Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
549 lines (475 sloc) 42.6 KB
<Type Name="XmlSecureResolver" FullName="System.Xml.XmlSecureResolver">
<TypeSignature Language="C#" Value="public class XmlSecureResolver : System.Xml.XmlResolver" />
<TypeSignature Language="ILAsm" Value=".class public auto ansi beforefieldinit XmlSecureResolver extends System.Xml.XmlResolver" />
<TypeSignature Language="DocId" Value="T:System.Xml.XmlSecureResolver" />
<TypeSignature Language="VB.NET" Value="Public Class XmlSecureResolver&#xA;Inherits XmlResolver" />
<TypeSignature Language="C++ CLI" Value="public ref class XmlSecureResolver : System::Xml::XmlResolver" />
<TypeSignature Language="F#" Value="type XmlSecureResolver = class&#xA; inherit XmlResolver" />
<AssemblyInfo>
<AssemblyName>System.Xml</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Xml.ReaderWriter</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Base>
<BaseTypeName>System.Xml.XmlResolver</BaseTypeName>
</Base>
<Interfaces />
<Docs>
<summary>Helps to secure another implementation of <see cref="T:System.Xml.XmlResolver" /> by wrapping the <see cref="T:System.Xml.XmlResolver" /> object and restricting the resources that the underlying <see cref="T:System.Xml.XmlResolver" /> has access to.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
The <xref:System.Xml.XmlUrlResolver> class is the default resolver for all classes in the <xref:System.Xml> namespace. It is used to load XML documents and to resolve external resources such as entities, DTDs or schemas, and import or include directives.
You can override this default by specifying the <xref:System.Xml.XmlResolver> object to use. For example, if you want to restrict the resources that the underlying <xref:System.Xml.XmlResolver> can access, you can use an <xref:System.Xml.XmlSecureResolver> object.
<xref:System.Xml.XmlSecureResolver> wraps around a concrete implementation of <xref:System.Xml.XmlResolver> and restricts the resources that the underlying <xref:System.Xml.XmlResolver> has access to. For example, <xref:System.Xml.XmlSecureResolver> has the ability to prohibit cross-domain redirection, which occurs from an embedded Uniform Resource Identifier (URI) reference.
When you construct an <xref:System.Xml.XmlSecureResolver> object, you provide a valid <xref:System.Xml.XmlResolver> implementation along with a URL, an instance of an evidence object, or a permission set, which is used by the <xref:System.Xml.XmlSecureResolver> to determine security. Either a <xref:System.Security.PermissionSet?displayProperty=nameWithType> is generated or the existing one is used and <xref:System.Security.PermissionSet.PermitOnly%2A?displayProperty=nameWithType> is called on it to help secure the underlying <xref:System.Xml.XmlResolver>.
> [!IMPORTANT]
> <xref:System.Xml.XmlSecureResolver> objects can contain sensitive information such as user credentials. You should be careful when caching <xref:System.Xml.XmlSecureResolver> objects and should not pass the <xref:System.Xml.XmlSecureResolver> object to an untrusted component.
> [!IMPORTANT]
> There are differences in the security infrastructure for code running on the .NET Framework common language runtime (CLR) and for code running on the CLR that is integrated within Microsoft SQL Server 2005. This can lead to cases where code developed for the .NET Framework CLR operates differently when used on the SQL Server integrated CLR. One of these differences affects the <xref:System.Xml.XmlSecureResolver> class when you have evidence that is based on a URL (that is, when you use the <xref:System.Xml.XmlSecureResolver.CreateEvidenceForUrl%28System.String%29> method or the <xref:System.Xml.XmlSecureResolver.%23ctor%2A> constructor). The policy resolution mechanism of the SQL Server integrated CLR does not use the <xref:System.Security.Policy.Url> or <xref:System.Security.Policy.Zone> information. Instead, it grants permissions based on the GUID that the server adds when assemblies are loaded. When you use the <xref:System.Xml.XmlSecureResolver> in the SQL Server integrated CLR, provide any required evidence directly by using a specified <xref:System.Security.PermissionSet>.
