Code:
/ Dotnetfx_Win7_3.5.1 / Dotnetfx_Win7_3.5.1 / 3.5.1 / DEVDIV / depot / DevDiv / releases / Orcas / NetFXw7 / wpf / src / Framework / MS / Internal / AppModel / ProgressPage.cs / 1 / ProgressPage.cs
//+------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // // Description: // Deployment progress page. This is primarily a proxy to the native progress page, which supersedes // the managed one from up to v3.5. See Host\DLL\ProgressPage.hxx for details. // // History: // 2007/12/xx ChangoV Created // //----------------------------------------------------------------------- using System; using System.Runtime.InteropServices; using System.Windows.Interop; using System.Windows.Threading; using System.Security; namespace MS.Internal.AppModel { ////// Critical due to SUC. /// Even if a partilar method is considered safe, applying [SecurityTreatAsSafe] to it here won't help /// much, because the transparency model still requires SUC-d methods to be called only from /// SecurityCritical ones. /// [ComImport, Guid("1f681651-1024-4798-af36-119bbe5e5665")] [InterfaceType(ComInterfaceType.InterfaceIsIUnknown)] [SecurityCritical, SuppressUnmanagedCodeSecurity] interface INativeProgressPage { void Show(); void Hide(); void ShowProgressMessage(string message); void SetApplicationName(string appName); void SetPublisherName(string publisherName); void OnDownloadProgress(ulong bytesDownloaded, ulong bytesTotal); }; ////// IProgressPage is public. It was introduced for the Media Center integration, which is now considered /// deprecated, but we have to support it at least for as long as we keep doing in-place upgrades. /// interface IProgressPage2 : IProgressPage { void ShowProgressMessage(string message); }; class NativeProgressPageProxy : IProgressPage2 { internal NativeProgressPageProxy(INativeProgressPage npp) { _npp = npp; } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: No concern about "spoofing" progress messages. A web site could just render an HTML /// page that looks like our progress page. /// [SecurityCritical, SecurityTreatAsSafe] public void ShowProgressMessage(string message) { _npp.ShowProgressMessage(message); } public Uri DeploymentPath { set { } get { throw new System.NotImplementedException(); } } /// /// The native progress page sends a stop/cancel request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_STOP). /// public DispatcherOperationCallback StopCallback { set { } get { throw new System.NotImplementedException(); } } ////// The native progress page sends a Refresh request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_REFRESH). /// public System.Windows.Threading.DispatcherOperationCallback RefreshCallback { set { } get { return null; } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The application name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string ApplicationName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetApplicationName(value); } get { throw new System.NotImplementedException(); } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The publisher name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string PublisherName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetPublisherName(value); } get { throw new System.NotImplementedException(); } } /// /// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: Sending even arbitrary progress updates not considered harmful. /// [SecurityCritical, SecurityTreatAsSafe] public void UpdateProgress(long bytesDownloaded, long bytesTotal) { _npp.OnDownloadProgress((ulong)bytesDownloaded, (ulong)bytesTotal); } INativeProgressPage _npp; }; } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //+------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // // Description: // Deployment progress page. This is primarily a proxy to the native progress page, which supersedes // the managed one from up to v3.5. See Host\DLL\ProgressPage.hxx for details. // // History: // 2007/12/xx ChangoV Created // //----------------------------------------------------------------------- using System; using System.Runtime.InteropServices; using System.Windows.Interop; using System.Windows.Threading; using System.Security; namespace MS.Internal.AppModel { /// /// Critical due to SUC. /// Even if a partilar method is considered safe, applying [SecurityTreatAsSafe] to it here won't help /// much, because the transparency model still requires SUC-d methods to be called only from /// SecurityCritical ones. /// [ComImport, Guid("1f681651-1024-4798-af36-119bbe5e5665")] [InterfaceType(ComInterfaceType.InterfaceIsIUnknown)] [SecurityCritical, SuppressUnmanagedCodeSecurity] interface INativeProgressPage { void Show(); void Hide(); void ShowProgressMessage(string message); void SetApplicationName(string