From ef49c984561352e3afd40b16b951d79481d02e76 Mon Sep 17 00:00:00 2001 From: h3xds1nz Date: Sat, 28 Sep 2024 16:02:59 +0200 Subject: [PATCH 01/10] Remove IBrowserCallbackServices XBAP-related dead code --- .../AppModel/SiteOfOriginContainer.cs | 23 -- .../MS/internal/WpfWebRequestHelper.cs | 5 - .../Internal/AppModel/AppSecurityManager.cs | 260 +----------------- .../Internal/AppModel/IBrowserHostServices.cs | 13 - .../System/Windows/Application.cs | 24 +- .../Windows/Interop/BrowserInteropHelper.cs | 22 +- .../src/Shared/MS/Utility/BindUriHelper.cs | 30 +- 7 files changed, 5 insertions(+), 372 deletions(-) diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationCore/MS/internal/AppModel/SiteOfOriginContainer.cs b/src/Microsoft.DotNet.Wpf/src/PresentationCore/MS/internal/AppModel/SiteOfOriginContainer.cs index 0bb82080aeb..a8de3ef10d1 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationCore/MS/internal/AppModel/SiteOfOriginContainer.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationCore/MS/internal/AppModel/SiteOfOriginContainer.cs @@ -52,18 +52,6 @@ internal static Uri SiteOfOrigin return siteOfOrigin; } } - - internal static Uri BrowserSource - { - get - { - return _browserSource; - } - set - { - _browserSource = value; - } - } #endregion @@ -200,17 +188,6 @@ protected override PackagePart GetPartCore(Uri uri) #endregion - //------------------------------------------------------ - // - // Private Fields - // - //------------------------------------------------------ - - #region Private Members - - private static Uri _browserSource; - - #endregion Private Members //------------------------------------------------------ // diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationCore/MS/internal/WpfWebRequestHelper.cs b/src/Microsoft.DotNet.Wpf/src/PresentationCore/MS/internal/WpfWebRequestHelper.cs index a85f791b9b6..41ffa6209c6 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationCore/MS/internal/WpfWebRequestHelper.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationCore/MS/internal/WpfWebRequestHelper.cs @@ -95,11 +95,6 @@ internal static WebRequest CreateRequest(Uri uri) CookieHandler.HandleWebRequest(httpRequest); - if (String.IsNullOrEmpty(httpRequest.Referer)) - { - httpRequest.Referer = BindUriHelper.GetReferer(uri); - } - CustomCredentialPolicy.EnsureCustomCredentialPolicy(); // Enable NTLM authentication. diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs index 47ab6841795..159a51e9bed 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs @@ -150,262 +150,8 @@ the key used is (supposedly) HKCR\htmlfile\shell\opennew\ddeexec, and its value #region Private Methods - /// - /// Returns the HTTP "Referer" header. - /// - /// returns a string containing one or more HTTP headers separated by \r\n; the string must also be terminated with a \r\n - private static string GetHeaders(Uri destinationUri) - { - string referer = BindUriHelper.GetReferer(destinationUri); - - if (!String.IsNullOrEmpty(referer)) - { - // The headers we pass in to IWebBrowser2.Navigate must - // be terminated with a \r\n because the browser then - // concatenates its own headers on to the end of that string. - referer = $"{RefererHeader}{referer}\r\n"; - } - - return referer; - } - - // - // Functionally equivalent copy of Trident's CanNavigateToUrlWithZoneCheck function - // Checks to see whether a navigation is considered a zone elevation. - // Once a zone elevation is identified - calls into urlmon to check settings. - // - private static LaunchResult CanNavigateToUrlWithZoneCheck(Uri originatingUri, Uri destinationUri) - { - LaunchResult launchResult = LaunchResult.NotLaunched; // fail securely - assume this is the default. - int targetZone = NativeMethods.URLZONE_LOCAL_MACHINE; // fail securely this is the most priveleged zone - int sourceZone = NativeMethods.URLZONE_INTERNET; // fail