## To use a secure resolver
1. Create an <xref:System.Xml.XmlSecureResolver> with the correct permission set.
2. Create an <xref:System.Xml.XmlReaderSettings> object that uses the <xref:System.Xml.XmlSecureResolver> object.
[!code-csharp[XmlSecureResolver_Samples#5a](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#5a)]
[!code-vb[XmlSecureResolver_Samples#5a](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#5a)]
3. Pass the <xref:System.Xml.XmlReaderSettings> object to the <xref:System.Xml.XmlReader.Create%2A> method when you're creating the <xref:System.Xml.XmlReader> object.
[!code-csharp[XmlSecureResolver_Samples#5b](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#5b)]
[!code-vb[XmlSecureResolver_Samples#5b](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#5b)]
## To restrict access by using a URL
Use the <xref:System.Xml.XmlSecureResolver.%23ctor%28System.Xml.XmlResolver%2CSystem.String%29> constructor to create an <xref:System.Xml.XmlSecureResolver> object that is allowed to access your local intranet site only.
[!code-csharp[XmlSecureResolver_Samples#3](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#3)]
[!code-vb[XmlSecureResolver_Samples#3](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#3)]
## To restrict access by using a permission set
1. Create a <xref:System.Net.WebPermission> object.
[!code-csharp[XmlSecureResolver_Samples#4a](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#4a)]
[!code-vb[XmlSecureResolver_Samples#4a](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#4a)]
2. Specify the URLs that you want to allow access to.
[!code-csharp[XmlSecureResolver_Samples#4b](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#4b)]
[!code-vb[XmlSecureResolver_Samples#4b](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#4b)]
3. Add the web permissions to the <xref:System.Security.PermissionSet> object.
[!code-csharp[XmlSecureResolver_Samples#4c](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#4c)]
[!code-vb[XmlSecureResolver_Samples#4c](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#4c)]
4. Use the <xref:System.Xml.XmlSecureResolver.%23ctor%28System.Xml.XmlResolver%2CSystem.Security.PermissionSet%29> constructor to create an <xref:System.Xml.XmlSecureResolver> object by using the permission set.
[!code-csharp[XmlSecureResolver_Samples#4d](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#4d)]
[!code-vb[XmlSecureResolver_Samples#4d](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#4d)]
See the <xref:System.Xml.XmlSecureResolver.%23ctor%2A> reference page for another example.
## To restrict access by using evidence
You can restrict access by using the <xref:System.Xml.XmlSecureResolver.%23ctor%28System.Xml.XmlResolver%2CSystem.Security.Policy.Evidence%29> constructor and specifying <xref:System.Security.Policy.Evidence>. The <xref:System.Security.Policy.Evidence> is used to create the <xref:System.Security.PermissionSet> that is applied to the underlying <xref:System.Xml.XmlResolver>. The <xref:System.Xml.XmlSecureResolver> calls <xref:System.Security.PermissionSet.PermitOnly%2A> on the created <xref:System.Security.PermissionSet> before opening any resources.
Here are some common scenarios and the type of evidence to provide for each:
- If you are working in a fully trusted environment, use your assembly to create the evidence:
[!code-csharp[XmlSecureResolver_Samples#1](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#1)]
[!code-vb[XmlSecureResolver_Samples#1](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#1)]
- If you are working in a semi-trusted environment, you have code or data coming from an outside source, and you know the origin of the outside source and have a verifiable URI, use the URI to create the evidence:
[!code-csharp[XmlSecureResolver_Samples#2](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#2)]
[!code-vb[XmlSecureResolver_Samples#2](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#2)]
- If you are working in a semi-trusted environment and you have code or data coming from an outside source, but you don't know the origin of the outside source, either:
Set the `evidence` parameter to `null`. This allows no access to resources.
-or-
If your application requires some access to resources, request evidence from the caller.
