/// <summary>
/// Ensures that the provided script block is compatible with the current language mode - to
/// be used when a script block is being dotted.
/// </summary>
/// <param name="scriptBlock">The script block being dotted.</param>
/// <param name="languageMode">The current language mode.</param>
/// <param name="invocationInfo">The invocation info about the command.</param>
protected static void ValidateCompatibleLanguageMode(
ScriptBlock scriptBlock,
PSLanguageMode languageMode,
InvocationInfo invocationInfo)
{
// If we are in a constrained language mode (Core or Restricted), block it.
// We are currently restricting in one direction:
// - Can't dot something from a more permissive mode, since that would probably expose
// functions that were never designed to handle untrusted data.
// This function won't be called for NoLanguage mode so the only direction checked is trusted
// (FullLanguage mode) script running in a constrained/restricted session.
if ((scriptBlock.LanguageMode.HasValue) &&
(scriptBlock.LanguageMode != languageMode) &&
((languageMode == PSLanguageMode.RestrictedLanguage) ||
(languageMode == PSLanguageMode.ConstrainedLanguage)))
{
// Finally check if script block is really just PowerShell commands plus parameters.
// If so then it is safe to dot source across language mode boundaries.
bool isSafeToDotSource = false;
try
{
scriptBlock.GetPowerShell();
isSafeToDotSource = true;
}
catch (Exception)
{
}
if (!isSafeToDotSource)
{
ErrorRecord errorRecord = new ErrorRecord(
new NotSupportedException(
DiscoveryExceptions.DotSourceNotSupported),
"DotSourceNotSupported",
ErrorCategory.InvalidOperation,
null);
errorRecord.SetInvocationInfo(invocationInfo);
throw new CmdletInvocationException(errorRecord);
}
}
}
/// <summary>
/// Ensures that the provided script block is compatible with the current language mode - to
/// be used when a script block is being dotted.
/// </summary>
/// <param name="scriptBlock">The script block being dotted</param>
/// <param name="languageMode">The current language mode</param>
/// <param name="invocationInfo">The invocation info about the command</param>
protected static void ValidateCompatibleLanguageMode(ScriptBlock scriptBlock,
PSLanguageMode languageMode,
InvocationInfo invocationInfo)
{
// If we are in a constrained language mode (Core or Restricted), block it.
// We are currently restricting in one direction:
// - Can't dot something from a more permissive mode, since that would probably expose
// functions that were never designed to handle untrusted data.
// This function won't be called for NoLanguage mode so the only direction checked is trusted
// (FullLanguage mode) script running in a constrained/restricted session.
if ((scriptBlock.LanguageMode.HasValue) &&
(scriptBlock.LanguageMode != languageMode) &&
((languageMode == PSLanguageMode.RestrictedLanguage) ||
(languageMode == PSLanguageMode.ConstrainedLanguage)))
{
// Finally check if script block is really just PowerShell commands plus parameters.
// If so then it is safe to dot source across language mode boundaries.
bool isSafeToDotSource = false;
try
{
scriptBlock.GetPowerShell();
isSafeToDotSource = true;
}
catch (Exception e)
{
CheckForSevereException(e);
}
if (!isSafeToDotSource)
{
ErrorRecord errorRecord = new ErrorRecord(
new NotSupportedException(
DiscoveryExceptions.DotSourceNotSupported),
"DotSourceNotSupported",
ErrorCategory.InvalidOperation,
null);
errorRecord.SetInvocationInfo(invocationInfo);
throw new CmdletInvocationException(errorRecord);
}
}
}