securely this is the least priveleged zone. - bool fEnabled = true; - - EnsureSecurityManager(); - - // is this feature enabled ? - fEnabled = UnsafeNativeMethods.CoInternetIsFeatureEnabled( - NativeMethods.FEATURE_ZONE_ELEVATION, - NativeMethods.GET_FEATURE_FROM_PROCESS) != NativeMethods.S_FALSE; - - targetZone = MapUrlToZone(destinationUri); - - // Get source zone. - - // Initialize sourceUri to null so that source zone defaults to the least privileged zone. - Uri sourceUri = null; - - // If the MimeType is not a container, attempt to find sourceUri. - // sourceUri should be null for Container cases, since it always assumes - // the least privileged zone (InternetZone). - if (Application.Current.MimeType != MimeType.Document) - { - sourceUri = BrowserInteropHelper.Source; - } - else if (destinationUri.IsFile && - System.IO.Path.GetExtension(destinationUri.LocalPath) - .Equals(DocumentStream.XpsFileExtension, StringComparison.OrdinalIgnoreCase)) - { - // In this case we know the following: - // 1) We are currently a Container - // 2) The destination is a File and another Container - - // In this case we want to treat the destination as internet too so Container - // can navigate to other Containers by passing zone checks - targetZone = NativeMethods.URLZONE_INTERNET; - } - - if (sourceUri != null) - { - sourceZone = MapUrlToZone(sourceUri); - } - else - { - // 2 potential ways to get here. - // a) We aren't a fusion hosted app. Assume full-trust. - // b) Some bug in hosting caused source Uri to be null. - // - // For a - we will say there is no cross-domain check. - // b - we'll assume InternetZone, and use Source. - return LaunchResult.Launched; - } - - // - // ------------------------------ - // Check if there is a zone elevation. - // Custom zones would have a higher value that URLZONE_UNTRUSTED, so this solution isn't quite complete. - // However, we don't know of any product actively using custom zones, so rolling this out. - // INTRANET and TRUSTED are treated as equals. - // ------------------------------ - // - - // - // Note the negative logic - it first sees to see something is *not* a zone elevation. - // - if ( - // Even if feature is disabled. - // We still block navigation to local machine. - // IF source zone is internet or restricted. - - (!fEnabled && - ((sourceZone != NativeMethods.URLZONE_INTERNET && - sourceZone != NativeMethods.URLZONE_UNTRUSTED) || - targetZone != NativeMethods.URLZONE_LOCAL_MACHINE)) || - - // If feature is enabled - // It's not a zone elevation if - // the zones are equal OR - // the zones are both less than restricted and - // the sourceZone is more trusted than Target OR - // sourceZone and TargetZone are both Intranet or Trusted - // - // per aganjam - Intranet and Trusted are treated as equivalent - // as it was a common scenario for IE. ( website on intranet points to trusted site). - // - - (fEnabled && - ( - sourceZone == targetZone || - ( - sourceZone <= NativeMethods.URLZONE_UNTRUSTED && - targetZone <= NativeMethods.URLZONE_UNTRUSTED && - ( - sourceZone < targetZone || - ( - (sourceZone == NativeMethods.URLZONE_TRUSTED || sourceZone == NativeMethods.URLZONE_INTRANET) && - (targetZone == NativeMethods.URLZONE_TRUSTED || targetZone == NativeMethods.URLZONE_INTRANET) - ) - ) - ) - ))) - { - // There is no zone elevation. You can launch away ! - return LaunchResult.Launched; - } - - launchResult = CheckBlockNavigation(sourceUri, - destinationUri, - fEnabled); - - return launchResult; - } - - /// - /// Called when we suspect there is a zone elevation. - /// Calls the Urlmon IsFeatureZoneElevationEnabled which may pop UI based on settings. - /// functionally equivalent to the BlockNavigation: label in Trident's CanNavigateToUrlWithZoneCheck - /// - private static LaunchResult CheckBlockNavigation(Uri originatingUri, Uri destinationUri, bool fEnabled) - { - if (fEnabled) - { - if (UnsafeNativeMethods.CoInternetIsFeatureZoneElevationEnabled( - BindUriHelper.UriToString(originatingUri), - BindUriHelper.UriToString(destinationUri), - _secMgr, - NativeMethods.GET_FEATURE_FROM_PROCESS) == NativeMethods.S_FALSE) - { - return LaunchResult.Launched; - } - else - { - if (IsZoneElevationSettingPrompt(destinationUri)) - { - // url action is query, and we got a "no" answer back. - // we can assume user responded No. - return LaunchResult.NotLaunchedDueToPrompt; - } - else - return LaunchResult.NotLaunched; - } - } - else - { - return LaunchResult.Launched; - } - } - - // Is ZoneElevation setting set to prompt ? - private static bool IsZoneElevationSettingPrompt(Uri target) - { - Invariant.Assert(_secMgr != null); - - // Was this due to a prompt ? - - int policy = NativeMethods.URLPOLICY_DISALLOW; - - unsafe - { - String targetString = BindUriHelper.UriToString(target); - - _secMgr.ProcessUrlAction(targetString, - NativeMethods.URLACTION_FEATURE_ZONE_ELEVATION, - (byte*)&policy, - sizeof(int), - null, - 0, - NativeMethods.PUAF_NOUI, - 0); - } - - return (policy == NativeMethods.URLPOLICY_QUERY); - } - - private static void EnsureSecurityManager() - { - // IMPORTANT: See comments in header r.e. IInternetSecurityManager - - if (_secMgr == null) - { - lock (_lockObj) - { - if (_secMgr == null) // null check again - now that we're in the lock. - { - _secMgr = (UnsafeNativeMethods.IInternetSecurityManager)new InternetSecurityManager(); - - // - // Set the Security Manager Site. - // This enables any dialogs popped to be modal to our window. - // - _secMgrSite = new SecurityMgrSite(); - - _secMgr.SetSecuritySite((NativeMethods.IInternetSecurityMgrSite)_secMgrSite); - } - } - } - } - - - - internal static void ClearSecurityManager() - { - if (_secMgr != null) - { - lock (_lockObj) - { - if (_secMgr != null) - { - _secMgr.SetSecuritySite(null); - _secMgrSite = null; - _secMgr = null; - } - } - } - } - - internal static int MapUrlToZone(Uri url) - { - EnsureSecurityManager(); - int zone; - _secMgr.MapUrlToZone(BindUriHelper.UriToString(url), out zone, 0); - return zone; - } - [ComImport, ComVisible(false), Guid("7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4")] - internal class InternetSecurityManager - { - } - + internal class InternetSecurityManager { } #endregion Private Methods @@ -420,10 +166,6 @@ internal class InternetSecurityManager // violation DoNotLockOnObjectsWithWeakIdentity private static readonly object _lockObj = new object(); - private static UnsafeNativeMethods.IInternetSecurityManager _secMgr; - - private static SecurityMgrSite _secMgrSite; - #endregion Private Fields } } diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/IBrowserHostServices.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/IBrowserHostServices.cs index 387755512d8..9546a114d4e 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/IBrowserHostServices.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/IBrowserHostServices.cs @@ -48,17 +48,4 @@ enum HostingFlags }; - //********************************************************************************************// - // IMPORTANT: IMPORTANT: IMPORTANT: IMPORTANT: // - //********************************************************************************************// - // If you change or update this interface, make sure you update the definitions in - // wcp\host\inc\hostservices.idl - // In addition, make sure the enum is updated in wcp\host\startup\shellhandler.cxx - internal enum MimeType - { - Unknown = 0, - Document = 1, - Application = 2, - Markup = 3 - } } diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs index 183bb2cbf48..27c765de184 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs @@ -1667,7 +1667,6 @@ internal virtual void DoShutdown() } PreloadedPackages.Clear(); - AppSecurityManager.ClearSecurityManager(); _appIsShutdown = true; // mark app as shutdown } @@ -1893,23 +1892,6 @@ private set } } - //This property indicates what type of an application was created. We use this - //to determine whether to update the address bar or not for toplevel navigations - //Since we don't currently have support to represent a proper relative uri - //for .xps or .deploy or browser hosted exes, we limit address bar - //updates to xaml navigations. - //In the future, IBrowserCallbackServices and this should be moved to use RootBrowserWindow - //instead of being in the application. For example,if a standalone window is created - //in the same application, we still try to use IBrowserCallbackServices in the - //standalone window. Need to ensure only RootBrowserWindow knows about browser hosting, - //rest of the appmodel code should be agnostic to hosting process. - //This will be cleaned up with the RootBrowserWindow cleanup. - internal MimeType MimeType - { - get { return _appMimeType; } - set { _appMimeType = value; } - } - // this is called from ApplicationProxyInternal, ProgressBarAppHelper, and ContainerActivationHelper. // All of these are on the app thread internal IServiceProvider ServiceProvider @@ -1955,10 +1937,7 @@ internal static bool IsShuttingDown { get { - //If we are shutting down normally, Application.IsShuttingDown will be true. Be sure to check this first. - // If we are browser hosted, BrowserCallbackServices.IsShuttingDown checks to see if the browser is shutting us down, - // even if we may not be shutting down the Application yet. Check this to avoid reentrance issues between the time that - // browser is shutting us down and that Application.Shutdown (CriticalShutdown) is invoked. + // If we are shutting down normally, Application.IsShuttingDown will be true. Be sure to check this first. if (_isShuttingDown) { return _isShuttingDown; @@ -2513,7 +2492,6 @@ private object RunDispatcher(object ignore) private bool _resourcesInitialized = false; private bool _reloadFluentDictionary = false; - private MimeType _appMimeType; private IServiceProvider _serviceProvider; private bool _appIsShutdown; diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs index f83d79196c6..c79575db27c 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs @@ -50,25 +50,7 @@ static BrowserInteropHelper() /// /// Returns the Uri used to launch the application. /// - public static Uri Source - { - get - { - return SiteOfOriginContainer.BrowserSource; - } - } - - /// - /// Returns true if we are running the XAML viewer pseudo-application (what used to be XamlViewer.xbap). - /// This explicitly does not cover the case of XPS documents (MimeType.Document). - /// - internal static bool IsViewer - { - get - { - return Application.Current?.MimeType == MimeType.Markup; - } - } + public static Uri Source => null; /// /// Returns true if we are in viewer mode AND this is the first time that a viewer has been navigated. @@ -79,7 +61,7 @@ internal static bool IsInitialViewerNavigation { get { - return IsViewer && _isInitialViewerNavigation; + return _isInitialViewerNavigation; } set { diff --git a/src/Microsoft.DotNet.Wpf/src/Shared/MS/Utility/BindUriHelper.cs b/src/Microsoft.DotNet.Wpf/src/Shared/MS/Utility/BindUriHelper.cs index 75e8674bb11..a8d9fad6cdc 100644 --- a/src/Microsoft.DotNet.Wpf/src/Shared/MS/Utility/BindUriHelper.cs +++ b/src/Microsoft.DotNet.Wpf/src/Shared/MS/Utility/BindUriHelper.cs @@ -136,37 +136,9 @@ static internal Uri GetResolvedUri(Uri baseUri, Uri orgUri) } return newUri; - } - - /// - /// Gets the referer to set as a header on the HTTP request. - /// We do not set the referer if we are navigating to a - /// differnet security zone or to a different Uri scheme. - /// - internal static string GetReferer(Uri destinationUri) - { - string referer = null; - - Uri sourceUri = MS.Internal.AppModel.SiteOfOriginContainer.BrowserSource; - if (sourceUri != null) - { - int sourceZone = MS.Internal.AppModel.CustomCredentialPolicy.MapUrlToZone(sourceUri); - int targetZone = MS.Internal.AppModel.CustomCredentialPolicy.MapUrlToZone(destinationUri); + } - // We don't send any referer when crossing zone - if (sourceZone == targetZone) - { - // We don't send any referer when going cross-scheme - if (string.Equals(sourceUri.Scheme, destinationUri.Scheme, StringComparison.OrdinalIgnoreCase)) - { - // HTTPHeader requires the referer uri to be escaped. - referer = sourceUri.GetComponents(UriComponents.AbsoluteUri, UriFormat.UriEscaped); - } - } - } - return referer; - } #endif // PRESENTATION_CORE || PRESENTATIONFRAMEWORK From 47ab6067e571ee628c3c536a5e69bc26772683db Mon Sep 17 00:00:00 2001 From: h3xds1nz Date: Sat, 28 Sep 2024 16:10:49 +0200 Subject: [PATCH 02/10] Remove code paths called via ApplicationProxyInternal --- .../System/Windows/Application.cs | 64 +++---------------- 1 file changed, 9 insertions(+), 55 deletions(-) diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs index 27c765de184..1ae23c6185d 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs @@ -26,6 +26,8 @@ using System.ComponentModel; using System.IO; using System.Reflection; +using System.Runtime.InteropServices; +using System.Resources; using System.Threading; using System.IO.Packaging; @@ -210,28 +212,6 @@ public int Run(Window window) return RunInternal(window); } - - /// - /// - /// - /// - /// - internal object GetService(Type serviceType) - { - // this is called only from OleCmdHelper and it gets - // service for IBrowserCallbackServices which is internal. - // This call is made on the App thread. - // - VerifyAccess(); - object service = null; - - if (ServiceProvider != null) - { - service = ServiceProvider.GetService(serviceType); - } - return service; - } - /// /// Shutdown is called to programmatically shutdown an application. /// @@ -1672,11 +1652,13 @@ internal virtual void DoShutdown() } } - // - // This function is called from the public Run methods to start the application. - // ApplicationProxyInternal.Run method calls this method directly to bypass the check - // for browser hosted application in the public Run() method - // + /// + /// This function is called from the public Run methods to start the application. + /// + /// + /// + /// + /// internal int RunInternal(Window window) { VerifyAccess(); @@ -1892,30 +1874,6 @@ private set } } - // this is called from ApplicationProxyInternal, ProgressBarAppHelper, and ContainerActivationHelper. - // All of these are on the app thread - internal IServiceProvider ServiceProvider - { - private get - { - VerifyAccess(); - if (_serviceProvider != null) - { - return _serviceProvider; - } - else - { - return null; - } - } - set - { - VerifyAccess(); - _serviceProvider = value ; - } - } - - // is called by NavigationService to detect TopLevel container // We check there to call this only if NavigationService is on // the same thread as the Application @@ -2266,8 +2224,6 @@ private void ShutdownImpl() { Dispatcher.CriticalInvokeShutdown(); } - - ServiceProvider = null; } } @@ -2492,8 +2448,6 @@ private object RunDispatcher(object ignore) private bool _resourcesInitialized = false; private bool _reloadFluentDictionary = false; - private IServiceProvider _serviceProvider; - private bool _appIsShutdown; private int _exitCode; From bae88e8dbd13df4b0dbffbf464153d7d2ec18a42 Mon Sep 17 00:00:00 2001 From: h3xds1nz Date: Sat, 28 Sep 2024 16:33:30 +0200 Subject: [PATCH 03/10] Keep IsViewer to better show intent (MimeType was never set on .NET Core) --- .../System/Windows/Interop/BrowserInteropHelper.