## To use the secure resolver to load an XSLT style sheet
1. Create an <xref:System.Xml.XmlSecureResolver> with the correct permission set.
2. Pass the <xref:System.Xml.XmlSecureResolver> to the <xref:System.Xml.Xsl.XslCompiledTransform.Load%2A> method.
[!code-csharp[XmlSecureResolver_Samples#6](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#6)]
[!code-vb[XmlSecureResolver_Samples#6](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#6)]
]]></format>
</remarks>
<block subset="none" type="overrides">
<para>This class has an inheritance demand. Full trust is required to inherit from the <see cref="T:System.Xml.XmlSecureResolver" /> class.</para>
</block>
</Docs>
<Members>
<MemberGroup MemberName=".ctor">
<AssemblyInfo>
<AssemblyName>System.Xml</AssemblyName>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<Docs>
<summary>Initializes a new instance of the <see cref="T:System.Xml.XmlSecureResolver" /> class.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
The three constructors provide three types of access restrictions:
- The <xref:System.Xml.XmlSecureResolver.%23ctor%28System.Xml.XmlResolver%2CSystem.String%29> constructor restricts access by using a URL.
- The <xref:System.Xml.XmlSecureResolver.%23ctor%28System.Xml.XmlResolver%2CSystem.Security.PermissionSet%29> constructor restricts access by using a permission set.
- The <xref:System.Xml.XmlSecureResolver.%23ctor%28System.Xml.XmlResolver%2CSystem.Security.Policy.Evidence%29> constructor restricts access by using evidence.
See the constructor reference topics for examples of these types of restrictions.
]]></format>
</remarks>
</Docs>
</MemberGroup>
<Member MemberName=".ctor">
<MemberSignature Language="C#" Value="public XmlSecureResolver (System.Xml.XmlResolver resolver, System.Security.PermissionSet permissionSet);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig specialname rtspecialname instance void .ctor(class System.Xml.XmlResolver resolver, class System.Security.PermissionSet permissionSet) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Xml.XmlSecureResolver.#ctor(System.Xml.XmlResolver,System.Security.PermissionSet)" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::Security::PermissionSet ^ permissionSet);" />
<MemberSignature Language="F#" Value="new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * System.Security.PermissionSet -&gt; System.Xml.XmlSecureResolver" Usage="new System.Xml.XmlSecureResolver (resolver, permissionSet)" />
<MemberType>Constructor</MemberType>
<AssemblyInfo>
<AssemblyName>System.Xml</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Xml.ReaderWriter</AssemblyName>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
</AssemblyInfo>
<Attributes>
<Attribute FrameworkAlternate="netframework-4.0">
<AttributeName>System.Runtime.TargetedPatchingOptOut("Performance critical to inline this type of method across NGen image boundaries")</AttributeName>
</Attribute>
</Attributes>
<Parameters>
<Parameter Name="resolver" Type="System.Xml.XmlResolver" Index="0" FrameworkAlternate="netframework-1.1;netframework-2.0;netframework-3.0;netframework-3.5;netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0" />
<Parameter Name="permissionSet" Type="System.Security.PermissionSet" Index="1" FrameworkAlternate="netframework-1.1;netframework-2.0;netframework-3.0;netframework-3.5;netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0" />
</Parameters>
<Docs>
<param name="resolver">The XML resolver that is wrapped by the <see cref="T:System.Xml.XmlSecureResolver" />.</param>
<param name="permissionSet">The permission set to apply to the underlying <see cref="T:System.Xml.XmlResolver" />. The <see cref="T:System.Xml.XmlSecureResolver" /> calls the <see cref="M:System.Security.PermissionSet.PermitOnly" /> method on the permission set before calling the <see cref="M:System.Xml.XmlSecureResolver.GetEntity(System.Uri,System.String,System.Type)" /> method on the underlying XML resolver.</param>
<summary>Initializes a new instance of the <see cref="T:System.Xml.XmlSecureResolver" /> class with the <see cref="T:System.Xml.XmlResolver" /> and <see cref="T:System.Security.PermissionSet" /> specified.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Examples
The following example constructs an <xref:System.Xml.XmlSecureResolver> object by using a customized permission set.
