public MyScriptWhitelist(MyScriptCompiler scriptCompiler)
{
m_scriptCompiler = scriptCompiler;
using (var handle = this.OpenBatch())
{
handle.AllowNamespaceOfTypes(MyWhitelistTarget.Both,
typeof(System.Collections.IEnumerator),
typeof(System.Collections.Generic.IEnumerable<>),
typeof(System.Collections.Generic.HashSet<>),
typeof(System.Collections.Generic.Queue<>),
typeof(System.Collections.Concurrent.ConcurrentDictionary<,>),
typeof(System.Collections.Concurrent.ConcurrentBag<>),
typeof(System.Linq.Enumerable),
typeof(System.Text.StringBuilder),
typeof(System.Text.RegularExpressions.Regex),
typeof(System.Globalization.Calendar)
);
// Are we _sure_ about this one? Seems scary to say the least...
handle.AllowNamespaceOfTypes(MyWhitelistTarget.ModApi, typeof(System.Timers.Timer));
handle.AllowTypes(MyWhitelistTarget.ModApi,
typeof(System.Diagnostics.TraceEventType),
typeof(AssemblyProductAttribute),
typeof(AssemblyDescriptionAttribute),
typeof(AssemblyConfigurationAttribute),
typeof(AssemblyCompanyAttribute),
typeof(AssemblyCultureAttribute),
typeof(AssemblyVersionAttribute),
typeof(AssemblyFileVersionAttribute),
typeof(AssemblyCopyrightAttribute),
typeof(AssemblyTrademarkAttribute),
typeof(AssemblyTitleAttribute),
typeof(ComVisibleAttribute),
typeof(DefaultValueAttribute),
typeof(SerializableAttribute),
typeof(GuidAttribute),
typeof(StructLayoutAttribute),
typeof(LayoutKind)
);
// TODO: Evaluate whether any of the following may be better off whitelisted for modAPI only
handle.AllowTypes(MyWhitelistTarget.Both,
//typeof(System.MulticastDelegate), //delegates allowed directly in checking, delegates are harmless since you have to call or store something in it which is also checked
typeof(object),
typeof(System.IDisposable),
typeof(string),
typeof(System.StringComparison),
typeof(System.Math),
typeof(System.Enum),
typeof(int),
typeof(short),
typeof(long),
typeof(uint),
typeof(ushort),
typeof(ulong),
typeof(double),
typeof(float),
typeof(bool),
typeof(char),
typeof(byte),
typeof(sbyte),
typeof(decimal),
typeof(System.DateTime),
typeof(System.TimeSpan),
typeof(System.Array),
typeof(System.Xml.Serialization.XmlElementAttribute),
typeof(System.Xml.Serialization.XmlAttributeAttribute),
typeof(System.Xml.Serialization.XmlArrayAttribute),
typeof(System.Xml.Serialization.XmlArrayItemAttribute),
typeof(System.Xml.Serialization.XmlAnyAttributeAttribute),
typeof(System.Xml.Serialization.XmlAnyElementAttribute),
typeof(System.Xml.Serialization.XmlAnyElementAttributes),
typeof(System.Xml.Serialization.XmlArrayItemAttributes),
typeof(System.Xml.Serialization.XmlAttributeEventArgs),
typeof(System.Xml.Serialization.XmlAttributeOverrides),
typeof(System.Xml.Serialization.XmlAttributes),
typeof(System.Xml.Serialization.XmlChoiceIdentifierAttribute),
typeof(System.Xml.Serialization.XmlElementAttributes),
typeof(System.Xml.Serialization.XmlElementEventArgs),
typeof(System.Xml.Serialization.XmlEnumAttribute),
typeof(System.Xml.Serialization.XmlIgnoreAttribute),
typeof(System.Xml.Serialization.XmlIncludeAttribute),
typeof(System.Xml.Serialization.XmlRootAttribute),
typeof(System.Xml.Serialization.XmlTextAttribute),
typeof(System.Xml.Serialization.XmlTypeAttribute),
typeof(System.Runtime.CompilerServices.RuntimeHelpers),
typeof(System.IO.Stream),
//typeof(System.IO.StreamWriter),//can be constructed with path
//typeof(System.IO.StreamReader),
typeof(System.IO.TextWriter),
typeof(System.IO.TextReader),
typeof(System.IO.BinaryReader),
typeof(System.IO.BinaryWriter),
typeof(NullReferenceException),
typeof(ArgumentException),
typeof(ArgumentNullException),
typeof(InvalidOperationException),
typeof(FormatException),
typeof(System.Exception),
typeof(System.DivideByZeroException),
typeof(System.InvalidCastException),
typeof(System.IO.FileNotFoundException),
typeof(NotSupportedException),
typeof(System.Nullable<>),
typeof(StringComparer),
typeof(System.IEquatable<>),
typeof(System.IComparable),
typeof(System.IComparable<>),
typeof(System.BitConverter), // Useful for serializing custom messages/data in non-xml format