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs index c79575db27c..f9e2efcd726 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs @@ -61,7 +61,7 @@ internal static bool IsInitialViewerNavigation { get { - return _isInitialViewerNavigation; + return IsViewer && _isInitialViewerNavigation; } set { From 07bc939ec12cae5afb4380803957899895e76422 Mon Sep 17 00:00:00 2001 From: h3xds1nz Date: Sat, 28 Sep 2024 16:38:35 +0200 Subject: [PATCH 04/10] Explain why IsInitialViewerNavigation is always false --- .../System/Windows/Interop/BrowserInteropHelper.cs | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs index f9e2efcd726..4da8f3ba0e9 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs @@ -18,11 +18,6 @@ namespace System.Windows.Interop /// public static class BrowserInteropHelper { - static BrowserInteropHelper() - { - IsInitialViewerNavigation = true; - } - /// /// Returns the IOleClientSite interface /// @@ -59,7 +54,7 @@ static BrowserInteropHelper() /// internal static bool IsInitialViewerNavigation { - get + get // Because IsViewer is always false, the value of _isInitialViewerNavigation does not matter { return IsViewer && _isInitialViewerNavigation; } From 2036326af20534fae8569ff17e16cfd2fe42731f Mon Sep 17 00:00:00 2001 From: h3xds1nz Date: Sat, 28 Sep 2024 16:39:14 +0200 Subject: [PATCH 05/10] Remove IsInitialViewerNavigation from conditions where the value does not matter --- .../MS/Internal/AppModel/AppSecurityManager.cs | 5 +---- .../System/Windows/Navigation/NavigationService.cs | 3 +-- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs index 159a51e9bed..1ca6334a846 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs @@ -88,10 +88,7 @@ internal static LaunchResult SafeLaunchBrowserOnlyIfPossible(Uri originatingUri, // For all other cases ( evil protocols etc). // We will demand. // - // The check of IsInitialViewerNavigation is necessary because viewer applications will probably - // need to call Navigate on the URI they receive, but we want them to be able to do it in partial trust. - if (!BrowserInteropHelper.IsInitialViewerNavigation && - ((fIsTopLevel && isKnownScheme) || fIsMailTo)) + if ((fIsTopLevel && isKnownScheme) || fIsMailTo) { if (!isKnownScheme && fIsMailTo) // unnecessary if - but being paranoid. { diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Navigation/NavigationService.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Navigation/NavigationService.cs index 4196face476..5057aa7a370 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Navigation/NavigationService.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Navigation/NavigationService.cs @@ -2249,7 +2249,6 @@ private void FireNavigated(object navState) private void HandleNavigated(object navState, bool navigatedToNewContent) { Debug.Assert(_navStatus == NavigationStatus.Navigated); - BrowserInteropHelper.IsInitialViewerNavigation = false; NavigateInfo navInfo = navState as NavigateInfo; @@ -2961,7 +2960,7 @@ private void GetObjectFromResponse(WebRequest request, WebResponse response, Uri // to detect XAML, so PresentationHost may get invoked, but our // WpfWebRequestHelper.GetContentType() fails to do the same inference. In particular, // it appears that UrlMon looks at the Content-Disposition HTTP header, but we don't. - if (!IsTopLevelContainer || BrowserInteropHelper.IsInitialViewerNavigation) + if (!IsTopLevelContainer) { throw new InvalidOperationException(SR.FailedToConvertResource); } From d1f41b9401cb166d82deb768d0056bf713d23ca9 Mon Sep 17 00:00:00 2001 From: h3xds1nz Date: Sat, 28 Sep 2024 16:56:19 +0200 Subject: [PATCH 06/10] Remove some remarks to RootBrowserWindow that no longer exists --- .../System/Windows/Application.cs | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs index 1ae23c6185d..d9bfc038e08 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Application.cs @@ -1756,10 +1756,11 @@ internal void InvalidateResourceReferences(ResourcesChangeInfo info) InvalidateResourceReferenceOnWindowCollection(NonAppWindowsInternal.Clone(), info); } - // Creates and returns