private static bool isSpecialSubsetCase(string regexToCheck, ArrayList permList)
{
foreach (object obj2 in permList)
{
DelayedRegex regex = obj2 as DelayedRegex;
if (regex != null)
{
if (string.Compare(regexToCheck, regex.ToString(), StringComparison.OrdinalIgnoreCase) == 0)
{
return(true);
}
}
else
{
Uri uri = obj2 as Uri;
if (uri != null)
{
if (string.Compare(regexToCheck, Regex.Escape(uri.GetComponents(UriComponents.HttpRequestUrl, UriFormat.UriEscaped)), StringComparison.OrdinalIgnoreCase) == 0)
{
return(true);
}
}
else if (string.Compare(regexToCheck, Regex.Escape(obj2.ToString()), StringComparison.OrdinalIgnoreCase) == 0)
{
return(true);
}
}
}
return(false);
}
internal void AddAsPattern(NetworkAccess access, DelayedRegex uriRegexPattern)
{
ArrayList list = new ArrayList();
if (((access & NetworkAccess.Connect) != 0) && !this.m_UnrestrictedConnect)
{
list.Add(this.m_connectList);
}
if (((access & NetworkAccess.Accept) != 0) && !this.m_UnrestrictedAccept)
{
list.Add(this.m_acceptList);
}
foreach (ArrayList list2 in list)
{
bool flag = false;
foreach (object obj2 in list2)
{
if ((obj2 is DelayedRegex) && (string.Compare(uriRegexPattern.ToString(), obj2.ToString(), StringComparison.OrdinalIgnoreCase) == 0))
{
flag = true;
break;
}
}
if (!flag)
{
list2.Add(uriRegexPattern);
}
}
}
internal void AddAsPattern(NetworkAccess access, DelayedRegex uriRegexPattern)
{
ArrayList list = new ArrayList();
if (((access & NetworkAccess.Connect) != 0) && !this.m_UnrestrictedConnect)
{
list.Add(this.m_connectList);
}
if (((access & NetworkAccess.Accept) != 0) && !this.m_UnrestrictedAccept)
{
list.Add(this.m_acceptList);
}
foreach (ArrayList list2 in list)
{
bool flag = false;
foreach (object obj2 in list2)
{
if ((obj2 is DelayedRegex) && (string.Compare(uriRegexPattern.ToString(), obj2.ToString(), StringComparison.OrdinalIgnoreCase) == 0))
{
flag = true;
break;
}
}
if (!flag)
{
list2.Add(uriRegexPattern);
}
}
}
//Checks special case when testing Regex to be a subset of other Regex
//Support only the case when both Regexes are identical as strings.
private static bool isSpecialSubsetCase(String regexToCheck, ArrayList permList)
{
Uri uri;
foreach (object uriPattern in permList)
{
DelayedRegex regex = uriPattern as DelayedRegex;
if (regex != null)
{
//regex parameter against regex permission
if (String.Compare(regexToCheck, regex.ToString(), StringComparison.OrdinalIgnoreCase) == 0)
{
return(true);
}
}
else if ((uri = uriPattern as Uri) != null)
{
//regex parameter against Uri permission
if (String.Compare(regexToCheck, Regex.Escape(uri.GetComponents(UriComponents.HttpRequestUrl, UriFormat.UriEscaped)), StringComparison.OrdinalIgnoreCase) == 0)
{
return(true);
}
}
else if (String.Compare(regexToCheck, Regex.Escape(uriPattern.ToString()), StringComparison.OrdinalIgnoreCase) == 0)
{
//regex parameter against string permission
return(true);
}
}
return(false);
}
// Overloaded form using string inputs
// Enforces case-insensitive matching
/// Adds a new instance of the System.Net.WebPermission
/// class with the specified access rights for the specified URI Pattern
internal void AddAsPattern(NetworkAccess access, DelayedRegex uriRegexPattern)
{
ArrayList lists = new ArrayList();
if ((access & NetworkAccess.Connect) != 0 && !m_UnrestrictedConnect)
{
lists.Add(m_connectList);
}
if ((access & NetworkAccess.Accept) != 0 && !m_UnrestrictedAccept)
{
lists.Add(m_acceptList);
}
foreach (ArrayList list in lists)
{
// avoid duplicated regexes in the list
bool found = false;
foreach (object obj in list)
{
if ((obj is DelayedRegex) && (string.Compare(uriRegexPattern.ToString(), obj.ToString(), StringComparison.OrdinalIgnoreCase) == 0))
{
found = true;
break;
}
}
if (!found)
{
list.Add(uriRegexPattern);
}
}
}
// Verifies a single Uri against a set of regular expressions
private static bool isMatchedURI(object uriToCheck, ArrayList uriPatternList)
{
string stringUri = uriToCheck as string;
foreach (object uriPattern in uriPatternList)
{
DelayedRegex R = uriPattern as DelayedRegex;
//perform case insensitive comparison of final URIs or strings, a Uri is never equal compares a string (strings are invalid Uris)
if (R == null)
{
if (uriToCheck.GetType() == uriPattern.GetType())
{
if (stringUri != null && string.Compare(stringUri, (string)uriPattern, StringComparison.OrdinalIgnoreCase) == 0)
{
return(true);
}
else if (stringUri == null && uriToCheck.Equals(uriPattern))
{
return(true);
}
}
continue;
}
//Otherwise trying match final URI against given Regex pattern
string s = stringUri != null? stringUri: ((Uri)uriToCheck).GetComponents(UriComponents.HttpRequestUrl, UriFormat.UriEscaped);
Match M = R.AsRegex.Match(s);
if ((M != null) && // Found match for the regular expression?
