private SiteMapNode GetNodeFromXmlNode(XmlNode xmlNode, Queue queue) {
SiteMapNode node = null;
// static nodes
string title = null, url = null, description = null, roles = null, resourceKey = null;
// Url attribute is NOT required for a xml node.
HandlerBase.GetAndRemoveStringAttribute(xmlNode, "url", ref url);
HandlerBase.GetAndRemoveStringAttribute(xmlNode, "title", ref title);
HandlerBase.GetAndRemoveStringAttribute(xmlNode, "description", ref description);
HandlerBase.GetAndRemoveStringAttribute(xmlNode, "roles", ref roles);
HandlerBase.GetAndRemoveStringAttribute(xmlNode, "resourceKey", ref resourceKey);
// Do not add the resourceKey if the resource is not valid.
if (!String.IsNullOrEmpty(resourceKey) &&
!ValidateResource(ResourceKey, resourceKey + ".title")) {
resourceKey = null;
}
HandlerBase.CheckForbiddenAttribute(xmlNode, _securityTrimmingEnabledAttrName);
NameValueCollection resourceKeyCollection = null;
bool allowImplicitResourceAttribute = String.IsNullOrEmpty(resourceKey);
HandleResourceAttribute(xmlNode, ref resourceKeyCollection,
"title", ref title, allowImplicitResourceAttribute);
HandleResourceAttribute(xmlNode, ref resourceKeyCollection,
"description", ref description, allowImplicitResourceAttribute);
ArrayList roleList = new ArrayList();
if (roles != null) {
int foundIndex = roles.IndexOf('?');
if (foundIndex != -1) {
throw new ConfigurationErrorsException(
SR.GetString(SR.Auth_rule_names_cant_contain_char,
roles[foundIndex].ToString(CultureInfo.InvariantCulture)), xmlNode);
}
foreach (string role in roles.Split(_seperators)) {
string trimmedRole = role.Trim();
if (trimmedRole.Length > 0) {
roleList.Add(trimmedRole);
}
}
}
roleList = ArrayList.ReadOnly(roleList);
String key = null;
// Make urls absolute.
if (!String.IsNullOrEmpty(url)) {
// URL needs to be trimmed. VSWhidbey 411041
url = url.Trim();
if (!UrlPath.IsAbsolutePhysicalPath(url)) {
if (UrlPath.IsRelativeUrl(url)) {
url = UrlPath.Combine(HttpRuntime.AppDomainAppVirtualPathString, url);
}
}
// VSWhidbey 418056, Reject any suspicious or mal-formed Urls.
string decodedUrl = HttpUtility.UrlDecode(url);
if (!String.Equals(url, decodedUrl, StringComparison.Ordinal)) {
throw new ConfigurationErrorsException(
SR.GetString(SR.Property_Had_Malformed_Url, "url", url), xmlNode);
}
key = url.ToLowerInvariant();
}
else {
key = Guid.NewGuid().ToString();
}
// attribute collection does not contain pre-defined properties like title, url, etc.
ReadOnlyNameValueCollection attributeCollection = new ReadOnlyNameValueCollection();
attributeCollection.SetReadOnly(false);
foreach (XmlAttribute attribute in xmlNode.Attributes) {
string value = attribute.Value;
HandleResourceAttribute(xmlNode, ref resourceKeyCollection, attribute.Name, ref value, allowImplicitResourceAttribute);
attributeCollection[attribute.Name] = value;
}
attributeCollection.SetReadOnly(true);
node = new SiteMapNode(this, key, url, title, description, roleList, attributeCollection, resourceKeyCollection, resourceKey);
node.ReadOnly = true;
foreach (XmlNode subNode in xmlNode.ChildNodes) {
if (subNode.NodeType != XmlNodeType.Element)
continue;
queue.Enqueue(node);
queue.Enqueue(subNode);
}
return node;
}