a NavigationWindow for standalone cases - // For browser hosted cases, returns the existing RootBrowserWindow which - // is created before the application.Run is called. - internal NavigationWindow GetAppWindow() + /// + /// Creates and returns a NavigationWindow for standalone cases + /// + /// + internal static NavigationWindow GetAppWindow() { NavigationWindow appWin = new NavigationWindow(); @@ -2247,11 +2248,9 @@ private void OnPreBPReady(object sender, BPReadyEventArgs e) private void ConfigAppWindowAndRootElement(object root, Uri uri) { - Window w = root as Window; - if (w == null) + if (root is not Window wnd) { - //Creates and returns a NavigationWindow for standalone cases - //For browser hosted cases, returns the RootBrowserWindow precreated by docobjhost + //Creates and returns a NavigationWindow NavigationWindow appWin = GetAppWindow(); //Since we cancel PreBPReady event here, the other navigation events won't fire twice. @@ -2273,9 +2272,9 @@ private void ConfigAppWindowAndRootElement(object root, Uri uri) // if Visibility has not been set, we set it to true // Also check whether the window is already closed when we get here - applications could close the window // in its constructor. - if (!w.IsVisibilitySet && !w.IsDisposed) + if (!wnd.IsVisibilitySet && !wnd.IsDisposed) { - w.Visibility = Visibility.Visible; + wnd.Visibility = Visibility.Visible; } } } From a758d4a195d40a2038e0260d02958e2c415332ac Mon Sep 17 00:00:00 2001 From: h3xds1nz Date: Sat, 28 Sep 2024 17:19:53 +0200 Subject: [PATCH 07/10] Remove IInternetSecurityMgrSite as it is no longer used without XBAP support --- .../MS/Internal/AppModel/SecurityMgrSite.cs | 40 ------------------- .../PresentationFramework.csproj | 1 - 2 files changed, 41 deletions(-) delete mode 100644 src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/SecurityMgrSite.cs diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/SecurityMgrSite.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/SecurityMgrSite.cs deleted file mode 100644 index ad82fbbfdc9..00000000000 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/SecurityMgrSite.cs +++ /dev/null @@ -1,40 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// Description: -// The SecurityMgrSite is an implementation of Urlmon's IInternetSecurityMgrSite. -// -// It is primarily used to supply an hwnd to be modal to- when a ProcessUrlAction call -// is required to show UI. - -using MS.Win32; -using System.Windows; - -namespace MS.Internal -{ - internal class SecurityMgrSite : NativeMethods.IInternetSecurityMgrSite - { - internal SecurityMgrSite() - { - } - - public void GetWindow( /* [out] */ ref IntPtr phwnd) - { - phwnd = IntPtr.Zero; - - if (Application.Current != null) - { - Window curWindow = Application.Current.MainWindow; - if (curWindow != null) - { - phwnd = curWindow.Handle; - } - } - } - - public void EnableModeless( /* [in] */ bool fEnable) - { - } - } -} diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/PresentationFramework.csproj b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/PresentationFramework.csproj index a16304803fb..9e9473e6c93 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/PresentationFramework.csproj +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/PresentationFramework.csproj @@ -124,7 +124,6 @@ - From f928a077da75250202bfea01d90c38b0f37fcd1b Mon Sep 17 00:00:00 2001 From: h3xds1nz Date: Mon, 30 Sep 2024 23:51:24 +0200 Subject: [PATCH 08/10] Final cleanup in AppSecurityManager --- .../Internal/AppModel/AppSecurityManager.cs | 28 ------------------- 1 file changed, 28 deletions(-) diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs index 1ca6334a846..3a159330801 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs @@ -14,11 +14,8 @@ // using System.Windows; -using System.Windows.Interop; using MS.Internal.Utility; -using MS.Win32; using