Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Xml / System / Xml / XmlSecureResolver.cs / 1305376 / XmlSecureResolver.cs
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// [....]
//-----------------------------------------------------------------------------
namespace System.Xml {
using System.Net;
using System.Security;
using System.Security.Policy;
using System.Security.Permissions;
using System.Runtime.Versioning;
[PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")]
public class XmlSecureResolver : XmlResolver {
XmlResolver resolver;
PermissionSet permissionSet;
public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {}
public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {}
public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) {
this.resolver = resolver;
this.permissionSet = permissionSet;
}
public override ICredentials Credentials {
set { resolver.Credentials = value; }
}
public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) {
permissionSet.PermitOnly();
return resolver.GetEntity(absoluteUri, role, ofObjectToReturn);
}
[ResourceConsumption(ResourceScope.Machine)]
[ResourceExposure(ResourceScope.Machine)]
public override Uri ResolveUri(Uri baseUri, string relativeUri) {
return resolver.ResolveUri(baseUri, relativeUri);
}
public static Evidence CreateEvidenceForUrl(string securityUrl) {
Evidence evidence = new Evidence();
if (securityUrl != null && securityUrl.Length > 0) {
evidence.AddHostEvidence(new Url(securityUrl));
evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl));
Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute);
if (uri.IsAbsoluteUri && !uri.IsFile) {
evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl));
}
// Allow same directory access for UNCs (SQLBUDT 394535)
if (uri.IsAbsoluteUri && uri.IsUnc) {
string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath);
if (uncDir != null && uncDir.Length != 0) {
evidence.AddHostEvidence(new UncDirectory(uncDir));
}
}
}
return evidence;
}
[Serializable]
private class UncDirectory : EvidenceBase, IIdentityPermissionFactory {
private string uncDir;
public UncDirectory(string uncDirectory) {
this.uncDir = uncDirectory;
}
public IPermission CreateIdentityPermission(Evidence evidence) {
return new FileIOPermission(FileIOPermissionAccess.Read, uncDir);
}
public override EvidenceBase Clone()
{
return new UncDirectory(uncDir);
}
private SecurityElement ToXml() {
SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver");
root.AddAttribute("version", "1");
root.AddChild(new SecurityElement("UncDirectory", uncDir));
return root;
}
public override string ToString() {
return ToXml().ToString();
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// [....]
//-----------------------------------------------------------------------------
namespace System.Xml {
using System.Net;
using System.Security;
using System.Security.Policy;
using System.Security.Permissions;
using System.Runtime.Versioning;
[PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")]
public class XmlSecureResolver : XmlResolver {
XmlResolver resolver;
PermissionSet permissionSet;
public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {}
public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {}
public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) {
this.resolver = resolver;
this.permissionSet = permissionSet;
}
public override ICredentials Credentials {
set { resolver.Credentials = value; }
}
public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) {
permissionSet.PermitOnly();
return resolver.GetEntity(absoluteUri, role, ofObjectToReturn);
}
[ResourceConsumption(ResourceScope.Machine)]
[ResourceExposure(ResourceScope.Machine)]
public override Uri ResolveUri(Uri baseUri, string relativeUri) {
