//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//------------------------------------------------------------------------------
namespace System.Web.UI.WebControls {
using System;
using System.IO;
using System.Collections;
using System.Collections.Specialized;
using System.ComponentModel;
using System.ComponentModel.Design;
using System.Diagnostics.CodeAnalysis;
using System.Drawing.Design;
using System.Globalization;
using System.Web;
using System.Web.Util;
using System.Web.UI;
using System.Web.Caching;
using System.Web.Hosting;
using System.Security.Policy;
using System.Xml;
using System.Xml.Xsl;
using System.Xml.XPath;
using System.Security.Permissions;
public class XmlBuilder : ControlBuilder {
public override void AppendLiteralString(string s) {}
public override Type GetChildControlType(string tagName, IDictionary attribs) {
return null;
}
public override bool NeedsTagInnerText() { return true; }
[SuppressMessage("Microsoft.Security", "MSEC1220:ReviewDtdProcessingAssignment", Justification = "Dtd processing is needed for back-compat, but is being done as safely as possible.")]
[SuppressMessage("Microsoft.Security.Xml", "CA3069:ReviewDtdProcessingAssignment", Justification = "Dtd processing is needed for back-compat, but is being done as safely as possible.")]
public override void SetTagInnerText(string text) {
if (!Util.IsWhiteSpaceString(text)) {
// Trim the initial whitespaces since XML is very picky (ASURT 58100)
int iFirstNonWhiteSpace = Util.FirstNonWhiteSpaceIndex(text);
string textNoWS = text.Substring(iFirstNonWhiteSpace);
// Update the line number to point to the correct line in the xml
// block (ASURT 58233).
Line += Util.LineCount(text, 0, iFirstNonWhiteSpace);
// Parse the XML here just to cause a parse error in case it is
// malformed. It will be parsed again at runtime.
XmlDocument document = new XmlDocument();
XmlReaderSettings readerSettings = XmlUtils.CreateXmlReaderSettings();
readerSettings.LineNumberOffset = Line - 1;
// VSWhidbey 546662: XmlReader has different default settings than XmlTextReader which was used in Everett
readerSettings.DtdProcessing = DtdProcessing.Parse;
readerSettings.CheckCharacters = false;
XmlReader dataReader = XmlUtils.CreateXmlReader(new StringReader(textNoWS), string.Empty, readerSettings);
try {
document.Load(dataReader);
}
catch (XmlException e) {
// Xml exception sometimes returns -1 for the line, in which case we ignore it.
if (e.LineNumber >= 0) {
Line = e.LineNumber;
}
throw;
}
base.AppendLiteralString(text);
}
}
}
///
/// [To be supplied.]
///
[
DefaultProperty("DocumentSource"),
PersistChildren(false, true),
ControlBuilderAttribute(typeof(XmlBuilder)),
Designer("System.Web.UI.Design.WebControls.XmlDesigner, " + AssemblyRef.SystemDesign)
]
public class Xml : Control {
private XPathNavigator _xpathNavigator;
private XmlDocument _document;
private XPathDocument _xpathDocument;
#pragma warning disable 0618 // To avoid deprecation warning
private XslTransform _transform;
#pragma warning restore 0618
private XslCompiledTransform _compiledTransform;
private XsltArgumentList _transformArgumentList;
private string _documentContent;
private string _documentSource;
private string _transformSource;
const string identityXslStr =
"" +
" ";
#pragma warning disable 0618 // To avoid deprecation warning
static XslTransform _identityTransform;
#pragma warning restore 0618
[SuppressMessage("Microsoft.Security", "MSEC1201:DoNotUseXslTransform", Justification = "_identityTransform contents are trusted hard-coded string.")]
[SuppressMessage("Microsoft.Security.Xml", "CA3050:DoNotUseXslTransform", Justification = "_identityTransform contents are trusted hard-coded string.")]
[SuppressMessage("Microsoft.Security", "MSEC1205:DoNotAllowDtdOnXmlTextReader", Justification = "_identityTransform contents are trusted hard-coded string.")]
[SuppressMessage("Microsoft.Security.Xml", "CA3054:DoNotAllowDtdOnXmlTextReader", Justification = "_identityTransform contents are trusted hard-coded string.")]