typeof(System.FlagsAttribute),
typeof(System.IO.Path),
typeof(System.Random),
//typeof(System.Runtime.CompilerServices.CompilerHelper), // We use this in tests
typeof(System.Convert), //Enum needs it, also usefull tool, they can convert object to type but cannot call what isnt whitelisted and Method.Invoke isnt whitelisted
typeof(StringSplitOptions),
typeof(DateTimeKind),
typeof(MidpointRounding),
typeof(EventArgs)
);
handle.AllowMembers(MyWhitelistTarget.Both,
typeof(System.Reflection.MemberInfo).GetProperty("Name"));
handle.AllowMembers(MyWhitelistTarget.Both,
typeof(Type).GetProperty("FullName"),
typeof(Type).GetMethod("GetTypeFromHandle"),
typeof(Type).GetMethod("GetFields", new[] {typeof(System.Reflection.BindingFlags)}),
typeof(Type).GetMethod("IsEquivalentTo"),
typeof(Type).GetMethod("op_Equality"),
typeof(Type).GetMethod("ToString")
);
//var t = typeof(MethodInfo).Assembly.GetType("System.Reflection.RuntimeMethodInfo");
//AllowedOperands[t] = new List<MemberInfo>() { t.GetMethod("Equals") };
handle.AllowMembers(MyWhitelistTarget.Both,
typeof(ValueType).GetMethod("Equals"),
typeof(ValueType).GetMethod("GetHashCode"),
typeof(ValueType).GetMethod("ToString")
);
handle.AllowMembers(MyWhitelistTarget.Both,
typeof(Environment).GetProperty("CurrentManagedThreadId", BindingFlags.Static | BindingFlags.Public),
typeof(Environment).GetProperty("NewLine", BindingFlags.Static | BindingFlags.Public),
typeof(Environment).GetProperty("ProcessorCount", BindingFlags.Static | BindingFlags.Public)
);
// TODO: The following may not be necessary at all
var rt = typeof(Type).Assembly.GetType("System.RuntimeType");
handle.AllowMembers(MyWhitelistTarget.Both,
rt.GetMethod("op_Inequality"),
rt.GetMethod("GetFields", new[] {typeof(System.Reflection.BindingFlags)})
);
//var rtField = typeof(Type).Assembly.GetType("System.Reflection.RtFieldInfo");
//handle.AllowMembers(WhitelistTarget.Both,
// rtField.GetMethod("UnsafeGetValue", BindingFlags.NonPublic | BindingFlags.Instance)
// );
}
}
public MyScriptWhitelist(MyScriptCompiler scriptCompiler)
{
m_scriptCompiler = scriptCompiler;
using (var handle = this.OpenBatch())
{
handle.AllowNamespaceOfTypes(MyWhitelistTarget.Both,
typeof(System.Collections.IEnumerator),
typeof(System.Collections.Generic.IEnumerable <>),
typeof(System.Collections.Generic.HashSet <>),
typeof(System.Collections.Generic.Queue <>),
typeof(System.Collections.Concurrent.ConcurrentDictionary <,>),
typeof(System.Collections.Concurrent.ConcurrentBag <>),
typeof(System.Linq.Enumerable),
typeof(System.Text.StringBuilder),
typeof(System.Text.RegularExpressions.Regex),
typeof(System.Globalization.Calendar)
);
// Are we _sure_ about this one? Seems scary to say the least...
handle.AllowNamespaceOfTypes(MyWhitelistTarget.ModApi, typeof(System.Timers.Timer));
handle.AllowTypes(MyWhitelistTarget.ModApi,
typeof(System.Diagnostics.TraceEventType),
typeof(AssemblyProductAttribute),
typeof(AssemblyDescriptionAttribute),
typeof(AssemblyConfigurationAttribute),
typeof(AssemblyCompanyAttribute),
typeof(AssemblyCultureAttribute),
typeof(AssemblyVersionAttribute),
typeof(AssemblyFileVersionAttribute),
typeof(AssemblyCopyrightAttribute),
typeof(AssemblyTrademarkAttribute),
typeof(AssemblyTitleAttribute),
typeof(ComVisibleAttribute),
typeof(DefaultValueAttribute),
typeof(SerializableAttribute),
typeof(GuidAttribute),
typeof(StructLayoutAttribute),
typeof(LayoutKind)
);
// TODO: Evaluate whether any of the following may be better off whitelisted for modAPI only
handle.AllowTypes(MyWhitelistTarget.Both,
//typeof(System.MulticastDelegate), //delegates allowed directly in checking, delegates are harmless since you have to call or store something in it which is also checked
typeof(object),
typeof(System.IDisposable),
typeof(string),
typeof(System.StringComparison),
typeof(System.Math),
typeof(System.Enum),
typeof(int),
typeof(short),
typeof(long),
typeof(uint),
typeof(ushort),
typeof(ulong),
typeof(double),
typeof(float),
typeof(bool),
typeof(char),
typeof(byte),
typeof(sbyte),