System.Runtime.InteropServices; -using MS.Internal.Documents.Application; namespace MS.Internal.AppModel { @@ -31,9 +28,6 @@ enum LaunchResult internal static class AppSecurityManager { - #region Internal Methods - - /// /// Safely launch the browser if you can. /// If you can't demand unmanaged code permisison. @@ -142,27 +136,5 @@ the key used is (supposedly) HKCR\htmlfile\shell\opennew\ddeexec, and its value throw new InvalidOperationException(SR.FailToLaunchDefaultBrowser, new System.ComponentModel.Win32Exception(/*uses the last Win32 error*/)); } - - #endregion Internal Methods - - #region Private Methods - - [ComImport, ComVisible(false), Guid("7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4")] - internal class InternetSecurityManager { } - - - #endregion Private Methods - - #region Private Fields - - private const string RefererHeader = "Referer: "; - - private const string BrowserOpenCommandLookupKey = "htmlfile\\shell\\open\\command"; - - // Object to be used for locking. Using typeof(Util) causes an FxCop - // violation DoNotLockOnObjectsWithWeakIdentity - private static readonly object _lockObj = new object(); - - #endregion Private Fields } } From cf2f4306b2698745a6cfadb1d1fa19f317b84459 Mon Sep 17 00:00:00 2001 From: h3xds1nz Date: Mon, 11 Nov 2024 13:05:51 +0100 Subject: [PATCH 09/10] Cleanup after #9855 merge --- .../Windows/Interop/BrowserInteropHelper.cs | 26 ------------------- 1 file changed, 26 deletions(-) diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs index 4da8f3ba0e9..f43b08f778c 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/System/Windows/Interop/BrowserInteropHelper.cs @@ -7,10 +7,6 @@ // interop with the browser. Deprecated as XBAP is not supported. // -using MS.Win32; -using MS.Internal; -using MS.Internal.AppModel; - namespace System.Windows.Interop { /// @@ -36,10 +32,6 @@ public static class BrowserInteropHelper /// /// Returns true if the app is a browser hosted app. /// - /// - /// Note that HostingFlags may not be set at the time this property is queried first. - /// That's why they are still separate. Also, this one is public. - /// public static bool IsBrowserHosted => false; /// @@ -47,24 +39,6 @@ public static class BrowserInteropHelper /// public static Uri Source => null; - /// - /// Returns true if we are in viewer mode AND this is the first time that a viewer has been navigated. - /// Including IsViewer is defense-in-depth in case somebody forgets to check IsViewer. There are other - /// reasons why both IsViewer and IsViewerNavigation are necessary, however. - /// - internal static bool IsInitialViewerNavigation - { - get // Because IsViewer is always false, the value of _isInitialViewerNavigation does not matter - { - return IsViewer && _isInitialViewerNavigation; - } - set - { - _isInitialViewerNavigation = value; - } - } - - private static bool _isInitialViewerNavigation; } } From 07d7a63b4f2fac25d3bf263166719d4da2371e61 Mon Sep 17 00:00:00 2001 From: h3xds1nz Date: Fri, 3 Jan 2025 14:28:13 +0100 Subject: [PATCH 10/10] Add back a forgotten using for UnsafeNativeMethods --- .../MS/Internal/AppModel/AppSecurityManager.cs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs index 3a159330801..056f01c8329 100644 --- a/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs +++ b/src/Microsoft.DotNet.Wpf/src/PresentationFramework/MS/Internal/AppModel/AppSecurityManager.cs @@ -1,4 +1,4 @@ -// Licensed to the .NET Foundation under one or more agreements. +// Licensed to the .NET Foundation under one or more agreements. // The .NET Foundation licenses this file to you under the MIT license. // See the LICENSE file in the project root for more information. @@ -13,6 +13,7 @@ //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! // +using MS.Win32; using System.Windows; using MS.Internal.Utility; using System.Runtime.InteropServices;