public static ICrossDomainPolicy BuildFlashPolicy(HttpWebResponse response)
        {
            ICrossDomainPolicy policy = null;

            if ((response.StatusCode == HttpStatusCode.OK) && CheckContentType(response.ContentType))
            {
                try {
                    policy = FlashCrossDomainPolicy.FromStream(response.GetResponseStream());
                } catch (Exception ex) {
                    Console.WriteLine(String.Format("CrossDomainAccessManager caught an exception while reading {0}: {1}",
                                                    response.ResponseUri, ex));
                    // and ignore.
                }
                if (policy != null)
                {
                    // see DRT# 864 and 865
                    string site_control = response.InternalHeaders ["X-Permitted-Cross-Domain-Policies"];
                    if (!String.IsNullOrEmpty(site_control))
                    {
                        (policy as FlashCrossDomainPolicy).SiteControl = site_control;
                    }
                }
            }

            // the flash policy was the last chance, keep a NoAccess into the cache
            if (policy == null)
            {
                policy = no_access_policy;
            }

            AddPolicy(response.ResponseUri, policy);
            return(policy);
        }
		static public ICrossDomainPolicy FromStream (Stream stream)
		{
			FlashCrossDomainPolicy cdp = new FlashCrossDomainPolicy ();

			// Silverlight accepts whitespaces before the XML - which is invalid XML
			StreamReader sr = new StreamReader (stream);
			while (Char.IsWhiteSpace ((char) sr.Peek ()))
				sr.Read ();

			XmlReaderSettings policy_settings = new XmlReaderSettings ();
			policy_settings.DtdProcessing = DtdProcessing.Ignore;
			using (XmlReader reader = XmlReader.Create (sr, policy_settings)) {

				reader.MoveToContent ();
				if (reader.HasAttributes || reader.IsEmptyElement) {
					reader.Skip ();
					return null;
				}

				while (!reader.EOF) {
					reader.ReadStartElement ("cross-domain-policy", String.Empty);
					for (reader.MoveToContent (); reader.NodeType != XmlNodeType.EndElement; reader.MoveToContent ()) {
						if (reader.NodeType != XmlNodeType.Element) {
							reader.Skip ();
							continue;
						}

						switch (reader.LocalName) {
						case "site-control":
							cdp.SiteControl = GetSiteControl (reader);
							reader.Skip ();
							break;
						case "allow-access-from":
							var a = CreateAllowAccessFrom (reader);
							cdp.AllowedAccesses.Add (a);
							reader.Skip ();
							break;
						case "allow-http-request-headers-from":
							var h = CreateAllowHttpRequestHeadersFrom (reader);
							cdp.AllowedHttpRequestHeaders.Add (h);
							reader.Skip ();
							break;
						default:
							reader.Skip ();
							return null;
						}
					}
					reader.ReadEndElement ();
					reader.MoveToContent ();
				}
			}

			// if none supplied set a default for headers
			if (cdp.AllowedHttpRequestHeaders.Count == 0) {
				var h = new AllowHttpRequestHeadersFrom () { Domain = "*", Secure = true };
				h.Headers.SetHeaders (null); // defaults
				cdp.AllowedHttpRequestHeaders.Add (h);
			}
			return cdp;
		}
示例#3
0
        static public ICrossDomainPolicy FromStream(Stream stream)
        {
            FlashCrossDomainPolicy cdp = new FlashCrossDomainPolicy();

            // Silverlight accepts whitespaces before the XML - which is invalid XML
            StreamReader sr = new StreamReader(stream);

            while (Char.IsWhiteSpace((char)sr.Peek()))
            {
                sr.Read();
            }

            XmlReaderSettings policy_settings = new XmlReaderSettings();

            policy_settings.DtdProcessing = DtdProcessing.Ignore;
            using (XmlReader reader = XmlReader.Create(sr, policy_settings)) {
                reader.MoveToContent();
                if (reader.HasAttributes || reader.IsEmptyElement)
                {
                    reader.Skip();
                    return(null);
                }

                while (!reader.EOF)
                {
                    reader.ReadStartElement("cross-domain-policy", String.Empty);
                    for (reader.MoveToContent(); reader.NodeType != XmlNodeType.EndElement; reader.MoveToContent())
                    {
                        if (reader.NodeType != XmlNodeType.Element)
                        {
                            throw new XmlException(String.Format("Unexpected cross-domain-policy content: {0}", reader.NodeType));
                        }
                        switch (reader.LocalName)
                        {
                        case "site-control":
                            cdp.SiteControl = GetSiteControl(reader);
                            reader.Skip();
                            break;

                        case "allow-access-from":
                            var a = CreateAllowAccessFrom(reader);
                            cdp.AllowedAccesses.Add(a);
                            reader.Skip();
                            break;

                        case "allow-http-request-headers-from":
                            var h = CreateAllowHttpRequestHeadersFrom(reader);
                            cdp.AllowedHttpRequestHeaders.Add(h);
                            reader.Skip();
                            break;

                        default:
                            reader.Skip();
                            return(null);
                        }
                    }
                    reader.ReadEndElement();
                    reader.MoveToContent();
                }
            }

            // if none supplied set a default for headers
            if (cdp.AllowedHttpRequestHeaders.Count == 0)
            {
                var h = new AllowHttpRequestHeadersFrom()
                {
                    Domain = "*", Secure = true
                };
                h.Headers.SetHeaders(null);                  // defaults
                cdp.AllowedHttpRequestHeaders.Add(h);
            }
            return(cdp);
        }