Code:
/ Dotnetfx_Win7_3.5.1 / Dotnetfx_Win7_3.5.1 / 3.5.1 / DEVDIV / depot / DevDiv / releases / Orcas / NetFXw7 / wpf / src / Framework / MS / Internal / AppModel / ProgressPage.cs / 1 / ProgressPage.cs
//+------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // // Description: // Deployment progress page. This is primarily a proxy to the native progress page, which supersedes // the managed one from up to v3.5. See Host\DLL\ProgressPage.hxx for details. // // History: // 2007/12/xx ChangoV Created // //----------------------------------------------------------------------- using System; using System.Runtime.InteropServices; using System.Windows.Interop; using System.Windows.Threading; using System.Security; namespace MS.Internal.AppModel { ////// Critical due to SUC. /// Even if a partilar method is considered safe, applying [SecurityTreatAsSafe] to it here won't help /// much, because the transparency model still requires SUC-d methods to be called only from /// SecurityCritical ones. /// [ComImport, Guid("1f681651-1024-4798-af36-119bbe5e5665")] [InterfaceType(ComInterfaceType.InterfaceIsIUnknown)] [SecurityCritical, SuppressUnmanagedCodeSecurity] interface INativeProgressPage { void Show(); void Hide(); void ShowProgressMessage(string message); void SetApplicationName(string appName); void SetPublisherName(string publisherName); void OnDownloadProgress(ulong bytesDownloaded, ulong bytesTotal); }; ////// IProgressPage is public. It was introduced for the Media Center integration, which is now considered /// deprecated, but we have to support it at least for as long as we keep doing in-place upgrades. /// interface IProgressPage2 : IProgressPage { void ShowProgressMessage(string message); }; class NativeProgressPageProxy : IProgressPage2 { internal NativeProgressPageProxy(INativeProgressPage npp) { _npp = npp; } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: No concern about "spoofing" progress messages. A web site could just render an HTML /// page that looks like our progress page. /// [SecurityCritical, SecurityTreatAsSafe] public void ShowProgressMessage(string message) { _npp.ShowProgressMessage(message); } public Uri DeploymentPath { set { } get { throw new System.NotImplementedException(); } } /// /// The native progress page sends a stop/cancel request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_STOP). /// public DispatcherOperationCallback StopCallback { set { } get { throw new System.NotImplementedException(); } } ////// The native progress page sends a Refresh request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_REFRESH). /// public System.Windows.Threading.DispatcherOperationCallback RefreshCallback { set { } get { return null; } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The application name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string ApplicationName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetApplicationName(value); } get { throw new System.NotImplementedException(); } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The publisher name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string PublisherName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetPublisherName(value); } get { throw new System.NotImplementedException(); } } /// /// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: Sending even arbitrary progress updates not considered harmful. /// [SecurityCritical, SecurityTreatAsSafe] public void UpdateProgress(long bytesDownloaded, long bytesTotal) { _npp.OnDownloadProgress((ulong)bytesDownloaded, (ulong)bytesTotal); } INativeProgressPage _npp; }; } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //+------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // // Description: // Deployment progress page. This is primarily a proxy to the native progress page, which supersedes // the managed one from up to v3.5. See Host\DLL\ProgressPage.hxx for details. // // History: // 2007/12/xx ChangoV Created // //----------------------------------------------------------------------- using System; using System.Runtime.InteropServices; using System.Windows.Interop; using System.Windows.Threading; using System.Security; namespace MS.Internal.AppModel { /// /// Critical due to SUC. /// Even if a partilar method is considered safe, applying [SecurityTreatAsSafe] to it here won't help /// much, because the transparency model still requires SUC-d methods to be called only from /// SecurityCritical ones. /// [ComImport, Guid("1f681651-1024-4798-af36-119bbe5e5665")] [InterfaceType(ComInterfaceType.InterfaceIsIUnknown)] [SecurityCritical, SuppressUnmanagedCodeSecurity] interface INativeProgressPage { void Show(); void Hide(); void ShowProgressMessage(string message); void SetApplicationName(string appName); void SetPublisherName(string publisherName); void OnDownloadProgress(ulong bytesDownloaded, ulong bytesTotal); }; ////// IProgressPage is public. It was