public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
{
EventTrace.EasyTraceEvent(EventTrace.Keyword.KeywordPerf | EventTrace.Keyword.KeywordHosting, EventTrace.Level.Verbose, EventTrace.Event.WpfHost_DetermineApplicationTrustStart);
Uri uriFromActivationData = this.GetUriFromActivationData(0);
bool flag = PresentationAppDomainManager.IsDebug || this.GetBoolFromActivationData(1);
BrowserInteropHelper.SetBrowserHosted(true);
ApplicationTrust applicationTrust;
if (flag)
{
context.IgnorePersistedDecision = true;
context.Persist = false;
context.KeepAlive = false;
context.NoPrompt = true;
applicationTrust = base.DetermineApplicationTrust(applicationEvidence, activatorEvidence, context);
}
else
{
Zone hostEvidence = applicationEvidence.GetHostEvidence <Zone>();
context.NoPrompt = (hostEvidence.SecurityZone != SecurityZone.Intranet && hostEvidence.SecurityZone != SecurityZone.Trusted);
bool flag2 = !context.NoPrompt && PresentationHostSecurityManager.ElevationPromptOwnerWindow != IntPtr.Zero;
if (flag2)
{
IntPtr ancestor = UnsafeNativeMethods.GetAncestor(new HandleRef(null, PresentationHostSecurityManager.ElevationPromptOwnerWindow), 2);
PresentationHostSecurityManager.SetFakeActiveWindow(ancestor);
PresentationHostSecurityManager.ElevationPromptOwnerWindow = IntPtr.Zero;
}
try
{
applicationTrust = base.DetermineApplicationTrust(applicationEvidence, activatorEvidence, context);
}
finally
{
if (flag2)
{
PresentationHostSecurityManager.SetFakeActiveWindow((IntPtr)0);
}
}
}
if (applicationTrust != null)
{
PermissionSet permissionSet = applicationTrust.DefaultGrantSet.PermissionSet;
if (flag)
{
Uri uriFromActivationData2 = this.GetUriFromActivationData(2);
if (uriFromActivationData2 != null)
{
permissionSet = PresentationHostSecurityManager.AddPermissionForUri(permissionSet, uriFromActivationData2);
}
}
if (permissionSet is ReadOnlyPermissionSet)
{
permissionSet = new PermissionSet(permissionSet);
}
applicationTrust.DefaultGrantSet.PermissionSet = permissionSet;
}
EventTrace.EasyTraceEvent(EventTrace.Keyword.KeywordPerf | EventTrace.Keyword.KeywordHosting, EventTrace.Level.Verbose, EventTrace.Event.WpfHost_DetermineApplicationTrustEnd);
return(applicationTrust);
}
static BrowserInteropHelper()
{
BrowserInteropHelper.SetBrowserHosted(false);
BrowserInteropHelper.IsInitialViewerNavigation = true;
}
public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
{
EventTrace.EasyTraceEvent(EventTrace.Keyword.KeywordHosting | EventTrace.Keyword.KeywordPerf, EventTrace.Level.Verbose, EventTrace.Event.WpfHost_DetermineApplicationTrustStart);
ApplicationTrust trust;
Uri activationUri = GetUriFromActivationData(0);
bool isDebug = PresentationAppDomainManager.IsDebug ? true : GetBoolFromActivationData(1);
BrowserInteropHelper.SetBrowserHosted(true);
if (isDebug)
{
context.IgnorePersistedDecision = true;
context.Persist = false;
context.KeepAlive = false;
context.NoPrompt = true;
trust = base.DetermineApplicationTrust(applicationEvidence, activatorEvidence, context);
}
else
{
// Elevation prompt for permissions beyond the default for the security zone is allowed only
// in the Intranet and Trusted Sites zones (v4).
