Represents a code group that controls access based on the URL from which the code originates.
Namespace: System.Security.Policy
Assembly: mscorlib (in mscorlib.dll)
public class UrlClassCodeGroup : System.Security.Policy.CodeGroup
The UrlClassCodeGroup class is a powerful tool in the .NET security model. It allows developers to define security policies based on the origin URL of assemblies. This is particularly useful for granting specific permissions to code downloaded from trusted websites or restricting access for code originating from potentially untrusted sources.
By associating a set of permissions with a particular URL (or a pattern of URLs), you can enforce a granular security policy. This class extends the base CodeGroup class and provides specific logic for evaluating code identity based on its URL.
| Name | Description |
|---|---|
| UrlClassCodeGroup(System.Security.Policy.IMembershipCondition, System.Security.Policy.PolicyStatement) | Initializes a new instance of the UrlClassCodeGroup class with the specified membership condition and policy statement. |
| Name | Description |
|---|---|
| Copy() | Creates and returns a deep copy of the current code group. |
| CreateXml() | Creates an XML representation of the current code group and all its child code groups. |
| Equals(object) | Determines whether the specified object is equal to the current object. (Inherited from Object.) |
| GetHashCode() | Serves as the default hash function. (Inherited from Object.) |
| GetType() | Gets the Type of the current instance. (Inherited from Object.) |
| ParseXml(System.Security.SecurityElement) | Parses the specified XML element and sets the state of the code group. |
| ToString() | Returns a string that represents the current object. (Inherited from Object.) |
| Name | Description |
|---|---|
| Children | Gets or sets the child code groups for the current code group. |
| Description | Gets or sets a description of the code group. |
| Name | Gets or sets the name of the code group. |
| PolicyStatement | Gets or sets the policy statement associated with the code group. |
| Tier | Gets or sets the application trust level for the code group. |
UrlClassCodeGroup is used in conjunction with the UrlMembershipCondition. The UrlMembershipCondition checks if the assembly's origin matches a specific URL or URL pattern, and if it does, the UrlClassCodeGroup's associated permissions are granted.
When a code access security (CAS) policy is evaluated, the .NET runtime iterates through the code groups. For each code group, it checks if the code's origin matches the group's membership condition. If a match is found, the permissions defined in the code group's policy statement are granted, and the evaluation process may continue or terminate depending on the configuration.
Note: In modern .NET Core and .NET 5+, the code access security (CAS) model is significantly different, and the concepts of CodeGroup and UrlClassCodeGroup are largely deprecated or have different implementations. This documentation pertains to the traditional .NET Framework security model.
The following C# code demonstrates how to create a UrlClassCodeGroup and associate it with a specific URL and a set of permissions.
using System;
using System.Security.Policy;
using System.Security.Permissions;
public class Example
{
public static void Main(string[] args)
{
// Define the URL membership condition
UrlMembershipCondition urlCondition = new UrlMembershipCondition("http://www.trusted-site.com/*");
// Define a policy statement with some permissions
PermissionSet permissions = new PermissionSet(System.Security.Permissions.PermissionState.None);
permissions.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
permissions.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read, @"C:\TrustedData\*"));
PolicyStatement statement = new PolicyStatement(permissions, attributes: PolicyStatementAttribute.Nothing);
// Create the UrlClassCodeGroup
UrlClassCodeGroup urlCodeGroup = new UrlClassCodeGroup(urlCondition, statement);
urlCodeGroup.Description = "Permissions for code from trusted-site.com";
urlCodeGroup.Name = "TrustedSiteCodeGroup";
Console.WriteLine($"Code Group Name: {urlCodeGroup.Name}");
Console.WriteLine($"Description: {urlCodeGroup.Description}");
Console.WriteLine($"Membership Condition: {urlCodeGroup.MembershipCondition}");
Console.WriteLine($"Policy Statement: {urlCodeGroup.PolicyStatement}");
}
}