mcs/class/referencesource/System.Xml/System/Xml/XmlSecureResolver.cs

   1 //------------------------------------------------------------------------------
   2 // <copyright file="XmlSecureResolver.cs" company="Microsoft">
   3 //     Copyright (c) Microsoft Corporation.  All rights reserved.
   4 // </copyright>
   5 // <owner current="true" primary="true">[....]</owner>
   6 //------------------------------------------------------------------------------
   7
   8 namespace System.Xml {
   9     using System.Net;
  10     using System.Security;
  11     using System.Security.Policy;
  12     using System.Security.Permissions;
  13     using System.Runtime.Versioning;
  14
  15     [PermissionSetAttribute(SecurityAction.InheritanceDemand, Name = "FullTrust")]
  16     public partial class XmlSecureResolver : XmlResolver {
  17         XmlResolver resolver;
  18 #if FEATURE_MONO_CAS
  19         PermissionSet permissionSet;
  20 #endif
  21
  22 #if FEATURE_MONO_CAS
  23         public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, CreateEvidenceForUrl(securityUrl)) {}
  24
  25         public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, SecurityManager.GetStandardSandbox(evidence)) {}
  26 #else
  27         public XmlSecureResolver(XmlResolver resolver, string securityUrl) : this(resolver, (PermissionSet) null) {}
  28
  29         public XmlSecureResolver(XmlResolver resolver, Evidence evidence) : this(resolver, (PermissionSet) null) {}
  30 #endif
  31
  32         public XmlSecureResolver(XmlResolver resolver, PermissionSet permissionSet) {
  33             this.resolver = resolver;
  34 #if FEATURE_MONO_CAS
  35             this.permissionSet = permissionSet;
  36 #endif
  37         }
  38
  39         public override ICredentials Credentials {
  40             set { resolver.Credentials = value; }
  41         }
  42
  43         public override object GetEntity(Uri absoluteUri, string role, Type ofObjectToReturn) {
  44 #if FEATURE_MONO_CAS
  45             permissionSet.PermitOnly();
  46 #endif
  47             return resolver.GetEntity(absoluteUri, role, ofObjectToReturn);
  48         }
  49
  50         [ResourceConsumption(ResourceScope.Machine)]
  51         [ResourceExposure(ResourceScope.Machine)]
  52         public override Uri ResolveUri(Uri baseUri, string relativeUri) {
  53             return resolver.ResolveUri(baseUri, relativeUri);
  54         }
  55
  56         public static Evidence CreateEvidenceForUrl(string securityUrl) {
  57 #if FEATURE_MONO_CAS
  58             Evidence evidence = new Evidence();
  59             if (securityUrl != null && securityUrl.Length > 0) {
  60                 evidence.AddHostEvidence(new Url(securityUrl));
  61                 evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl));
  62                 Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute);
  63                 if (uri.IsAbsoluteUri && !uri.IsFile) {
  64                     evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl));
  65                 }
  66
  67                 // Allow same directory access for UNCs (SQLBUDT 394535)
  68                 if (uri.IsAbsoluteUri && uri.IsUnc) {
  69                     string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath);
  70                     if (uncDir != null && uncDir.Length != 0) {
  71                         evidence.AddHostEvidence(new UncDirectory(uncDir));
  72                     }
  73                 }
  74             }
  75
  76             return evidence;
  77 #else
  78             return null;
  79 #endif
  80         }
  81
  82 #if FEATURE_MONO_CAS
  83         [Serializable]
  84         private class UncDirectory : EvidenceBase, IIdentityPermissionFactory {
  85             private string uncDir;
  86
  87             public UncDirectory(string uncDirectory) {
  88                 this.uncDir = uncDirectory;
  89             }
  90
  91             public IPermission CreateIdentityPermission(Evidence evidence) {
  92                 return new FileIOPermission(FileIOPermissionAccess.Read, uncDir);
  93             }
  94
  95             public override EvidenceBase Clone()
  96             {
  97                 return new UncDirectory(uncDir);
  98             }
  99
 100             private SecurityElement ToXml() {
 101                 SecurityElement root = new SecurityElement("System.Xml.XmlSecureResolver");
 102                 root.AddAttribute("version", "1");
 103                 root.AddChild(new SecurityElement("UncDirectory", uncDir));
 104                 return root;
 105             }
 106
 107             public override string ToString() {
 108                 return ToXml().ToString();
 109             }
 110         }
 111 #endif
 112     }
 113 }