Ejemplo n.º 1
0
        [Category("NotWorking")]          // requires imperative stack modifiers to work
        public void EmptyEvidenceDeniedAccess()
        {
            XmlSecureResolver r = new XmlSecureResolver(new XmlUrlResolver(), (Evidence)null);
            Uri uri             = r.ResolveUri(null, "http://www.example.com");

            r.GetEntity(uri, null, typeof(Stream));
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Extends GetEntity so that methods that return a specific type object given a Type parameter can be
        /// used as generic method and casting is not required.
        /// <example>
        /// xmlsecureresolver.GetEntity&lt;int&gt;(absoluteUri, role);
        /// </example>
        /// </summary>
        public static T GetEntity <T>(this XmlSecureResolver xmlsecureresolver, Uri absoluteUri, String role)
        {
            if (xmlsecureresolver == null)
            {
                throw new ArgumentNullException("xmlsecureresolver");
            }

            return((T)xmlsecureresolver.GetEntity(absoluteUri, role, typeof(T)));
        }
Ejemplo n.º 3
0
        public void GetEntity_ThrowsXmlException()
        {
            PoisonedXmlResolver innerResolver = new PoisonedXmlResolver();
            XmlSecureResolver   outerResolver = new XmlSecureResolver(innerResolver, "some-url");
            Uri  absoluteUri  = new Uri("https://dot.net/");
            Type typeToReturn = typeof(Stream);

            Assert.Throws <XmlException>(() => outerResolver.GetEntity(absoluteUri, "role", typeToReturn));
            Assert.False(innerResolver.WasAnyApiInvoked);
        }
Ejemplo n.º 4
0
    // NOTE:  To test, replace www.contoso.com w/ the local string

//<snippet1>

    public static Object GetFile(String fileURL, XmlResolver resolver)
    {
        // Generate the default PermissionSet using the file URL.
        Evidence      evidence      = XmlSecureResolver.CreateEvidenceForUrl(fileURL);
        PermissionSet myPermissions = SecurityManager.ResolvePolicy(evidence);

        // Modify the PermissionSet to only allow access to http://www.contoso.com.
        // Create a WebPermission which only allows access to http://www.contoso.com.
        WebPermission myWebPermission = new WebPermission(NetworkAccess.Connect, "http://www.contoso.com");

        // Replace the existing WebPermission in myPermissions with the updated WebPermission.
        myPermissions.SetPermission(myWebPermission);

        // Use the modified PermissionSet to construct the XmlSecureResolver.
        XmlSecureResolver sResolver = new XmlSecureResolver(resolver, myPermissions);

        // Get the object.
        Uri fullUri = sResolver.ResolveUri(null, fileURL);

        return(sResolver.GetEntity(fullUri, null, null));
    }