typeof(decimal),
typeof(System.DateTime),
typeof(System.TimeSpan),
typeof(System.Array),
typeof(System.Xml.Serialization.XmlElementAttribute),
typeof(System.Xml.Serialization.XmlAttributeAttribute),
typeof(System.Xml.Serialization.XmlArrayAttribute),
typeof(System.Xml.Serialization.XmlArrayItemAttribute),
typeof(System.Xml.Serialization.XmlAnyAttributeAttribute),
typeof(System.Xml.Serialization.XmlAnyElementAttribute),
typeof(System.Xml.Serialization.XmlAnyElementAttributes),
typeof(System.Xml.Serialization.XmlArrayItemAttributes),
typeof(System.Xml.Serialization.XmlAttributeEventArgs),
typeof(System.Xml.Serialization.XmlAttributeOverrides),
typeof(System.Xml.Serialization.XmlAttributes),
typeof(System.Xml.Serialization.XmlChoiceIdentifierAttribute),
typeof(System.Xml.Serialization.XmlElementAttributes),
typeof(System.Xml.Serialization.XmlElementEventArgs),
typeof(System.Xml.Serialization.XmlEnumAttribute),
typeof(System.Xml.Serialization.XmlIgnoreAttribute),
typeof(System.Xml.Serialization.XmlIncludeAttribute),
typeof(System.Xml.Serialization.XmlRootAttribute),
typeof(System.Xml.Serialization.XmlTextAttribute),
typeof(System.Xml.Serialization.XmlTypeAttribute),
typeof(System.Runtime.CompilerServices.RuntimeHelpers),
typeof(System.IO.Stream),
//typeof(System.IO.StreamWriter),//can be constructed with path
//typeof(System.IO.StreamReader),
typeof(System.IO.TextWriter),
typeof(System.IO.TextReader),
typeof(System.IO.BinaryReader),
typeof(System.IO.BinaryWriter),
typeof(NullReferenceException),
typeof(ArgumentException),
typeof(ArgumentNullException),
typeof(InvalidOperationException),
typeof(FormatException),
typeof(System.Exception),
typeof(System.DivideByZeroException),
typeof(System.InvalidCastException),
typeof(System.IO.FileNotFoundException),
typeof(NotSupportedException),
typeof(System.Nullable <>),
typeof(StringComparer),
typeof(System.IEquatable <>),
typeof(System.IComparable),
typeof(System.IComparable <>),
typeof(System.BitConverter), // Useful for serializing custom messages/data in non-xml format
typeof(System.FlagsAttribute),
typeof(System.IO.Path),
typeof(System.Random),
//typeof(System.Runtime.CompilerServices.CompilerHelper), // We use this in tests
typeof(System.Convert), //Enum needs it, also usefull tool, they can convert object to type but cannot call what isnt whitelisted and Method.Invoke isnt whitelisted
typeof(StringSplitOptions),
typeof(DateTimeKind),
typeof(MidpointRounding),
typeof(EventArgs)
);
handle.AllowMembers(MyWhitelistTarget.Both,
typeof(System.Reflection.MemberInfo).GetProperty("Name"));
handle.AllowMembers(MyWhitelistTarget.Both,
typeof(Type).GetProperty("FullName"),
typeof(Type).GetMethod("GetTypeFromHandle"),
typeof(Type).GetMethod("GetFields", new[] { typeof(System.Reflection.BindingFlags) }),
typeof(Type).GetMethod("IsEquivalentTo"),
typeof(Type).GetMethod("op_Equality"),
typeof(Type).GetMethod("ToString")
);
//var t = typeof(MethodInfo).Assembly.GetType("System.Reflection.RuntimeMethodInfo");
//AllowedOperands[t] = new List<MemberInfo>() { t.GetMethod("Equals") };
handle.AllowMembers(MyWhitelistTarget.Both,
typeof(ValueType).GetMethod("Equals"),
typeof(ValueType).GetMethod("GetHashCode"),
typeof(ValueType).GetMethod("ToString")
);
handle.AllowMembers(MyWhitelistTarget.Both,
typeof(Environment).GetProperty("CurrentManagedThreadId", BindingFlags.Static | BindingFlags.Public),
typeof(Environment).GetProperty("NewLine", BindingFlags.Static | BindingFlags.Public),
typeof(Environment).GetProperty("ProcessorCount", BindingFlags.Static | BindingFlags.Public)
);
// TODO: The following may not be necessary at all
var rt = typeof(Type).Assembly.GetType("System.RuntimeType");
handle.AllowMembers(MyWhitelistTarget.Both,
rt.GetMethod("op_Inequality"),
rt.GetMethod("GetFields", new[] { typeof(System.Reflection.BindingFlags) })
);
//var rtField = typeof(Type).Assembly.GetType("System.Reflection.RtFieldInfo");
//handle.AllowMembers(WhitelistTarget.Both,
// rtField.GetMethod("UnsafeGetValue", BindingFlags.NonPublic | BindingFlags.Instance)
// );
}
}