Grants Web permission to the site from which the assembly was downloaded. This class cannot be inherited.
See Also: NetCodeGroup Members
Syntax
public sealed class NetCodeGroup : CodeGroup
Remarks
Code groups are the building blocks of code access security policy. Each policy level consists of a root code group that can have one or more child code groups. Each child code group can have its own child code groups; this behavior extends to any number of levels, forming a tree. Each code group has a membership condition that determines if a given assembly belongs to the group, based on the evidence for that assembly. Only code groups whose membership conditions match a given assembly, along with their child code groups, apply code access security policy.
System.Security.Policy.NetCodeGroup has the same merge semantics as that of System.Security.Policy.UnionCodeGroup; it forms the union of the System.Security.Policy.PolicyStatement objects of all matching child code groups and the System.Security.Policy.PolicyStatement it generates from the input System.Security.Policy.Url evidence. However, System.Security.Policy.NetCodeGroup returns a permission containing a dynamically calculated System.Net.WebPermission that grants connect access to the site from which the code is run; System.Security.Policy.UnionCodeGroup simply returns a static permission set.
When a System.Security.Policy.NetCodeGroup is created, it contains the default connection access rules shown in the following table.
| file |
No connection access to the origin server is permitted. |
| http |
HTTP and HTTPS access is permitted using the origin port. |
| https |
HTTPS access is permitted using the origin port. |
You can control the scheme and port that code is permitted to use when connecting back to its site of origin by passing a System.Security.Policy.CodeConnectAccess object with the appropriate CodeConnectAccess.Scheme and CodeConnectAccess.Port property values to the NetCodeGroup.AddConnectAccess(string, CodeConnectAccess) method. You can create a connection access rule that applies when the origin scheme is not present in the evidence or is not recognized by specifying NetCodeGroup.AbsentOriginScheme ("") as the scheme. You can also create a connection access rule that applies when there is no connection access rule with a matching scheme by specifying NetCodeGroup.AnyOtherOriginScheme ("*") as the scheme.
If code does not submit the URI scheme as evidence, access is permitted using any scheme back to the origin site.
Requirements
Assembly: mscorlib (in mscorlib.dll)
Assembly Versions: 1.0.5000.0, 2.0.0.0, 4.0.0.0