[PermissionSet(SecurityAction.Assert, Unrestricted = true)]
static Xml() {
// Instantiate an identity transform, to be used whenever we need to output XML
XmlTextReader reader = new XmlTextReader(new StringReader(identityXslStr));
#pragma warning disable 0618 // To avoid deprecation warning
_identityTransform = new XslTransform();
#pragma warning restore 0618
_identityTransform.Load(reader, null /*resolver*/, null /*evidence*/);
}
[
EditorBrowsable(EditorBrowsableState.Never),
]
public override string ClientID {
get {
return base.ClientID;
}
}
[
EditorBrowsable(EditorBrowsableState.Never),
]
public override ControlCollection Controls {
get {
return base.Controls;
}
}
///
/// [To be supplied.]
///
[
Browsable(false),
WebSysDescription(SR.Xml_Document),
DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden),
Obsolete("The recommended alternative is the XPathNavigator property. Create a System.Xml.XPath.XPathDocument and call CreateNavigator() to create an XPathNavigator. http://go.microsoft.com/fwlink/?linkid=14202"),
]
public XmlDocument Document {
get {
if (_document == null) {
LoadXmlDocument();
}
return _document;
}
set {
DocumentSource = null;
_xpathDocument = null;
_documentContent = null;
_document = value;
}
}
///
/// [To be supplied.]
///
[
Browsable(false),
DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden),
WebSysDescription(SR.Xml_DocumentContent)
]
public String DocumentContent {
get {
return _documentContent != null ? _documentContent : String.Empty;
}
set {
_document = null;
_xpathDocument = null;
_xpathNavigator = null;
_documentContent = value;
if (DesignMode) {
ViewState["OriginalContent"] = null;
}
}
}
///
/// [To be supplied.]
///
[
WebCategory("Behavior"),
DefaultValue(""),
Editor("System.Web.UI.Design.XmlUrlEditor, " + AssemblyRef.SystemDesign, typeof(UITypeEditor)),
UrlProperty(),
WebSysDescription(SR.Xml_DocumentSource)
]
public String DocumentSource {
get {
return (_documentSource == null) ? String.Empty : _documentSource;
}
set {
_document = null;
_xpathDocument = null;
_documentContent = null;
_xpathNavigator = null;
_documentSource = value;
}
}
[
Browsable(false),
DefaultValue(false),
EditorBrowsable(EditorBrowsableState.Never),
]
public override bool EnableTheming {
get {
return false;
}
set {
throw new NotSupportedException(SR.GetString(SR.NoThemingSupport, this.GetType().Name));
}
}
[
Browsable(false),
DefaultValue(""),
EditorBrowsable(EditorBrowsableState.Never),
]
public override string SkinID {
get {
return String.Empty;
}
set {
throw new NotSupportedException(SR.GetString(SR.NoThemingSupport, this.GetType().Name));
}
}
///
/// [To be supplied.]
///
[
Browsable(false),
WebSysDescription(SR.Xml_Transform),
DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)
]
#pragma warning disable 0618 // To avoid deprecation warning
public XslTransform Transform {
#pragma warning restore 0618
get {
return XmlUtils.GetXslTransform(_transform);
}
set {
if (XmlUtils.GetXslTransform(value) != null) {
// Setting this property will nullify _transform, so do it first.
TransformSource = null;
_transform = value;
}
}
}
///
/// [To be supplied.]
///
[
Browsable(false),
WebSysDescription(SR.Xml_TransformArgumentList),
DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)
]
public XsltArgumentList TransformArgumentList {
get {
return _transformArgumentList;
}
set {
_transformArgumentList = value;
}
}
///
/// [To be supplied.]
///
[
WebCategory("Behavior"),
DefaultValue(""),
Editor("System.Web.UI.Design.XslUrlEditor, " + AssemblyRef.SystemDesign, typeof(UITypeEditor)),
WebSysDescription(SR.Xml_TransformSource),
]
public String TransformSource {
get {
return (_transformSource == null) ? String.Empty : _transformSource;
}
set {
_transform = null;
_transformSource = value;
}
}
///
///
[
Browsable(false),
WebSysDescription(SR.Xml_XPathNavigator),
DesignerSerializationVisibility(DesignerSerializationVisibility.Hidden)
]
public XPathNavigator XPathNavigator {
get {
return _xpathNavigator;
}
set {
DocumentSource = null;
_xpathDocument = null;
_documentContent = null;
_document = null;
_xpathNavigator = value;
}
}
[SuppressMessage("Microsoft.Security", "MSEC1218:ReviewWebControlForSet_DocumentContent", Justification = "Legacy code that trusts our developer input. Optional safer codepath available via appSettings/aspnet:RestrictXmlControls configuration.")]
