress(long bytesDownloaded, long bytesTotal) { _npp.OnDownloadProgress((ulong)bytesDownloaded, (ulong)bytesTotal); } INativeProgressPage _npp; }; } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- FreezableDefaultValueFactory.cs
- RadioButtonList.cs
- InitiatorServiceModelSecurityTokenRequirement.cs
- DockPattern.cs
- DataGridViewLinkCell.cs
- ModifierKeysConverter.cs
- HMACSHA512.cs
- Privilege.cs
- RuleSettings.cs
- Symbol.cs
- TypedColumnHandler.cs
- NetCodeGroup.cs
- PageStatePersister.cs
- SrgsRulesCollection.cs
- Opcode.cs
- remotingproxy.cs
- HelpFileFileNameEditor.cs
- RegexBoyerMoore.cs
- SourceChangedEventArgs.cs
- StylusPointProperty.cs
- KeyTimeConverter.cs
- ResolveDuplexAsyncResult.cs
- ReceiveActivityDesigner.cs
- PackUriHelper.cs
- PixelFormatConverter.cs
- DragDeltaEventArgs.cs
- DecimalFormatter.cs
- StrongNameKeyPair.cs
- rsa.cs
- MembershipSection.cs
- XmlSchemaInferenceException.cs
- DisableDpiAwarenessAttribute.cs
- Rect3D.cs
- OdbcException.cs
- GridViewRow.cs
- TypeName.cs
- NegotiateStream.cs
- CryptoKeySecurity.cs
- Expr.cs
- Stacktrace.cs
- _RequestCacheProtocol.cs
- Wizard.cs
- RenderingEventArgs.cs
- XmlSchemaCollection.cs
- EntityStoreSchemaGenerator.cs
- VBIdentifierDesigner.xaml.cs
- AnimatedTypeHelpers.cs
- HttpResponse.cs
- RepeatButtonAutomationPeer.cs
- StandardBindingOptionalReliableSessionElement.cs
- CompilerGlobalScopeAttribute.cs
- VirtualizingStackPanel.cs
- ControlPropertyNameConverter.cs
- NavigatorOutput.cs
- Opcode.cs
- HScrollProperties.cs
- GlobalProxySelection.cs
- XmlIgnoreAttribute.cs
- ExpressionNormalizer.cs
- Header.cs
- ReceiveActivityDesignerTheme.cs
- SourceChangedEventArgs.cs
- Listbox.cs
- WebPartUtil.cs
- DrawingGroupDrawingContext.cs
- DesignerOptionService.cs
- EntityDataSourceQueryBuilder.cs
- CroppedBitmap.cs
- SignatureGenerator.cs
- GridViewColumnHeader.cs
- Span.cs
- BinaryConverter.cs
- DbExpressionVisitor.cs
- ListBox.cs
- Visitors.cs
- DropSource.cs
- DbgCompiler.cs
- FontEmbeddingManager.cs
- AppDomainInfo.cs
- ScriptingJsonSerializationSection.cs
- RoutedEvent.cs
- InputManager.cs
- ConstraintEnumerator.cs
- ToolTipService.cs
- Geometry.cs
- COM2IDispatchConverter.cs
- InvalidOleVariantTypeException.cs
- TemplateNameScope.cs
- OdbcReferenceCollection.cs
- PinnedBufferMemoryStream.cs
- DataViewSettingCollection.cs
- HttpEncoder.cs
- WebControl.cs
- Delegate.cs
- SHA384.cs
- FixedSOMPageElement.cs
- CopyOnWriteList.cs
- BuildProviderUtils.cs
- WebPartVerbsEventArgs.cs
- SymLanguageVendor.cs