[!code-cpp[XmlSecureResolver.cctor#1](~/samples/snippets/cpp/VS_Snippets_Data/XmlSecureResolver.cctor/CPP/secresolver.cpp#1)]
[!code-csharp[XmlSecureResolver.cctor#1](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver.cctor/CS/secresolver.cs#1)]
[!code-vb[XmlSecureResolver.cctor#1](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver.cctor/VB/secresolver.vb#1)]
]]></format>
</remarks>
<altmember cref="M:System.Xml.XmlSecureResolver.CreateEvidenceForUrl(System.String)" />
<altmember cref="T:System.Security.Policy.Evidence" />
<altmember cref="T:System.Net.WebPermission" />
<altmember cref="T:System.Security.SecurityManager" />
</Docs>
</Member>
<Member MemberName=".ctor">
<MemberSignature Language="C#" Value="public XmlSecureResolver (System.Xml.XmlResolver resolver, System.Security.Policy.Evidence evidence);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig specialname rtspecialname instance void .ctor(class System.Xml.XmlResolver resolver, class System.Security.Policy.Evidence evidence) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Xml.XmlSecureResolver.#ctor(System.Xml.XmlResolver,System.Security.Policy.Evidence)" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::Security::Policy::Evidence ^ evidence);" />
<MemberSignature Language="F#" Value="new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * System.Security.Policy.Evidence -&gt; System.Xml.XmlSecureResolver" Usage="new System.Xml.XmlSecureResolver (resolver, evidence)" />
<MemberType>Constructor</MemberType>
<AssemblyInfo>
<AssemblyName>System.Xml</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Xml.ReaderWriter</AssemblyName>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
</AssemblyInfo>
<Parameters>
<Parameter Name="resolver" Type="System.Xml.XmlResolver" Index="0" FrameworkAlternate="netframework-1.1;netframework-2.0;netframework-3.0;netframework-3.5;netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0" />
<Parameter Name="evidence" Type="System.Security.Policy.Evidence" Index="1" FrameworkAlternate="netframework-1.1;netframework-2.0;netframework-3.0;netframework-3.5;netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0" />
</Parameters>
<Docs>
<param name="resolver">The XML resolver that is wrapped by the <see cref="T:System.Xml.XmlSecureResolver" />.</param>
<param name="evidence">The evidence used to create the <see cref="T:System.Security.PermissionSet" /> that will be applied to the underlying <see cref="T:System.Xml.XmlResolver" />. The <see cref="T:System.Xml.XmlSecureResolver" /> calls the <see cref="M:System.Security.PermissionSet.PermitOnly" /> method on the created <see cref="T:System.Security.PermissionSet" /> before calling <see cref="M:System.Xml.XmlSecureResolver.GetEntity(System.Uri,System.String,System.Type)" /> on the underlying <see cref="T:System.Xml.XmlResolver" />.</param>
<summary>Initializes a new instance of the <see cref="T:System.Xml.XmlSecureResolver" /> class with the <see cref="T:System.Xml.XmlResolver" /> and <see cref="T:System.Security.Policy.Evidence" /> specified.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
Here are some possible scenarios and the type of evidence to provide for each scenario:
- If you are working in a fully trusted environment, use your assembly to create the evidence:
[!code-csharp[XmlSecureResolver_Samples#1](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#1)]
[!code-vb[XmlSecureResolver_Samples#1](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#1)]
- If you are working in a semi-trusted environment, you have code or data coming from an outside source, and you know the origin of the outside source and have a verifiable URI, use the URI to create the evidence:
[!code-csharp[XmlSecureResolver_Samples#2](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#2)]
[!code-vb[XmlSecureResolver_Samples#2](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#2)]
- If you are working in a semi-trusted environment and you have code or data coming from an outside source, but you don't know the origin of the outside source, either:
Set the `evidence` parameter to `null`. This allows no access to resources.
-or-
If your application requires some access to resources, request evidence from the caller.