[SuppressMessage("Microsoft.Security.Xml", "CA3067:ReviewWebControlForSet_DocumentContent", Justification = "Legacy code that trusts our developer input. Optional safer codepath available via appSettings/aspnet:RestrictXmlControls configuration.")]
protected override void AddParsedSubObject(object obj) {
if (obj is LiteralControl) {
// Trim the initial whitespaces since XML is very picky (related to ASURT 58100)
string text = ((LiteralControl)obj).Text;
int iFirstNonWhiteSpace = Util.FirstNonWhiteSpaceIndex(text);
DocumentContent = text.Substring(iFirstNonWhiteSpace);
if (DesignMode) {
ViewState["OriginalContent"] = text;
}
}
else {
throw new HttpException(SR.GetString(SR.Cannot_Have_Children_Of_Type, "Xml", obj.GetType().Name.ToString(CultureInfo.InvariantCulture)));
}
}
protected override ControlCollection CreateControlCollection() {
return new EmptyControlCollection(this);
}
[
EditorBrowsable(EditorBrowsableState.Never),
]
public override Control FindControl(string id) {
return base.FindControl(id);
}
///
///
[
EditorBrowsable(EditorBrowsableState.Never),
]
public override void Focus() {
throw new NotSupportedException(SR.GetString(SR.NoFocusSupport, this.GetType().Name));
}
[SecurityPermission(SecurityAction.Demand, Unrestricted = true)]
protected override IDictionary GetDesignModeState() {
IDictionary designModeState = new HybridDictionary();
designModeState["OriginalContent"] = ViewState["OriginalContent"];
return designModeState;
}
[
EditorBrowsable(EditorBrowsableState.Never),
]
public override bool HasControls() {
return base.HasControls();
}
private void LoadTransformFromSource() {
// We're done if we already have a transform
if (_transform != null)
return;
if (String.IsNullOrEmpty(_transformSource) || _transformSource.Trim().Length == 0)
return;
// First, figure out if it's a physical or virtual path
VirtualPath virtualPath;
string physicalPath;
ResolvePhysicalOrVirtualPath(_transformSource, out virtualPath, out physicalPath);
CacheInternal cacheInternal = HttpRuntime.CacheInternal;
string key = CacheInternal.PrefixLoadXPath + ((physicalPath != null) ?
physicalPath : virtualPath.VirtualPathString);
object xform = cacheInternal.Get(key);
if (xform == null) {
Debug.Trace("XmlControl", "Xsl Transform not found in cache (" + _transformSource + ")");
// Get the stream, and open the doc
CacheDependency dependency;
using (Stream stream = OpenFileAndGetDependency(virtualPath, physicalPath, out dependency)) {
// If we don't have a physical path, call MapPath to get one, in order to pass it as
// the baseUri to XmlTextReader. In pure VirtualPathProvider scenarios, it won't
// help much, but it allows the default case to have relative references (VSWhidbey 545322)
if (physicalPath == null)
physicalPath = virtualPath.MapPath();
// XslCompiledTransform for some reason wants to completely re-create an internal XmlReader
// from scratch. In doing so, it does not respect all the settings of XmlTextReader. So we want
// to be sure to specifically use XmlReader here so our settings on it will be respected by the
// XslCompiledTransform.
