private string DemandPermissions(Uri absoluteUri) { Debug.Assert(absoluteUri.IsAbsoluteUri); string toOpen = BindUriHelper.UriToString(absoluteUri); int targetZone = SecurityHelper.MapUrlToZoneWrapper(absoluteUri); if (targetZone == NativeMethods.URLZONE_LOCAL_MACHINE) { // go here only for files and not for UNC if (absoluteUri.IsFile) { // Please note this pattern is unique and NEEDS TO EXIST , it prevents // access to any folder but the one where the app is running from. // PLEASE DO NOT REMOVE THIS DEMAND AND THE ASSERT IN THE CALLING CODE toOpen = absoluteUri.LocalPath; (new FileIOPermission(FileIOPermissionAccess.Read, toOpen)).Demand(); } } else //Any other zone { // UNC path pointing to a file (We filter for `http://intranet) if (absoluteUri.IsFile && absoluteUri.IsUnc) { // perform checks for UNC content SecurityHelper.EnforceUncContentAccessRules(absoluteUri); // In this case we first check to see if the consumer has media permissions for // safe media (Site of Origin + Cross domain). if (!SecurityHelper.CallerHasMediaPermission(MediaPermissionAudio.SafeAudio, MediaPermissionVideo.SafeVideo, MediaPermissionImage.NoImage)) { // if he does not then we demand web permission to allow access only to site of origin (new FileIOPermission(FileIOPermissionAccess.Read, toOpen)).Demand(); } } else // Any other path { // In this case we first check to see if the consumer has media permissions for // safe media (Site of Origin + Cross domain). if (absoluteUri.Scheme != Uri.UriSchemeHttps) { //accessing non https content from an https app is disallowed SecurityHelper.BlockCrossDomainForHttpsApps(absoluteUri); if (!SecurityHelper.CallerHasMediaPermission(MediaPermissionAudio.SafeAudio, MediaPermissionVideo.SafeVideo, MediaPermissionImage.NoImage)) { // if he does not then we demand web permission to allow access only to site of origin (new WebPermission(NetworkAccess.Connect, toOpen)).Demand(); } } else// This is the case where target content is HTTPS { (new WebPermission(NetworkAccess.Connect, toOpen)).Demand(); } } } return(toOpen); }
/// /// Begin a download /// internal static void BeginDownload( BitmapDecoder decoder, Uri uri, RequestCachePolicy uriCachePolicy, Stream stream ) { lock (_syncLock) { if (!_thread.IsAlive) { _thread.IsBackground = true; _thread.Start(); } } QueueEntry entry; // If there is already a download for this uri, just add the decoder to the list if (uri != null) { lock (_syncLock) { if (_uriTable[uri] != null) { entry = (QueueEntry)_uriTable[uri]; entry.decoders.Add(new WeakReference(decoder)); return; } } } entry = new QueueEntry(); entry.decoders = new List <WeakReference>(); lock (_syncLock) { entry.decoders.Add(new WeakReference(decoder)); } entry.inputUri = uri; entry.inputStream = stream; string cacheFolder = MS.Win32.WinInet.InternetCacheFolder.LocalPath; bool passed = false; new SecurityPermission(SecurityPermissionFlag.UnmanagedCode).Assert(); // BlessedAssert try { // Get the file path StringBuilder tmpFileName = new StringBuilder(NativeMethods.MAX_PATH); MS.Win32.UnsafeNativeMethods.GetTempFileName(cacheFolder, "WPF", 0, tmpFileName); try { string pathToUse = tmpFileName.ToString(); SafeFileHandle fileHandle = MS.Win32.UnsafeNativeMethods.CreateFile( pathToUse, NativeMethods.GENERIC_READ | NativeMethods.GENERIC_WRITE, /* dwDesiredAccess */ 0, /* dwShare */ null, /* lpSecurityAttributes */ NativeMethods.CREATE_ALWAYS, /* dwCreationDisposition */ NativeMethods.FILE_ATTRIBUTE_TEMPORARY | NativeMethods.FILE_FLAG_DELETE_ON_CLOSE, /* dwFlagsAndAttributes */ IntPtr.Zero /* hTemplateFile */ ); if (fileHandle.IsInvalid) { throw new Win32Exception(); } entry.outputStream = new FileStream(fileHandle, FileAccess.ReadWrite); entry.streamPath = pathToUse; passed = true; } catch (Exception e) { if (CriticalExceptions.IsCriticalException(e)) { throw; } } } finally { SecurityPermission.RevertAssert(); } if (!passed) { throw new IOException(SR.Get(SRID.Image_CannotCreateTempFile)); } entry.readBuffer = new byte[READ_SIZE]; entry.contentLength = -1; entry.contentType = string.Empty; entry.lastPercent = 0; // Add the entry to the table if we know the uri if (uri != null) { lock (_syncLock) { _uriTable[uri] = entry; } } if (stream == null) { bool fElevate = false; if (uri.Scheme == Uri.UriSchemeHttp || uri.Scheme == Uri.UriSchemeHttps) { SecurityHelper.BlockCrossDomainForHttpsApps(uri); // In this case we first check to see if the consumer has media permissions for // safe media (Site of Origin + Cross domain), if it // does we assert and run the code that requires the assert if (SecurityHelper.CallerHasMediaPermission(MediaPermissionAudio.NoAudio, MediaPermissionVideo.NoVideo, MediaPermissionImage.SafeImage)) { fElevate = true; } } // This is the case where we are accessing an http image from an http site and we have media permission if (fElevate) { (new WebPermission(NetworkAccess.Connect, BindUriHelper.UriToString(uri))).Assert(); // BlessedAssert } try { entry.webRequest = WpfWebRequestHelper.CreateRequest(uri); if (uriCachePolicy != null) { entry.webRequest.CachePolicy = uriCachePolicy; } } finally { if (fElevate) { WebPermission.RevertAssert(); } } entry.webRequest.BeginGetResponse(_responseCallback, entry); } else { _workQueue.Enqueue(entry); // Signal _waitEvent.Set(); } }