return resolver.ResolveUri(baseUri, relativeUri);
}
public static Evidence CreateEvidenceForUrl(string securityUrl) {
Evidence evidence = new Evidence();
if (securityUrl != null && securityUrl.Length > 0) {
evidence.AddHostEvidence(new Url(securityUrl));
evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl));
Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute);
if (uri.IsAbsoluteUri && !uri.IsFile) {
evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl));
}
// Allow same directory access for UNCs (SQLBUDT 394535)
if (uri.IsAbsoluteUri && uri.IsUnc) {
string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath);
if (uncDir != null && uncDir.Length != 0) {
evidence.AddHostEvidence(new UncDirectory(uncDir));
}
}
}
return evidence;
}
[Serializable]
private class UncDirectory : EvidenceBase, IIdentityPermissionFactory {
private string uncDir;
public UncDirectory(string uncDirectory) {
this.uncDir = uncDirectory;
}
public IPermission CreateIdentityPermission(Evidence evidence) {
return new FileIOPermission(FileIOPermissionAccess.Read, uncDir);
}
public override EvidenceBase Clone()
{
return new UncDirectory(uncDir);
}
private SecurityElement ToXml() {
SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver");
root.AddAttribute("version", "1");
root.AddChild(new SecurityElement("UncDirectory", uncDir));
return root;
}
public override string ToString() {
return ToXml().ToString();
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TagPrefixCollection.cs
- TraceFilter.cs
- DataConnectionHelper.cs
- GenericAuthenticationEventArgs.cs
- WindowsSolidBrush.cs
- AnnotationResource.cs
- UrlPath.cs
- WebMessageEncodingElement.cs
- PropertyValueChangedEvent.cs
- PlainXmlSerializer.cs
- UshortList2.cs
- EdmScalarPropertyAttribute.cs
- ListViewItem.cs
- IODescriptionAttribute.cs
- SqlConnectionPoolGroupProviderInfo.cs
- ProcessHostFactoryHelper.cs
- autovalidator.cs
- ParserHooks.cs
- OdbcConnectionOpen.cs
- AssociationProvider.cs
- InputBinder.cs
- WebPartVerb.cs
- XmlSerializerNamespaces.cs
- Dictionary.cs
- HeaderedItemsControl.cs
- VectorKeyFrameCollection.cs
- recordstate.cs
- DataTableNewRowEvent.cs
- GridViewUpdatedEventArgs.cs
- clipboard.cs
- ServiceThrottlingElement.cs
- GenericWebPart.cs
- WbmpConverter.cs
- HttpCapabilitiesSectionHandler.cs
- SimpleType.cs
- ClientApiGenerator.cs
- FontDriver.cs
- ValidationUtility.cs
- DbDataAdapter.cs
- ClientConfigurationSystem.cs
- OneWayBindingElementImporter.cs
- DataReaderContainer.cs
- SqlVisitor.cs
- InternalPermissions.cs
- ResXResourceWriter.cs
- WebBrowserHelper.cs
- ExtensionElementCollection.cs
- NativeMethods.cs
- HtmlDocument.cs
- XmlSortKey.cs
- GridViewSortEventArgs.cs
- TextEndOfParagraph.cs
- DataContractSerializerOperationBehavior.cs
- Dictionary.cs
- DataConnectionHelper.cs
- AnnotationAdorner.cs
- MouseGestureValueSerializer.cs
- ButtonPopupAdapter.cs
- RotateTransform.cs
- TimeSpanParse.cs
- SqlDataSourceView.cs
- TypeConverterHelper.cs
- ConnectionConsumerAttribute.cs
- XmlName.cs
- ColumnTypeConverter.cs
- CodeRegionDirective.cs
- CodeLinePragma.cs
- QilInvokeLateBound.cs
- Debug.cs
- EntityCommand.cs
- SharedUtils.cs
- SuppressMergeCheckAttribute.cs
- xmlsaver.cs
- CodeTypeDelegate.cs
- HtmlShim.cs
- _SpnDictionary.cs
- LayoutEditorPart.cs
- DataRowChangeEvent.cs
- ApplicationActivator.cs
- XXXInfos.cs
- BasicExpandProvider.cs
- KeyFrames.cs
- ChildrenQuery.cs
- CompiledRegexRunnerFactory.cs
- MainMenu.cs
- PropertyPathWorker.cs
- SelectionRange.cs
- ModuleElement.cs
- LicenseProviderAttribute.cs
- ErrorRuntimeConfig.cs
- ManipulationStartingEventArgs.cs
- Int64.cs
- ListItemCollection.cs
- RegexCode.cs
- BufferedGraphics.cs
- LayoutDump.cs
- ImageMapEventArgs.cs
- CreateUserWizard.cs
- PeekCompletedEventArgs.cs
- SequentialActivityDesigner.cs