appName); void SetPublisherName(string publisherName); void OnDownloadProgress(ulong bytesDownloaded, ulong bytesTotal); }; ////// IProgressPage is public. It was introduced for the Media Center integration, which is now considered /// deprecated, but we have to support it at least for as long as we keep doing in-place upgrades. /// interface IProgressPage2 : IProgressPage { void ShowProgressMessage(string message); }; class NativeProgressPageProxy : IProgressPage2 { internal NativeProgressPageProxy(INativeProgressPage npp) { _npp = npp; } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: No concern about "spoofing" progress messages. A web site could just render an HTML /// page that looks like our progress page. /// [SecurityCritical, SecurityTreatAsSafe] public void ShowProgressMessage(string message) { _npp.ShowProgressMessage(message); } public Uri DeploymentPath { set { } get { throw new System.NotImplementedException(); } } /// /// The native progress page sends a stop/cancel request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_STOP). /// public DispatcherOperationCallback StopCallback { set { } get { throw new System.NotImplementedException(); } } ////// The native progress page sends a Refresh request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_REFRESH). /// public System.Windows.Threading.DispatcherOperationCallback RefreshCallback { set { } get { return null; } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The application name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string ApplicationName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetApplicationName(value); } get { throw new System.NotImplementedException(); } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The publisher name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string PublisherName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetPublisherName(value); } get { throw new System.NotImplementedException(); } } /// /// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: Sending even arbitrary progress updates not considered harmful. /// [SecurityCritical, SecurityTreatAsSafe] public void UpdateProgress(long bytesDownloaded, long bytesTotal) { _npp.OnDownloadProgress((ulong)bytesDownloaded, (ulong)bytesTotal); } INativeProgressPage _npp; }; } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- loginstatus.cs
- SendParametersContent.cs
- Point4D.cs
- wgx_sdk_version.cs
- DesignTimeTemplateParser.cs
- TextElementEnumerator.cs
- CqlLexerHelpers.cs
- ContentPlaceHolder.cs
- SpellerStatusTable.cs
- BitmapEffectGroup.cs
- GuidelineCollection.cs
- PreProcessInputEventArgs.cs
- GridSplitter.cs
- _NegotiateClient.cs
- BrowserCapabilitiesCodeGenerator.cs
- XmlReflectionImporter.cs
- TypeViewSchema.cs
- DesignTimeResourceProviderFactoryAttribute.cs
- MultiView.cs
- ComponentTray.cs
- BitmapCacheBrush.cs
- Version.cs
- Boolean.cs
- PersonalizationAdministration.cs
- AndCondition.cs
- ResourceManagerWrapper.cs
- WeakEventManager.cs
- DirtyTextRange.cs
- ApplicationId.cs
- _NegoStream.cs
- TcpClientCredentialType.cs
- SqlNodeTypeOperators.cs
- DecoderNLS.cs
- followingquery.cs
- CloudCollection.cs
- ACL.cs
- XNodeNavigator.cs
- ObjRef.cs
- Window.cs
- SHA512.cs
- Transform.cs
- WebPartUtil.cs
- XsltArgumentList.cs
- VisualStyleRenderer.cs
- SynchronizationLockException.cs
- EastAsianLunisolarCalendar.cs
- DynamicObject.cs
- SizeAnimation.cs
- Gdiplus.cs
- SqlConnectionHelper.cs
- HighlightComponent.cs
- DiagnosticStrings.cs
- TextAdaptor.cs
- InvalidProgramException.cs
- ConfigPathUtility.cs
- QilName.cs
- Part.cs
- WorkflowServiceHostFactory.cs
- InfoCardRSAPKCS1SignatureFormatter.cs
- WebPartConnectionsConfigureVerb.cs
- LinqDataSourceUpdateEventArgs.cs
- OciLobLocator.cs
- NameObjectCollectionBase.cs
- EncryptedReference.cs
- DesignTimeResourceProviderFactoryAttribute.cs
- PackageDigitalSignatureManager.cs
- SplitterCancelEvent.cs
- ParameterReplacerVisitor.cs
- HScrollBar.cs
- ArgumentOutOfRangeException.cs
- BamlLocalizableResource.cs
- XDeferredAxisSource.cs
- LinqDataSourceValidationException.cs
- EventDescriptorCollection.cs
- Rect3D.cs
- DocumentViewerHelper.cs
- WasHttpHandlersInstallComponent.cs
- ApplicationFileParser.cs
- XamlBuildProvider.cs
- ScrollProviderWrapper.cs
- DbLambda.cs
- InternalControlCollection.cs
- NamespaceImport.cs
- ILGenerator.cs
- EntityDesignerUtils.cs
- AuthorizationSection.cs
- SettingsProperty.cs
- ObjectQueryState.cs
- DataBindingExpressionBuilder.cs
- Pen.cs
- ListDictionaryInternal.cs
- NavigationFailedEventArgs.cs
- NetNamedPipeSecurityElement.cs
- SchemaImporterExtensionsSection.cs
- SqlEnums.cs
- DesignerLinkAdapter.cs
- ActiveXHost.cs
- EmptyEnumerable.cs
- PseudoWebRequest.cs
- RegexCaptureCollection.cs