]]></format>
</remarks>
</Docs>
</Member>
<Member MemberName=".ctor">
<MemberSignature Language="C#" Value="public XmlSecureResolver (System.Xml.XmlResolver resolver, string securityUrl);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig specialname rtspecialname instance void .ctor(class System.Xml.XmlResolver resolver, string securityUrl) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Xml.XmlSecureResolver.#ctor(System.Xml.XmlResolver,System.String)" />
<MemberSignature Language="VB.NET" Value="Public Sub New (resolver As XmlResolver, securityUrl As String)" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; XmlSecureResolver(System::Xml::XmlResolver ^ resolver, System::String ^ securityUrl);" />
<MemberSignature Language="F#" Value="new System.Xml.XmlSecureResolver : System.Xml.XmlResolver * string -&gt; System.Xml.XmlSecureResolver" Usage="new System.Xml.XmlSecureResolver (resolver, securityUrl)" />
<MemberType>Constructor</MemberType>
<AssemblyInfo>
<AssemblyName>System.Xml</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Xml.ReaderWriter</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<Parameters>
<Parameter Name="resolver" Type="System.Xml.XmlResolver" />
<Parameter Name="securityUrl" Type="System.String" />
</Parameters>
<Docs>
<param name="resolver">The XML resolver that is wrapped by the <see cref="T:System.Xml.XmlSecureResolver" />.</param>
<param name="securityUrl">The URL used to create the <see cref="T:System.Security.PermissionSet" /> that will be applied to the underlying <see cref="T:System.Xml.XmlResolver" />. The <see cref="T:System.Xml.XmlSecureResolver" /> calls <see cref="M:System.Security.PermissionSet.PermitOnly" /> on the created <see cref="T:System.Security.PermissionSet" /> before calling <see cref="M:System.Xml.XmlSecureResolver.GetEntity(System.Uri,System.String,System.Type)" /> on the underlying <see cref="T:System.Xml.XmlResolver" />.</param>
<summary>Initializes a new instance of the <see cref="T:System.Xml.XmlSecureResolver" /> class with the <see cref="T:System.Xml.XmlResolver" /> and URL provided.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
> [!IMPORTANT]
> There are differences in the security infrastructure for code running on the .NET Framework common language runtime (CLR) and for code running on the CLR that is integrated within Microsoft SQL Server 2005. This can lead to cases where code developed for the .NET Framework CLR operates differently when used on the SQL Server integrated CLR. One of these differences affects the <xref:System.Xml.XmlSecureResolver> class when you have evidence that is based on a URL (that is, when you use the <xref:System.Xml.XmlSecureResolver.CreateEvidenceForUrl%2A> method or the <xref:System.Xml.XmlSecureResolver.%23ctor%28System.Xml.XmlResolver%2CSystem.String%29> constructor). The policy resolution mechanism of the SQL Server integrated CLR does not use the <xref:System.Security.Policy.Url> or <xref:System.Security.Policy.Zone> information. Instead, it grants permissions based on the GUID that the server adds when assemblies are loaded. When you use the <xref:System.Xml.XmlSecureResolver> in the SQL Server integrated CLR, provide any required evidence directly by using a specified <xref:System.Security.PermissionSet>.
## Examples
This example uses the <xref:System.Xml.XmlSecureResolver.%23ctor%28System.Xml.XmlResolver%2CSystem.String%29> constructor to create an <xref:System.Xml.XmlSecureResolver> object that is allowed to access your local intranet site only.
[!code-csharp[XmlSecureResolver_Samples#3](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver_Samples/CS/XmlSecureResolver_ex.cs#3)]
[!code-vb[XmlSecureResolver_Samples#3](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver_Samples/VB/XmlSecureResolver_ex.vb#3)]
]]></format>
</remarks>
</Docs>
</Member>
<Member MemberName="CreateEvidenceForUrl">
<MemberSignature Language="C#" Value="public static System.Security.Policy.Evidence CreateEvidenceForUrl (string securityUrl);" />
<MemberSignature Language="ILAsm" Value=".method public static hidebysig class System.Security.Policy.Evidence CreateEvidenceForUrl(string securityUrl) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Xml.XmlSecureResolver.CreateEvidenceForUrl(System.String)" />
<MemberSignature Language="VB.NET" Value="Public Shared Function CreateEvidenceForUrl (securityUrl As String) As Evidence" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; static System::Security::Policy::Evidence ^ CreateEvidenceForUrl(System::String ^ securityUrl);" />
<MemberSignature Language="F#" Value="static member CreateEvidenceForUrl : string -&gt; System.Security.Policy.Evidence" Usage="System.Xml.XmlSecureResolver.CreateEvidenceForUrl securityUrl" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Xml</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Xml.ReaderWriter</AssemblyName>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Security.Policy.Evidence</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="securityUrl" Type="System.String" Index="0" FrameworkAlternate="netframework-1.1;netframework-2.0;netframework-3.0;netframework-3.5;netframework-4.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0" />
</Parameters>
<Docs>
<param name="securityUrl">The URL used to create the evidence.</param>
<summary>Creates evidence using the supplied URL.</summary>
<returns>The evidence generated from the supplied URL as defined by the default policy.</returns>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
> [!IMPORTANT]
> There are differences in the security infrastructure for code running on the .NET Framework common language runtime (CLR) and for code running on the CLR that is integrated within Microsoft SQL Server 2005. This can lead to cases where code developed for the .NET Framework CLR operates differently when used on the SQL Server integrated CLR. One of these differences affects the <xref:System.Xml.XmlSecureResolver> class when you have evidence that is based on a URL (that is, when you use the <xref:System.Xml.XmlSecureResolver.CreateEvidenceForUrl%2A> method or the <xref:System.Xml.XmlSecureResolver.%23ctor%28System.Xml.XmlResolver%2CSystem.String%29> constructor). The policy resolution mechanism of the SQL Server integrated CLR doesn't use the <xref:System.Security.Policy.Url> or <xref:System.Security.Policy.Zone> information. Instead, it grants permissions based on the GUID that the server adds when assemblies are loaded. When you use the <xref:System.Xml.XmlSecureResolver> in the SQL Server integrated CLR, provide any required evidence directly by using a specified <xref:System.Security.PermissionSet>.