(M.Index == 0) && // ... which starts at the begining
(M.Length == s.Length)) // ... and the whole string matched
{
return(true);
}
if (stringUri != null)
{
continue;
}
//
// check if the URI was presented in non-canonical form
//
s = ((Uri)uriToCheck).GetComponents(UriComponents.HttpRequestUrl, UriFormat.SafeUnescaped);
M = R.AsRegex.Match(s);
if ((M != null) && // Found match for the regular expression?
(M.Index == 0) && // ... which starts at the begining
(M.Length == s.Length)) // ... and the whole string matched
{
return(true);
}
}
return(false);
}
private static object intersectPair(object L, object R, out bool isUri)
{
//VERY OLD OPTION: return new Regex("(?=(" + ((Regex)X[i]).ToString()+ "))(" + ((Regex)Y[j]).ToString() + ")","i");
//STILL OLD OPTION: return new Regex("(?=.*?(" + L.ToString() + "))" + "(?=.*?(" + R.ToString() + "))");
// check RegexSpec.doc
//CURRENT OPTION: return new Regex("(?=(" + L.ToString() + "))(" + R.ToString() + ")", RegexOptions.IgnoreCase );
isUri = false;
DelayedRegex L_Pattern = L as DelayedRegex;
DelayedRegex R_Pattern = R as DelayedRegex;
if (L_Pattern != null && R_Pattern != null) //both are Regex
{
return(new DelayedRegex("(?=(" + L_Pattern.ToString() + "))(" + R_Pattern.ToString() + ")"));
}
else if (L_Pattern != null && R_Pattern == null) //only L is a Regex
{
isUri = R is Uri;
string uriString = isUri? ((Uri)R).GetComponents(UriComponents.HttpRequestUrl, UriFormat.UriEscaped): R.ToString();
Match M = L_Pattern.AsRegex.Match(uriString);
if ((M != null) && // Found match for the regular expression?
(M.Index == 0) && // ... which starts at the begining
(M.Length == uriString.Length)) // ... and the whole string matched
{
return(R);
}
return(null);
}
else if (L_Pattern == null && R_Pattern != null) //only R is a Regex
{
isUri = L is Uri;
string uriString = isUri? ((Uri)L).GetComponents(UriComponents.HttpRequestUrl, UriFormat.UriEscaped): L.ToString();
Match M = R_Pattern.AsRegex.Match(uriString);
if ((M != null) && // Found match for the regular expression?
