Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Xml / System / Xml / XmlSecureResolver.cs / 1305376 / XmlSecureResolver.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //[....] //----------------------------------------------------------------------------- namespace System.Xml { using System.Net; using System.Security; using System.Security.Policy; using System.Security.Permissions; using System.Runtime.Versioning; [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")] public class XmlSecureResolver : XmlResolver { XmlResolver resolver; PermissionSet permissionSet; public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {} public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {} public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) { this.resolver = resolver; this.permissionSet = permissionSet; } public override ICredentials Credentials { set { resolver.Credentials = value; } } public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) { permissionSet.PermitOnly(); return resolver.GetEntity(absoluteUri, role, ofObjectToReturn); } [ResourceConsumption(ResourceScope.Machine)] [ResourceExposure(ResourceScope.Machine)] public override Uri ResolveUri(Uri baseUri, string relativeUri) { return resolver.ResolveUri(baseUri, relativeUri); } public static Evidence CreateEvidenceForUrl(string securityUrl) { Evidence evidence = new Evidence(); if (securityUrl != null && securityUrl.Length > 0) { evidence.AddHostEvidence(new Url(securityUrl)); evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl)); Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute); if (uri.IsAbsoluteUri && !uri.IsFile) { evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl)); } // Allow same directory access for UNCs (SQLBUDT 394535) if (uri.IsAbsoluteUri && uri.IsUnc) { string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath); if (uncDir != null && uncDir.Length != 0) { evidence.AddHostEvidence(new UncDirectory(uncDir)); } } } return evidence; } [Serializable] private class UncDirectory : EvidenceBase, IIdentityPermissionFactory { private string uncDir; public UncDirectory(string uncDirectory) { this.uncDir = uncDirectory; } public IPermission CreateIdentityPermission(Evidence evidence) { return new FileIOPermission(FileIOPermissionAccess.Read, uncDir); } public override EvidenceBase Clone() { return new UncDirectory(uncDir); } private SecurityElement ToXml() { SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver"); root.AddAttribute("version", "1"); root.AddChild(new SecurityElement("UncDirectory", uncDir)); return root; } public override string ToString() { return ToXml().ToString(); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- Vector3DCollectionValueSerializer.cs
- WebHttpSecurityModeHelper.cs
- PeerObject.cs
- SQLSingleStorage.cs
- TraceContext.cs
- SystemIcons.cs
- MessageQueueTransaction.cs
- MessageBuffer.cs
- GridLength.cs
- ConnectionManagementElementCollection.cs
- Column.cs
- HwndHostAutomationPeer.cs
- TableHeaderCell.cs
- PrintPageEvent.cs
- RestClientProxyHandler.cs
- SafeLibraryHandle.cs
- DbCommandTree.cs
- UpDownBase.cs
- SettingsSavedEventArgs.cs
- PeerResolverMode.cs
- EditingCommands.cs
- ParagraphResult.cs
- PassportIdentity.cs
- BuiltInPermissionSets.cs
- PasswordBoxAutomationPeer.cs
- Exception.cs
- UserControl.cs
- InfoCardAsymmetricCrypto.cs
- Size3D.cs
- StrongNameMembershipCondition.cs
- SamlSubject.cs
- HttpHandlerActionCollection.cs
- SecurityPermission.cs
- SerializationHelper.cs
- shaperfactoryquerycachekey.cs
- DrawingVisual.cs
- WeakEventTable.cs
- DataGridViewBand.cs
- EditorZone.cs
- ClientCredentialsElement.cs
- ControlUtil.cs
- FilteredDataSetHelper.cs
- VisualBrush.cs
- RoleServiceManager.cs
- TriState.cs
- RadioButton.cs
- FullTextBreakpoint.cs
- SR.cs
- TypeResolver.cs
- SubstitutionResponseElement.cs
- CardSpaceShim.cs
- SchemaComplexType.cs
- XslTransform.cs
- DodSequenceMerge.cs
- LogSwitch.cs
- EntityModelBuildProvider.cs
- DebugView.cs
- GcSettings.cs
- CodeCommentStatement.cs
- XPathNodeList.cs
- TextFormatterHost.cs
- FilterElement.cs
- FontFamilyConverter.cs
- ParameterCollection.cs
- WindowVisualStateTracker.cs
- SelectionProviderWrapper.cs
- SimpleHandlerFactory.cs
- EventLogPermissionEntry.cs
- ColorConverter.cs
- XmlDictionaryReader.cs
- DesignerActionService.cs
- FamilyMapCollection.cs
- UTF7Encoding.cs
- AlphabetConverter.cs
- LicenseProviderAttribute.cs
- SafeLibraryHandle.cs
- TextElementCollection.cs
- FeatureSupport.cs
- WriteableBitmap.cs
- ExpandedWrapper.cs
- ModelMemberCollection.cs
- EpmTargetTree.cs
- sortedlist.cs
- RandomDelayQueuedSendsAsyncResult.cs
- Color.cs
- CharConverter.cs
- FileSecurity.cs
- HTMLTagNameToTypeMapper.cs
- LabelDesigner.cs
- ViewStateException.cs
- RegexNode.cs
- EntityDataSourceWrapperPropertyDescriptor.cs
- ItemContainerPattern.cs
- QueueTransferProtocol.cs
- StringUtil.cs
- PkcsUtils.cs
- RSACryptoServiceProvider.cs
- StandardRuntimeEnumValidator.cs
- AllMembershipCondition.cs
- SafeLibraryHandle.cs