private void CreateMedia(MediaPlayer mediaPlayer)
{
CheckMediaDisabledFlags();
SafeMILHandle unmanagedProxy = null;
MediaEventsHelper.CreateMediaEventsHelper(mediaPlayer, out _mediaEventsHelper, out unmanagedProxy);
try
{
using (FactoryMaker myFactory = new FactoryMaker())
{
HRESULT.Check(UnsafeNativeMethods.MILFactory2.CreateMediaPlayer(
myFactory.FactoryPtr,
unmanagedProxy,
SecurityHelper.CallerHasMediaPermission(MediaPermissionAudio.AllAudio, MediaPermissionVideo.AllVideo, MediaPermissionImage.NoImage),
out _nativeMedia
));
}
}
catch
{
if (_nativeMedia != null && !_nativeMedia.IsInvalid)
{
_nativeMedia.Close();
}
throw;
}
_helper = new Helper(_nativeMedia);
AppDomain.CurrentDomain.ProcessExit += _helper.ProcessExitHandler;
}
private string DemandPermissions(Uri absoluteUri)
{
Debug.Assert(absoluteUri.IsAbsoluteUri);
string toOpen = BindUriHelper.UriToString(absoluteUri);
int targetZone = SecurityHelper.MapUrlToZoneWrapper(absoluteUri);
if (targetZone == NativeMethods.URLZONE_LOCAL_MACHINE)
{
// go here only for files and not for UNC
if (absoluteUri.IsFile)
{
// Please note this pattern is unique and NEEDS TO EXIST , it prevents
// access to any folder but the one where the app is running from.
// PLEASE DO NOT REMOVE THIS DEMAND AND THE ASSERT IN THE CALLING CODE
toOpen = absoluteUri.LocalPath;
(new FileIOPermission(FileIOPermissionAccess.Read, toOpen)).Demand();
}
}
else //Any other zone
{
// UNC path pointing to a file (We filter for `http://intranet)
if (absoluteUri.IsFile && absoluteUri.IsUnc)
{
// perform checks for UNC content
SecurityHelper.EnforceUncContentAccessRules(absoluteUri);
// In this case we first check to see if the consumer has media permissions for
// safe media (Site of Origin + Cross domain).
if (!SecurityHelper.CallerHasMediaPermission(MediaPermissionAudio.SafeAudio,
MediaPermissionVideo.SafeVideo,
MediaPermissionImage.NoImage))
{
// if he does not then we demand web permission to allow access only to site of origin
(new FileIOPermission(FileIOPermissionAccess.Read, toOpen)).Demand();
}
}
else // Any other path
{
// In this case we first check to see if the consumer has media permissions for
// safe media (Site of Origin + Cross domain).
if (absoluteUri.Scheme != Uri.UriSchemeHttps)
{
//accessing non https content from an https app is disallowed
SecurityHelper.BlockCrossDomainForHttpsApps(absoluteUri);
if (!SecurityHelper.CallerHasMediaPermission(MediaPermissionAudio.SafeAudio,
MediaPermissionVideo.SafeVideo,
MediaPermissionImage.NoImage))
{
// if he does not then we demand web permission to allow access only to site of origin
(new WebPermission(NetworkAccess.Connect, toOpen)).Demand();
}
}
else// This is the case where target content is HTTPS
{
(new WebPermission(NetworkAccess.Connect, toOpen)).Demand();
}
}
}
return(toOpen);
}
///
/// Begin a download
///
internal static void BeginDownload(
BitmapDecoder decoder,
Uri uri,
RequestCachePolicy uriCachePolicy,
Stream stream
)
{
lock (_syncLock)
{
if (!_thread.IsAlive)
{
_thread.IsBackground = true;
_thread.Start();
}
}
QueueEntry entry;
// If there is already a download for this uri, just add the decoder to the list
if (uri != null)
{
lock (_syncLock)
{
if (_uriTable[uri] != null)
{
entry = (QueueEntry)_uriTable[uri];
entry.decoders.Add(new WeakReference(decoder));
return;
}
}
}
entry = new QueueEntry();
entry.decoders = new List <WeakReference>();
lock (_syncLock)
{
entry.decoders.Add(new WeakReference(decoder));
}
entry.inputUri = uri;
entry.inputStream = stream;
string cacheFolder = MS.Win32.WinInet.InternetCacheFolder.LocalPath;
bool passed = false;
new SecurityPermission(SecurityPermissionFlag.UnmanagedCode).Assert(); // BlessedAssert
try
{
// Get the file path
StringBuilder tmpFileName = new StringBuilder(NativeMethods.MAX_PATH);
MS.Win32.UnsafeNativeMethods.GetTempFileName(cacheFolder, "WPF", 0, tmpFileName);
try
{
string pathToUse = tmpFileName.ToString();
SafeFileHandle fileHandle = MS.Win32.UnsafeNativeMethods.CreateFile(
pathToUse,
NativeMethods.GENERIC_READ | NativeMethods.GENERIC_WRITE, /* dwDesiredAccess */
0, /* dwShare */
null, /* lpSecurityAttributes */
NativeMethods.CREATE_ALWAYS, /* dwCreationDisposition */
NativeMethods.FILE_ATTRIBUTE_TEMPORARY |
NativeMethods.FILE_FLAG_DELETE_ON_CLOSE, /* dwFlagsAndAttributes */
IntPtr.Zero /* hTemplateFile */
);
if (fileHandle.IsInvalid)
{
throw new Win32Exception();
}
entry.outputStream = new FileStream(fileHandle, FileAccess.ReadWrite);
entry.streamPath = pathToUse;
passed = true;
}
catch (Exception e)
{
if (CriticalExceptions.IsCriticalException(e))
{
throw;
}
}
}
finally
{
SecurityPermission.RevertAssert();
}
if (!passed)
{
throw new IOException(SR.Get(SRID.Image_CannotCreateTempFile));
}
entry.readBuffer = new byte[READ_SIZE];
entry.contentLength = -1;
entry.contentType = string.Empty;
entry.lastPercent = 0;
// Add the entry to the table if we know the uri
if (uri != null)
{
lock (_syncLock)
{
_uriTable[uri] = entry;
}
}
if (stream == null)
{
bool fElevate = false;
if (uri.Scheme == Uri.UriSchemeHttp || uri.Scheme == Uri.UriSchemeHttps)
{
SecurityHelper.BlockCrossDomainForHttpsApps(uri);
// In this case we first check to see if the consumer has media permissions for
// safe media (Site of Origin + Cross domain), if it
// does we assert and run the code that requires the assert
if (SecurityHelper.CallerHasMediaPermission(MediaPermissionAudio.NoAudio,
MediaPermissionVideo.NoVideo,
MediaPermissionImage.SafeImage))
{
fElevate = true;
}
}
// This is the case where we are accessing an http image from an http site and we have media permission
if (fElevate)
{
(new WebPermission(NetworkAccess.Connect, BindUriHelper.UriToString(uri))).Assert(); // BlessedAssert
}
try
{
entry.webRequest = WpfWebRequestHelper.CreateRequest(uri);
if (uriCachePolicy != null)
{
entry.webRequest.CachePolicy = uriCachePolicy;
}
}
finally
{
if (fElevate)
{
WebPermission.RevertAssert();
}
}
entry.webRequest.BeginGetResponse(_responseCallback, entry);
}
else
{
_workQueue.Enqueue(entry);
// Signal
_waitEvent.Set();
}
}
