Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Xml / System / Xml / XmlSecureResolver.cs / 1305376 / XmlSecureResolver.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //[....] //----------------------------------------------------------------------------- namespace System.Xml { using System.Net; using System.Security; using System.Security.Policy; using System.Security.Permissions; using System.Runtime.Versioning; [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")] public class XmlSecureResolver : XmlResolver { XmlResolver resolver; PermissionSet permissionSet; public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {} public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {} public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) { this.resolver = resolver; this.permissionSet = permissionSet; } public override ICredentials Credentials { set { resolver.Credentials = value; } } public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) { permissionSet.PermitOnly(); return resolver.GetEntity(absoluteUri, role, ofObjectToReturn); } [ResourceConsumption(ResourceScope.Machine)] [ResourceExposure(ResourceScope.Machine)] public override Uri ResolveUri(Uri baseUri, string relativeUri) { return resolver.ResolveUri(baseUri, relativeUri); } public static Evidence CreateEvidenceForUrl(string securityUrl) { Evidence evidence = new Evidence(); if (securityUrl != null && securityUrl.Length > 0) { evidence.AddHostEvidence(new Url(securityUrl)); evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl)); Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute); if (uri.IsAbsoluteUri && !uri.IsFile) { evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl)); } // Allow same directory access for UNCs (SQLBUDT 394535) if (uri.IsAbsoluteUri && uri.IsUnc) { string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath); if (uncDir != null && uncDir.Length != 0) { evidence.AddHostEvidence(new UncDirectory(uncDir)); } } } return evidence; } [Serializable] private class UncDirectory : EvidenceBase, IIdentityPermissionFactory { private string uncDir; public UncDirectory(string uncDirectory) { this.uncDir = uncDirectory; } public IPermission CreateIdentityPermission(Evidence evidence) { return new FileIOPermission(FileIOPermissionAccess.Read, uncDir); } public override EvidenceBase Clone() { return new UncDirectory(uncDir); } private SecurityElement ToXml() { SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver"); root.AddAttribute("version", "1"); root.AddChild(new SecurityElement("UncDirectory", uncDir)); return root; } public override string ToString() { return ToXml().ToString(); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- Keywords.cs
- DocumentGridPage.cs
- FormsAuthenticationConfiguration.cs
- CompilationUtil.cs
- SqlEnums.cs
- XmlWrappingReader.cs
- SerializationInfo.cs
- MessagePropertyVariants.cs
- CodeObject.cs
- ConsumerConnectionPointCollection.cs
- MediaTimeline.cs
- CatalogUtil.cs
- DynamicValidator.cs
- ZeroOpNode.cs
- OdbcErrorCollection.cs
- XamlSerializerUtil.cs
- AccessedThroughPropertyAttribute.cs
- MemberInitExpression.cs
- SHA256.cs
- MasterPageParser.cs
- Token.cs
- XmlSchemaInclude.cs
- FrameworkContentElement.cs
- InvalidCommandTreeException.cs
- FigureHelper.cs
- RequestCachingSection.cs
- WebSysDisplayNameAttribute.cs
- XmlSchemaObjectCollection.cs
- Compiler.cs
- HMAC.cs
- MSG.cs
- StyleHelper.cs
- HtmlTableRow.cs
- COM2FontConverter.cs
- DataRelationPropertyDescriptor.cs
- DiscreteKeyFrames.cs
- Content.cs
- PlaceHolder.cs
- WindowsToolbarAsMenu.cs
- EntityDataSourceDesigner.cs
- Brushes.cs
- PenThread.cs
- WsrmMessageInfo.cs
- ValidatingPropertiesEventArgs.cs
- LinearKeyFrames.cs
- SetStoryboardSpeedRatio.cs
- SafeEventLogReadHandle.cs
- MemberPathMap.cs
- ICspAsymmetricAlgorithm.cs
- DataGridCellEditEndingEventArgs.cs
- Ray3DHitTestResult.cs
- InternalsVisibleToAttribute.cs
- LocalizeDesigner.cs
- ScrollBar.cs
- CharacterHit.cs
- _CookieModule.cs
- MembershipValidatePasswordEventArgs.cs
- ConcurrentQueue.cs
- ScriptComponentDescriptor.cs
- DataGridViewAccessibleObject.cs
- CellRelation.cs
- safemediahandle.cs
- PackagingUtilities.cs
- EdmSchemaError.cs
- HttpRuntimeSection.cs
- WmfPlaceableFileHeader.cs
- EntityCommand.cs
- CursorInteropHelper.cs
- ResourceProviderFactory.cs
- PerformanceCounterCategory.cs
- StrokeDescriptor.cs
- CodePageEncoding.cs
- StringUtil.cs
- _SingleItemRequestCache.cs
- XmlReaderDelegator.cs
- RegistryConfigurationProvider.cs
- Timer.cs
- NativeMethods.cs
- Expander.cs
- PixelShader.cs
- MenuItemBinding.cs
- CopyCodeAction.cs
- HttpCachePolicyElement.cs
- Line.cs
- CompilerGeneratedAttribute.cs
- XpsImageSerializationService.cs
- ListViewContainer.cs
- CodeObjectCreateExpression.cs
- RequestCachePolicy.cs
- GridItemCollection.cs
- Journaling.cs
- ValueType.cs
- ModelUIElement3D.cs
- VariableBinder.cs
- NamespaceInfo.cs
- SqlServer2KCompatibilityAnnotation.cs
- EventlogProvider.cs
- Condition.cs
- FolderLevelBuildProviderCollection.cs
- FontStretches.cs