(M.Index == 0) && // ... which starts at the begining
(M.Length == uriString.Length)) // ... and the whole string matched
{
return(L);
}
return(null);
}
//both are Uris or strings
isUri = L is Uri;
if (isUri)
{
return(L.Equals(R)? L : null);
}
else
{
return(string.Compare(L.ToString(), R.ToString(), StringComparison.OrdinalIgnoreCase) == 0? L : null);
}
}
private static object intersectPair(object L, object R, out bool isUri)
{
isUri = false;
DelayedRegex regex = L as DelayedRegex;
DelayedRegex regex2 = R as DelayedRegex;
if ((regex != null) && (regex2 != null))
{
return(new DelayedRegex("(?=(" + regex.ToString() + "))(" + regex2.ToString() + ")"));
}
if ((regex != null) && (regex2 == null))
{
isUri = R is Uri;
string input = isUri ? ((Uri)R).GetComponents(UriComponents.HttpRequestUrl, UriFormat.UriEscaped) : R.ToString();
Match match = regex.AsRegex.Match(input);
if (((match != null) && (match.Index == 0)) && (match.Length == input.Length))
{
return(R);
}
return(null);
}
if ((regex == null) && (regex2 != null))
{
isUri = L is Uri;
string str2 = isUri ? ((Uri)L).GetComponents(UriComponents.HttpRequestUrl, UriFormat.UriEscaped) : L.ToString();
Match match2 = regex2.AsRegex.Match(str2);
if (((match2 != null) && (match2.Index == 0)) && (match2.Length == str2.Length))
{
return(L);
}
return(null);
}
isUri = L is Uri;
if (isUri)
{
if (!L.Equals(R))
{
return(null);
}
return(L);
}
if (string.Compare(L.ToString(), R.ToString(), StringComparison.OrdinalIgnoreCase) != 0)
{
return(null);
}
return(L);
}
private static bool isMatchedURI(object uriToCheck, ArrayList uriPatternList)
{
string strA = uriToCheck as string;
foreach (object obj2 in uriPatternList)
{
DelayedRegex regex = obj2 as DelayedRegex;
if (regex == null)
{
if (uriToCheck.GetType() == obj2.GetType())
{
if ((strA != null) && (string.Compare(strA, (string)obj2, StringComparison.OrdinalIgnoreCase) == 0))
{
return(true);
}
if ((strA == null) && uriToCheck.Equals(obj2))
{
return(true);
}
}
}
else
{
string input = (strA != null) ? strA : ((Uri)uriToCheck).GetComponents(UriComponents.HttpRequestUrl, UriFormat.UriEscaped);
Match match = regex.AsRegex.Match(input);
if (((match != null) && (match.Index == 0)) && (match.Length == input.Length))
{
return(true);
}
if (strA == null)
{
input = ((Uri)uriToCheck).GetComponents(UriComponents.HttpRequestUrl, UriFormat.SafeUnescaped);
match = regex.AsRegex.Match(input);
if (((match != null) && (match.Index == 0)) && (match.Length == input.Length))
{
return(true);
}
}
}
}
return(false);
}
public override IPermission Union(IPermission target)
{
if (target == null)
{
return(this.Copy());
}
WebPermission permission = target as WebPermission;
if (permission == null)
{
throw new ArgumentException(SR.GetString("net_perm_target"), "target");
}
if (this.m_noRestriction || permission.m_noRestriction)
{
return(new WebPermission(true));
}
WebPermission permission2 = new WebPermission();
if (this.m_UnrestrictedConnect || permission.m_UnrestrictedConnect)
{
permission2.m_UnrestrictedConnect = true;
}
else
{
permission2.m_connectList = (ArrayList)permission.m_connectList.Clone();
for (int j = 0; j < this.m_connectList.Count; j++)
{
DelayedRegex uriRegexPattern = this.m_connectList[j] as DelayedRegex;
if (uriRegexPattern == null)
{
if (this.m_connectList[j] is string)
{
permission2.AddPermission(NetworkAccess.Connect, (string)this.m_connectList[j]);
}
else
{
permission2.AddPermission(NetworkAccess.Connect, (Uri)this.m_connectList[j]);
}
}
else
{
permission2.AddAsPattern(NetworkAccess.Connect, uriRegexPattern);
}
}
}
if (this.m_UnrestrictedAccept || permission.m_UnrestrictedAccept)
{
permission2.m_UnrestrictedAccept = true;
return(permission2);
}
permission2.m_acceptList = (ArrayList)permission.m_acceptList.Clone();
for (int i = 0; i < this.m_acceptList.Count; i++)
{
DelayedRegex regex2 = this.m_acceptList[i] as DelayedRegex;
if (regex2 == null)
{
if (this.m_acceptList[i] is string)
{
permission2.AddPermission(NetworkAccess.Accept, (string)this.m_acceptList[i]);
}
else
{
permission2.AddPermission(NetworkAccess.Accept, (Uri)this.m_acceptList[i]);
}
}
else
{
permission2.AddAsPattern(NetworkAccess.Accept, regex2);
}
}
return(permission2);
}
// Overloaded form using string inputs
// Enforces case-insensitive matching
/// Adds a new instance of the System.Net.WebPermission