]]></format>
</remarks>
</Docs>
</Member>
<Member MemberName="Credentials">
<MemberSignature Language="C#" Value="public override System.Net.ICredentials Credentials { set; }" />
<MemberSignature Language="ILAsm" Value=".property instance class System.Net.ICredentials Credentials" />
<MemberSignature Language="DocId" Value="P:System.Xml.XmlSecureResolver.Credentials" />
<MemberSignature Language="VB.NET" Value="Public Overrides Property Credentials As ICredentials" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; virtual property System::Net::ICredentials ^ Credentials { void set(System::Net::ICredentials ^ value); };" />
<MemberSignature Language="F#" Value="member this.Credentials : System.Net.ICredentials" Usage="System.Xml.XmlSecureResolver.Credentials" />
<MemberType>Property</MemberType>
<AssemblyInfo>
<AssemblyName>System.Xml</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Xml.ReaderWriter</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Net.ICredentials</ReturnType>
</ReturnValue>
<Docs>
<summary>Sets credentials used to authenticate web requests.</summary>
<value>The credentials to be used to authenticate web requests. The <see cref="T:System.Xml.XmlSecureResolver" /> sets the given credentials on the underlying <see cref="T:System.Xml.XmlResolver" />. If this property is not set, the value defaults to <see langword="null" />; that is, the <see cref="T:System.Xml.XmlSecureResolver" /> has no user credentials.</value>
<remarks>
<format type="text/markdown"><![CDATA[
## Examples
The following example uses an <xref:System.Xml.XmlSecureResolver> with default credentials to resolve and open network resources needed by the <xref:System.Xml.XmlTextReader>.
[!code-cpp[XmlSecureResolver.Credentials#1](~/samples/snippets/cpp/VS_Snippets_Data/XmlSecureResolver.Credentials/CPP/secresolver2.cpp#1)]
[!code-csharp[XmlSecureResolver.Credentials#1](~/samples/snippets/csharp/VS_Snippets_Data/XmlSecureResolver.Credentials/CS/secresolver2.cs#1)]
[!code-vb[XmlSecureResolver.Credentials#1](~/samples/snippets/visualbasic/VS_Snippets_Data/XmlSecureResolver.Credentials/VB/secresolver2.vb#1)]
]]></format>
</remarks>
<altmember cref="T:System.Net.NetworkCredential" />
<altmember cref="T:System.Net.CredentialCache" />
<altmember cref="P:System.Net.CredentialCache.DefaultCredentials" />
</Docs>
</Member>
<Member MemberName="GetEntity">
<MemberSignature Language="C#" Value="public override object GetEntity (Uri absoluteUri, string role, Type ofObjectToReturn);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig virtual instance object GetEntity(class System.Uri absoluteUri, string role, class System.Type ofObjectToReturn) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Xml.XmlSecureResolver.GetEntity(System.Uri,System.String,System.Type)" />
<MemberSignature Language="VB.NET" Value="Public Overrides Function GetEntity (absoluteUri As Uri, role As String, ofObjectToReturn As Type) As Object" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; override System::Object ^ GetEntity(Uri ^ absoluteUri, System::String ^ role, Type ^ ofObjectToReturn);" />
<MemberSignature Language="F#" Value="override this.GetEntity : Uri * string * Type -&gt; obj" Usage="xmlSecureResolver.GetEntity (absoluteUri, role, ofObjectToReturn)" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Xml</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Xml.ReaderWriter</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Object</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="absoluteUri" Type="System.Uri" />
<Parameter Name="role" Type="System.String" />
<Parameter Name="ofObjectToReturn" Type="System.Type" />
</Parameters>
<Docs>
<param name="absoluteUri">The URI that is returned from <see cref="M:System.Xml.XmlSecureResolver.ResolveUri(System.Uri,System.String)" />.</param>