Zone hostEvidence = applicationEvidence.GetHostEvidence <Zone>();
context.NoPrompt = !(hostEvidence.SecurityZone == SecurityZone.Intranet || hostEvidence.SecurityZone == SecurityZone.Trusted);
/*
* Now we need to convince the ClickOnce elevation prompt to use the browser's top-level window as
* the owner in order to block the browser's UI (and our Cancel button) and ensure the prompt
* stays on top. This is not easy.
* The prompt dialog is created without an explicit owner, on its own thread.
* There are layers of ClickOnce and pure security code before the UI is invoked (that's
* TrustManagerPromptUIThread in System.Windows.Forms.dll). So, passing the owner window handle
* would require some awkward plumbing.
*
* Since the dialog is shown on a separate thread, intercepting its creation or display is
* complicated. An EVENT_OBJECT_CREATE hook can do it. But there is a cascade of thread
* synchonization/access and window state issues if trying to set the owner on the fly.
*
* The cleanest solution ended up resorting to Detours. When not given an owner window,
* SWF.Form.ShowDialog() uses the active window as owner. Since the call to GetActiveWindow()
* occurs on a new thread, where there are no other windows, we couldn't just pre-set the owner
* as the active window. So, we intercept the GetActiveWindow() call and return the browser's
* top-level window. From that point on, everything in the WinForms dialog works as if the owner
* was explicitly given. (And owner from a different thread or process is fully supported.)
*
* This condition is an optimization.
* DetermineApplicationTrust() is called up to 3 times: twice in the default AppDomain and once
* in the new one. Empirically, the elevation prompt is shown during the first call.
*/
bool forceOwner = !context.NoPrompt && ElevationPromptOwnerWindow != IntPtr.Zero;
if (forceOwner)
{
// The native code passes the DocObject top window, not the browser's top-level window,
// but we need exactly the top-level one.
IntPtr ownerWindow = UnsafeNativeMethods.GetAncestor(
new HandleRef(null, ElevationPromptOwnerWindow), NativeMethods.GA_ROOT);
SetFakeActiveWindow(ownerWindow);
ElevationPromptOwnerWindow = IntPtr.Zero; // to prevent further prompting
}
try
{
trust = base.DetermineApplicationTrust(applicationEvidence, activatorEvidence, context);
}
finally
{
if (forceOwner)
{
SetFakeActiveWindow(new IntPtr());
}
}
}
// Modify the permission grant set if necessary.
if (trust != null)
{
PermissionSet permissions = trust.DefaultGrantSet.PermissionSet;
if (isDebug)
{
Uri debugSecurityZoneURL = GetUriFromActivationData(2);
if (debugSecurityZoneURL != null)
{
permissions = AddPermissionForUri(permissions, debugSecurityZoneURL);
}
}
// CLR v4 breaking change: In some activation scenarios we get a ReadOnlyPermissionSet.
// This is a problem because:
// - Code may expect AppDomain.PermissionSet (or the old AppDomain.ApplicationTrust.
// DefaultGrantSet.PermissionSet) to return a mutable PermissionSet.
// - The ReadOnlyPermissionSet may have v2 and v3 assembly references--they are not 'unified'
// to the current framework version. This might confuse code doing more involved permission
// set comparisons or calculations.
// Workaround is to copy the ROPS to a regular one.