introduced for the Media Center integration, which is now considered /// deprecated, but we have to support it at least for as long as we keep doing in-place upgrades. /// interface IProgressPage2 : IProgressPage { void ShowProgressMessage(string message); }; class NativeProgressPageProxy : IProgressPage2 { internal NativeProgressPageProxy(INativeProgressPage npp) { _npp = npp; } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: No concern about "spoofing" progress messages. A web site could just render an HTML /// page that looks like our progress page. /// [SecurityCritical, SecurityTreatAsSafe] public void ShowProgressMessage(string message) { _npp.ShowProgressMessage(message); } public Uri DeploymentPath { set { } get { throw new System.NotImplementedException(); } } /// /// The native progress page sends a stop/cancel request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_STOP). /// public DispatcherOperationCallback StopCallback { set { } get { throw new System.NotImplementedException(); } } ////// The native progress page sends a Refresh request to its host object, which then calls /// IBrowserHostServices.ExecCommand(OLECMDID_REFRESH). /// public System.Windows.Threading.DispatcherOperationCallback RefreshCallback { set { } get { return null; } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The application name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string ApplicationName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetApplicationName(value); } get { throw new System.NotImplementedException(); } } ////// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: 1) The publisher name is coming from the manifest, so it could be anything. /// This means the input doesn't need to be trusted. /// 2) Setting arbitrary application/publisher can be considered spoofing, but a malicious website /// could fake the whole progress page and still achieve the same. /// public string PublisherName { [SecurityCritical, SecurityTreatAsSafe] set { _npp.SetPublisherName(value); } get { throw new System.NotImplementedException(); } } /// /// Critical: Calls a SUC'd COM interface method. /// TreatAsSafe: Sending even arbitrary progress updates not considered harmful. /// [SecurityCritical, SecurityTreatAsSafe] public void UpdateProgress(long bytesDownloaded, long bytesTotal) { _npp.OnDownloadProgress((ulong)bytesDownloaded, (ulong)bytesTotal); } INativeProgressPage _npp; }; } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- FormViewCommandEventArgs.cs
- SiteMapNodeCollection.cs
- SessionStateModule.cs
- Floater.cs
- BamlResourceContent.cs
- ImmutableDispatchRuntime.cs
- XmlTypeMapping.cs
- WebPartTransformer.cs
- PackageDigitalSignatureManager.cs
- SQLGuidStorage.cs
- DebuggerAttributes.cs
- XmlWrappingReader.cs
- StaticSiteMapProvider.cs
- CompilerResults.cs
- PartBasedPackageProperties.cs
- PreviewKeyDownEventArgs.cs
- EntityModelSchemaGenerator.cs
- MultitargetUtil.cs
- PartialTrustVisibleAssemblyCollection.cs
- DoWorkEventArgs.cs
- PolyQuadraticBezierSegment.cs
- CodeVariableDeclarationStatement.cs
- CustomError.cs
- ToolBarPanel.cs
- UnsafeNativeMethodsPenimc.cs
- DataGridColumnHeaderCollection.cs
- UnmanagedMemoryStream.cs
- LogRecordSequence.cs
- EmptyStringExpandableObjectConverter.cs
- SoapIgnoreAttribute.cs
- BroadcastEventHelper.cs
- RawStylusSystemGestureInputReport.cs
- ConcurrentQueue.cs
- LineInfo.cs
- Mapping.cs
- XmlWrappingReader.cs
- SiteMapPath.cs
- AssemblyContextControlItem.cs
- GridItem.cs
- COM2PropertyBuilderUITypeEditor.cs
- OleDbErrorCollection.cs
- DrawingBrush.cs
- AnimationStorage.cs
- XPathLexer.cs
- UnsafeNativeMethodsPenimc.cs
- LockingPersistenceProvider.cs
- XmlDomTextWriter.cs
- LingerOption.cs
- XhtmlBasicPageAdapter.cs
- UnsafeNativeMethods.cs
- CharConverter.cs
- ResumeStoryboard.cs
- Icon.cs
- RelatedPropertyManager.cs
- InvalidCastException.cs
- DBConnectionString.cs
- TextRange.cs
- securestring.cs
- EndpointFilterProvider.cs
- _KerberosClient.cs
- RoleGroupCollectionEditor.cs
- EventlogProvider.cs
- Int32AnimationBase.cs
- OleDbConnectionFactory.cs
- SHA256Managed.cs
- CommentEmitter.cs
- TemplateBamlTreeBuilder.cs
- Operator.cs
- GridViewActionList.cs
- Separator.cs
- ChangeDirector.cs
- SystemIPAddressInformation.cs
- BaseProcessor.cs
- XPathMessageFilterTable.cs
- MissingManifestResourceException.cs
- Light.cs
- DataObject.cs
- FlowLayoutPanelDesigner.cs
- EndpointDispatcherTable.cs
- CompositeScriptReferenceEventArgs.cs
- SqlConnectionPoolGroupProviderInfo.cs
- RemoteWebConfigurationHostServer.cs
- Directory.cs
- ChildDocumentBlock.cs
- XhtmlBasicCalendarAdapter.cs
- ClientScriptManager.cs
- Util.cs
- DeviceSpecificDesigner.cs
- counter.cs
- WindowsGrip.cs
- TextEditorLists.cs
- ConfigXmlElement.cs
- KeyboardNavigation.cs
- XsltFunctions.cs
- PagedDataSource.cs
- PerformanceCounter.cs
- CommentEmitter.cs
- UTF8Encoding.cs
- CompiledQueryCacheKey.cs
- KeyValueSerializer.cs