/// class with the specified access rights for the specified URI Pattern
internal void AddAsPattern(NetworkAccess access, DelayedRegex uriRegexPattern)
{
ArrayList lists = new ArrayList();
if ((access & NetworkAccess.Connect) != 0 && !m_UnrestrictedConnect)
lists.Add(m_connectList);
if ((access & NetworkAccess.Accept) != 0 && !m_UnrestrictedAccept)
lists.Add(m_acceptList);
foreach (ArrayList list in lists)
{
// avoid duplicated regexes in the list
bool found = false;
foreach (object obj in list) {
if ((obj is DelayedRegex) && (string.Compare(uriRegexPattern.ToString(), obj.ToString(), StringComparison.OrdinalIgnoreCase ) == 0)) {
found = true;
break;
}
}
if (!found) {
list.Add(uriRegexPattern);
}
}
}
// The union of two web permissions is formed by concatenating
// the list of allowed regular expressions. There is no check
// for duplicates/overlaps
/// <devdoc>
/// <para>Returns the logical union between two <see cref='System.Net.WebPermission'/> instances.</para>
/// </devdoc>
public override IPermission Union(IPermission target)
{
// Pattern suggested by Security engine
if (target == null)
{
return(this.Copy());
}
WebPermission other = target as WebPermission;
if (other == null)
{
throw new ArgumentException(SR.GetString(SR.net_perm_target), "target");
}
if (m_noRestriction || other.m_noRestriction)
{
return(new WebPermission(true));
}
WebPermission result = new WebPermission();
if (m_UnrestrictedConnect || other.m_UnrestrictedConnect)
{
result.m_UnrestrictedConnect = true;
}
else
{
result.m_connectList = (ArrayList)other.m_connectList.Clone();
for (int i = 0; i < m_connectList.Count; i++)
{
DelayedRegex uriPattern = m_connectList[i] as DelayedRegex;
if (uriPattern == null)
{
if (m_connectList[i] is string)
{
result.AddPermission(NetworkAccess.Connect, (string)m_connectList[i]);
}
else
{
result.AddPermission(NetworkAccess.Connect, (Uri)m_connectList[i]);
}
}
else
{
result.AddAsPattern(NetworkAccess.Connect, uriPattern);
}
}
}
if (m_UnrestrictedAccept || other.m_UnrestrictedAccept)
{
result.m_UnrestrictedAccept = true;
}
else
{
result.m_acceptList = (ArrayList)other.m_acceptList.Clone();
for (int i = 0; i < m_acceptList.Count; i++)
{
DelayedRegex uriPattern = m_acceptList[i] as DelayedRegex;
if (uriPattern == null)
{
if (m_acceptList[i] is string)
{
result.AddPermission(NetworkAccess.Accept, (string)m_acceptList[i]);
}
else
{
result.AddPermission(NetworkAccess.Accept, (Uri)m_acceptList[i]);
}
}
else
{
result.AddAsPattern(NetworkAccess.Accept, uriPattern);
}
}
}
return(result);
}
/// <devdoc>
/// <para>Compares two <see cref='System.Net.WebPermission'/> instances.</para>
/// </devdoc>
public override bool IsSubsetOf(IPermission target)
{
// Pattern suggested by security engine
if (target == null)
{
return(!m_noRestriction && !m_UnrestrictedConnect && !m_UnrestrictedAccept && m_connectList.Count == 0 && m_acceptList.Count == 0);
}
WebPermission other = target as WebPermission;
if (other == null)
{
throw new ArgumentException(SR.GetString(SR.net_perm_target), "target");
}
if (other.m_noRestriction)
{
return(true);
}
else if (m_noRestriction)
{
return(false);
}
//
// Besides SPECIAL case, this method is restricted to only final URIs (strings) on
// the current object.
// The restriction comes from the problem of finding a Regex to be a subset of another Regex
//
DelayedRegex regex = null;
if (!other.m_UnrestrictedAccept)
{
if (m_UnrestrictedAccept)
{
return(false);
}
else if (m_acceptList.Count != 0)
{
if (other.m_acceptList.Count == 0)
{
return(false);
}
foreach (object obj in this.m_acceptList)
{
regex = obj as DelayedRegex;
if (regex != null)
{
if (isSpecialSubsetCase(obj.ToString(), other.m_acceptList))
{
continue;
}
throw new NotSupportedException(SR.GetString(SR.net_perm_both_regex));
}
if (!isMatchedURI(obj, other.m_acceptList))
{
return(false);
}
}
}
}
if (!other.m_UnrestrictedConnect)
{
if (m_UnrestrictedConnect)
{
return(false);
}
else if (m_connectList.Count != 0)
{
if (other.m_connectList.Count == 0)
{
return(false);
}
foreach (object obj in this.m_connectList)
{
regex = obj as DelayedRegex;
if (regex != null)
{
if (isSpecialSubsetCase(obj.ToString(), other.m_connectList))
{
continue;
}
throw new NotSupportedException(SR.GetString(SR.net_perm_both_regex));
}
if (!isMatchedURI(obj, other.m_connectList))
{
return(false);
}
}
}
}
return(true);
}