<param name="role">Currently not used.</param>
<param name="ofObjectToReturn">The type of object to return. The current version only returns <see cref="T:System.IO.Stream" /> objects.</param>
<summary>Maps a URI to an object that contains the actual resource. This method temporarily sets the <see cref="T:System.Security.PermissionSet" /> created in the constructor by calling <see cref="M:System.Security.PermissionSet.PermitOnly" /> before calling <see langword="GetEntity" /> on the underlying <see cref="T:System.Xml.XmlResolver" /> to open the resource.</summary>
<returns>The stream returned by calling <see langword="GetEntity" /> on the underlying <see cref="T:System.Xml.XmlResolver" />. If a type other than <see cref="T:System.IO.Stream" /> is specified, the method returns <see langword="null" />.</returns>
<remarks>
<format type="text/markdown"><![CDATA[
## Remarks
> [!IMPORTANT]
> Your application can mitigate memory denial of service threats to the <xref:System.Xml.XmlSecureResolver.GetEntity%2A> method by implementing an <xref:System.Runtime.InteropServices.ComTypes.IStream> that limits the number of bytes read. This helps guard against situations where malicious code attempts to pass an infinite stream of bytes to the <xref:System.Xml.XmlSecureResolver.GetEntity%2A> method.
]]></format>
</remarks>
<exception cref="T:System.Xml.XmlException">
<paramref name="ofObjectToReturn" /> is neither <see langword="null" /> nor a <see cref="T:System.IO.Stream" /> type.</exception>
<exception cref="T:System.UriFormatException">The specified URI is not an absolute URI.</exception>
<exception cref="T:System.NullReferenceException">
<paramref name="absoluteUri" /> is <see langword="null" />.</exception>
<exception cref="T:System.Exception">There is a runtime error (for example, an interrupted server connection).</exception>
</Docs>
</Member>
<Member MemberName="GetEntityAsync">
<MemberSignature Language="C#" Value="public override System.Threading.Tasks.Task&lt;object&gt; GetEntityAsync (Uri absoluteUri, string role, Type ofObjectToReturn);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig virtual instance class System.Threading.Tasks.Task`1&lt;object&gt; GetEntityAsync(class System.Uri absoluteUri, string role, class System.Type ofObjectToReturn) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Xml.XmlSecureResolver.GetEntityAsync(System.Uri,System.String,System.Type)" />
<MemberSignature Language="VB.NET" Value="Public Overrides Function GetEntityAsync (absoluteUri As Uri, role As String, ofObjectToReturn As Type) As Task(Of Object)" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; override System::Threading::Tasks::Task&lt;System::Object ^&gt; ^ GetEntityAsync(Uri ^ absoluteUri, System::String ^ role, Type ^ ofObjectToReturn);" />
<MemberSignature Language="F#" Value="override this.GetEntityAsync : Uri * string * Type -&gt; System.Threading.Tasks.Task&lt;obj&gt;" Usage="xmlSecureResolver.GetEntityAsync (absoluteUri, role, ofObjectToReturn)" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Xml</AssemblyName>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Xml.ReaderWriter</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Threading.Tasks.Task&lt;System.Object&gt;</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="absoluteUri" Type="System.Uri" Index="0" FrameworkAlternate="netcore-2.0;netcore-2.1;netcore-2.2;netcore-3.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netstandard-2.0;netstandard-2.1;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0" />
<Parameter Name="role" Type="System.String" Index="1" FrameworkAlternate="netcore-2.0;netcore-2.1;netcore-2.2;netcore-3.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netstandard-2.0;netstandard-2.1;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0" />