if (permissions is ReadOnlyPermissionSet)
{
permissions = new PermissionSet(permissions);
}
trust.DefaultGrantSet.PermissionSet = permissions;
}
EventTrace.EasyTraceEvent(EventTrace.Keyword.KeywordHosting | EventTrace.Keyword.KeywordPerf, EventTrace.Level.Verbose, EventTrace.Event.WpfHost_DetermineApplicationTrustEnd);
return(trust);
}
int IBrowserHostServices.Run(string path, string fragment, MimeType mime, string debugSecurityZoneURL, string applicationId, object streamContainer, object ucomLoadIStream, HostingFlags hostingFlags, INativeProgressPage nativeProgressPage, string progressAssemblyName, string progressClassName, string errorAssemblyName, string errorClassName, IHostBrowser hostBrowser)
{
Invariant.Assert(!string.IsNullOrEmpty(path), "path string should not be null or empty when Run method is called.");
Invariant.Assert(mime > MimeType.Unknown, "Unknown mime type");
EventTrace.EasyTraceEvent(EventTrace.Keyword.KeywordPerf | EventTrace.Keyword.KeywordHosting, EventTrace.Event.WpfHost_IBHSRunStart, "\"" + path + "\"", "\"" + applicationId + "\"");
int num = 0;
try
{
ApplicationProxyInternal.InitData value = this._initData.Value;
value.HostBrowser = hostBrowser;
value.Fragment = fragment;
value.UcomLoadIStream = ucomLoadIStream;
value.HandleHistoryLoad = true;
value.MimeType.Value = mime;
string userAgentString = null;
HRESULT hrLeft = hostBrowser.GetUserAgentString(out userAgentString);
if (hrLeft == HRESULT.E_OUTOFMEMORY && (hostingFlags & HostingFlags.hfHostedInIEorWebOC) != (HostingFlags)0)
{
userAgentString = UnsafeNativeMethods.ObtainUserAgentString();
hrLeft = HRESULT.S_OK;
}
hrLeft.ThrowIfFailed();
value.UserAgentString = userAgentString;
value.HostingFlags = hostingFlags;
Uri uri = new UriBuilder(path).Uri;
value.ActivationUri.Value = uri;
PresentationAppDomainManager.ActivationUri = uri;
BrowserInteropHelper.SetBrowserHosted(true);
if ((hostingFlags & HostingFlags.hfInDebugMode) != (HostingFlags)0)
{
this._browserCallbackServices.ChangeDownloadState(false);
this._browserCallbackServices.UpdateProgress(-1L, 0L);
this.EnableErrorPage();
this._appProxyInternal = new ApplicationLauncherXappDebug(path, debugSecurityZoneURL).Initialize();
}
else
{
switch (mime)
{
case MimeType.Document:
this._appProxyInternal = this.CreateAppDomainForXpsDocument();
if (this._appProxyInternal == null)
{
num = -1;
}
else if (streamContainer != null)
{
IntPtr iunknownForObject = Marshal.GetIUnknownForObject(streamContainer);
this._appProxyInternal.StreamContainer = iunknownForObject;
Marshal.Release(iunknownForObject);
}
this._initData.Value = null;
break;
case MimeType.Application:
{
XappLauncherApp xappLauncherApp = new XappLauncherApp(uri, applicationId, this._browserCallbackServices, new DocObjHost.ApplicationRunnerCallback(this.RunApplication), nativeProgressPage, progressAssemblyName, progressClassName, errorAssemblyName, errorClassName);
value.HandleHistoryLoad = false;
this._appProxyInternal = new ApplicationProxyInternal();
break;
}
case MimeType.Markup:
this._appProxyInternal = this.CreateAppDomainForLooseXaml(uri);
this._initData.Value = null;
break;
default:
num = -1;
break;
}
}
if (num != -1)
{
if (mime == MimeType.Document || mime == MimeType.Markup)
{
this.EnableErrorPage();
}
if (this.IsAffectedByCtfIssue())
{
num = -1;
this._browserCallbackServices.ProcessUnhandledException(string.Format(CultureInfo.CurrentCulture, SR.Get("AffectedByMsCtfIssue"), new object[]
{
"http://support.microsoft.com/kb/954494"
}));
}
else
{
num = this._appProxyInternal.Run(value);
}
}
}
catch (Exception ex)
{
num = -1;
this._browserCallbackServices.ProcessUnhandledException(ex.ToString());
throw;
}
catch
{
num = -1;
this._browserCallbackServices.ProcessUnhandledException(SR.Get("NonClsActivationException"));
throw;
}
finally
{
this.Cleanup(num);
}
EventTrace.EasyTraceEvent(EventTrace.Keyword.KeywordPerf | EventTrace.Keyword.KeywordHosting, EventTrace.Event.WpfHost_IBHSRunEnd, num);
return(num);
}