XmlReader xmlReader = XmlUtils.CreateXmlReader(stream, physicalPath);
_transform = XmlUtils.CreateXslTransform(xmlReader);
if (_transform == null) {
_compiledTransform = XmlUtils.CreateXslCompiledTransform(xmlReader);
}
}
// Cache it, but only if we got a dependency
if (dependency != null) {
using (dependency) {
cacheInternal.UtcInsert(key, ((_compiledTransform == null) ? (object)_transform : (object)_compiledTransform), dependency);
}
}
}
else {
Debug.Trace("XmlControl", "XslTransform found in cache (" + _transformSource + ")");
_compiledTransform = xform as XslCompiledTransform;
if (_compiledTransform == null) {
#pragma warning disable 0618 // To avoid deprecation warning
_transform = (XslTransform)xform;
#pragma warning restore 0618
}
}
}
private void LoadXmlDocument() {
Debug.Assert(_xpathDocument == null && _document == null && _xpathNavigator == null);
if (!String.IsNullOrEmpty(_documentContent)) {
_document = XmlUtils.CreateXmlDocumentFromContent(_documentContent);
return;
}
if (String.IsNullOrEmpty(_documentSource))
return;
// Make it absolute and check security
string physicalPath = MapPathSecure(_documentSource);
CacheInternal cacheInternal = System.Web.HttpRuntime.CacheInternal;
string key = CacheInternal.PrefixLoadXml + physicalPath;
_document = (XmlDocument) cacheInternal.Get(key);
if (_document == null) {
Debug.Trace("XmlControl", "XmlDocument not found in cache (" + _documentSource + ")");
CacheDependency dependency;
using (Stream stream = OpenFileAndGetDependency(null, physicalPath, out dependency)) {
_document = new XmlDocument();
_document.Load(XmlUtils.CreateXmlReader(stream, physicalPath));
cacheInternal.UtcInsert(key, _document, dependency);
}
}
else {
Debug.Trace("XmlControl", "XmlDocument found in cache (" + _documentSource + ")");
}
//
lock (_document) {
// Always return a clone of the cached copy
_document = (XmlDocument)_document.CloneNode(true/*deep*/);
}
}
private void LoadXPathDocument() {
Debug.Assert(_xpathDocument == null && _document == null && _xpathNavigator == null);
if (!String.IsNullOrEmpty(_documentContent)) {
_xpathDocument = XmlUtils.CreateXPathDocumentFromContent(_documentContent);
return;
}
if (String.IsNullOrEmpty(_documentSource))
return;
// First, figure out if it's a physical or virtual path
VirtualPath virtualPath;
string physicalPath;
ResolvePhysicalOrVirtualPath(_documentSource, out virtualPath, out physicalPath);
CacheInternal cacheInternal = HttpRuntime.CacheInternal;
string key = CacheInternal.PrefixLoadXPath + ((physicalPath != null) ?
physicalPath : virtualPath.VirtualPathString);
_xpathDocument = (XPathDocument)cacheInternal.Get(key);
if (_xpathDocument == null) {
Debug.Trace("XmlControl", "XPathDocument not found in cache (" + _documentSource + ")");
// Get the stream, and open the doc
CacheDependency dependency;
using (Stream stream = OpenFileAndGetDependency(virtualPath, physicalPath, out dependency)) {
// The same comments as in LoadTransformFromSource() (VSWhidbey 545322, 546662)
if (physicalPath == null) {
physicalPath = virtualPath.MapPath();
}
_xpathDocument = new XPathDocument(XmlUtils.CreateXmlReader(stream, physicalPath));
}
// Cache it, but only if we got a dependency
if (dependency != null) {
using (dependency) {
cacheInternal.UtcInsert(key, _xpathDocument, dependency);
}
}
}
else {
Debug.Trace("XmlControl", "XPathDocument found in cache (" + _documentSource + ")");
}
}
///
/// [To be supplied.]
///
[SuppressMessage("Microsoft.Security", "MSEC1204:UseSecureXmlResolver", Justification = "Legacy code that trusts our developer input. Optional safer codepath available via appSettings/aspnet:RestrictXmlControls configuration.")]
protected internal override void Render(HtmlTextWriter output)
{
// If we don't already have an XmlDocument or an XPathNavigator, load am XPathDocument (which is faster)
if ((_document == null) && (_xpathNavigator == null)) {
LoadXPathDocument();
}
LoadTransformFromSource();
// Abort if nothing has been loaded
if (_document == null && _xpathDocument == null && _xpathNavigator == null) {
return;
}
// If we don't have a transform, use the identity transform, which
// simply renders the XML.
if (_transform == null)
_transform = _identityTransform;
// Pass a resolver in full trust, to support certain XSL scenarios (ASURT 141427)
XmlUrlResolver xr = null;
if (HttpRuntime.HasUnmanagedPermission()) {
xr = new XmlUrlResolver();
}
IXPathNavigable doc = null;
if (_document != null) {
doc = _document;
} else if (_xpathNavigator != null) {
doc = _xpathNavigator;
} else {
doc = _xpathDocument;
}
if (_compiledTransform != null) {
XmlWriter writer = XmlWriter.Create(output);
_compiledTransform.Transform(doc, _transformArgumentList, writer, null);
} else {
_transform.Transform(doc, _transformArgumentList, output, xr);
}
}
}
}