<Parameter Name="ofObjectToReturn" Type="System.Type" Index="2" FrameworkAlternate="netcore-2.0;netcore-2.1;netcore-2.2;netcore-3.0;netframework-4.5;netframework-4.5.1;netframework-4.5.2;netframework-4.6;netframework-4.6.1;netframework-4.6.2;netframework-4.7;netframework-4.7.1;netframework-4.7.2;netframework-4.8;netstandard-2.0;netstandard-2.1;xamarinandroid-7.1;xamarinios-10.8;xamarinmac-3.0" />
</Parameters>
<Docs>
<param name="absoluteUri">The URI returned from <see cref="M:System.Xml.XmlSecureResolver.ResolveUri(System.Uri,System.String)" />.</param>
<param name="role">Currently not used.</param>
<param name="ofObjectToReturn">The type of object to return. The current version only returns <see cref="T:System.IO.Stream" /> objects.</param>
<summary>Asynchronously maps a URI to an object that contains the actual resource.</summary>
<returns>The stream returned by calling <see langword="GetEntity" /> on the underlying <see cref="T:System.Xml.XmlResolver" />. If a type other than <see cref="T:System.IO.Stream" /> is specified, the method returns <see langword="null" />.</returns>
<remarks>To be added.</remarks>
</Docs>
</Member>
<Member MemberName="ResolveUri">
<MemberSignature Language="C#" Value="public override Uri ResolveUri (Uri baseUri, string relativeUri);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig virtual instance class System.Uri ResolveUri(class System.Uri baseUri, string relativeUri) cil managed" />
<MemberSignature Language="DocId" Value="M:System.Xml.XmlSecureResolver.ResolveUri(System.Uri,System.String)" />
<MemberSignature Language="VB.NET" Value="Public Overrides Function ResolveUri (baseUri As Uri, relativeUri As String) As Uri" />
<MemberSignature Language="C++ CLI" Value="public:&#xA; override Uri ^ ResolveUri(Uri ^ baseUri, System::String ^ relativeUri);" />
<MemberSignature Language="F#" Value="override this.ResolveUri : Uri * string -&gt; Uri" Usage="xmlSecureResolver.ResolveUri (baseUri, relativeUri)" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>System.Xml</AssemblyName>
<AssemblyVersion>1.0.5000.0</AssemblyVersion>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.0.5.0</AssemblyVersion>
<AssemblyVersion>4.0.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>netstandard</AssemblyName>
<AssemblyVersion>2.0.0.0</AssemblyVersion>
<AssemblyVersion>2.1.0.0</AssemblyVersion>
</AssemblyInfo>
<AssemblyInfo>
<AssemblyName>System.Xml.ReaderWriter</AssemblyName>
<AssemblyVersion>4.2.0.0</AssemblyVersion>
<AssemblyVersion>4.2.1.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Uri</ReturnType>
</ReturnValue>
<Parameters>
<Parameter Name="baseUri" Type="System.Uri" />
<Parameter Name="relativeUri" Type="System.String" />
</Parameters>
<Docs>
<param name="baseUri">The base URI used to resolve the relative URI.</param>
<param name="relativeUri">The URI to resolve. The URI can be absolute or relative. If absolute, this value effectively replaces the <paramref name="baseUri" /> value. If relative, it combines with the <paramref name="baseUri" /> to make an absolute URI.</param>
<summary>Resolves the absolute URI from the base and relative URIs by calling <see langword="ResolveUri" /> on the underlying <see cref="T:System.Xml.XmlResolver" />.</summary>
<returns>The absolute URI or <see langword="null" /> if the relative URI cannot be resolved (returned by calling <see langword="ResolveUri" /> on the underlying <see cref="T:System.Xml.XmlResolver" />).</returns>
<remarks>To be added.</remarks>
<exception cref="T:System.ArgumentException">
<paramref name="relativeUri" /> is <see langword="null" />.</exception>
</Docs>
</Member>
</Members>
</Type>
You can’t perform that action at this time.