namespace - Dave's Blog


Tweet from David Risney

2016 Nov 4, 4:08
@David_Risney Example graph  of the Windows .Services.Maps namespace

Parsing WinMD with .NET reflection APIs

2016 Nov 2, 6:13

Parsing WinMD files, the containers of WinRT API metadata, is relatively simple using the appropriate .NET reflection APIs. However, figuring out which reflection APIs to use is not obvious. I've got a completed C sharp class parsing WinMD files that you can check out for reference.

Use System.Reflection.Assembly.ReflectionOnlyLoad to load the WinMD file. Don't use the normal load methods because the WinMD files contain only metadata. This will load up info about APIs defined in that WinMD, but any references to types outside of that WinMD including types found in the normal OS system WinMD files must be resolved by the app code via the System.Reflection.InteropServices.WindowsRuntimeMetadata.ReflectionOnlyNamespaceResolve event.

In this event handler you must resolve the unknown namespace reference by adding an assembly to the NamespaceResolveEventArgs's ResolvedAssemblies property. If you're only interested in OS system WinMD files you can use System.Reflection.InteropServices.WindowsRuntimeMetadata.ResolveNamespace to turn a namespace into the expected OS system WinMD path and turn that path into an assembly with ReflectionOnlyLoad. code programming winmd winrt

WinRT Toast from PowerShell

2016 Jun 15, 3:54

I've made a PowerShell script to show system toast notifications with WinRT and PowerShell. Along the way I learned several interesting things.

First off calling WinRT from PowerShell involves a strange syntax. If you want to use a class you write [-Class-,-Namespace-,ContentType=WindowsRuntime] first to tell PowerShell about the type. For example here I create a ToastNotification object:

$toast = New-Object Windows.UI.Notifications.ToastNotification -ArgumentList $xml;
And here I call the static method CreateToastNotifier on the ToastNotificationManager class:
$notifier = [Windows.UI.Notifications.ToastNotificationManager]::CreateToastNotifier($AppUserModelId);
With this I can call WinRT methods and this is enough to show a toast but to handle the click requires a little more work.

To handle the user clicking on the toast I need to listen to the Activated event on the Toast object. However Register-ObjectEvent doesn't handle WinRT events. To work around this I created a .NET event wrapper class to turn the WinRT event into a .NET event that Register-ObjectEvent can handle. This is based on Keith Hill's blog post on calling WinRT async methods in PowerShell. With the event wrapper class I can run the following to subscribe to the event:

function WrapToastEvent {
param($target, $eventName);

Add-Type -Path (Join-Path $myPath "PoshWinRT.dll")
$wrapper = new-object "PoshWinRT.EventWrapper[Windows.UI.Notifications.ToastNotification,System.Object]";
$wrapper.Register($target, $eventName);

[void](Register-ObjectEvent -InputObject (WrapToastEvent $toast "Activated") -EventName FireEvent -Action {

To handle the Activated event I want to put focus back on the PowerShell window that created the toast. To do this I need to call the Win32 function SetForegroundWindow. Doing so from PowerShell is surprisingly easy. First you must tell PowerShell about the function:

Add-Type @"
using System;
using System.Runtime.InteropServices;
public class PInvoke {
[DllImport("user32.dll")] [return: MarshalAs(UnmanagedType.Bool)]
public static extern bool SetForegroundWindow(IntPtr hwnd);
Then to call:
[PInvoke]::SetForegroundWindow((Get-Process -id $myWindowPid).MainWindowHandle);

But figuring out the HWND to give to SetForegroundWindow isn't totally straight forward. Get-Process exposes a MainWindowHandle property but if you start a cmd.exe prompt and then run PowerShell inside of that, the PowerShell process has 0 for its MainWindowHandle property. We must follow up process parents until we find one with a MainWindowHandle:

$myWindowPid = $pid;
while ($myWindowPid -gt 0 -and (Get-Process -id $myWindowPid).MainWindowHandle -eq 0) {
$myWindowPid = (gwmi Win32_Process -filter "processid = $($myWindowPid)" | select ParentProcessId).ParentProcessId;
} c# powershell toast winrt

JavaScript Types and WinRT Types

2016 Jan 21, 5:35PermalinkCommentschakra development javascript winrt

Stripe CTF - SQL injections (Levels 0 & 3)

2012 Sep 5, 9:10

Stripe's web security CTF's level 0 and level 3 had SQL injection solutions described below.

Level 0


app.get('/*', function(req, res) {
var namespace = req.param('namespace');

if (namespace) {
var query = 'SELECT * FROM secrets WHERE key LIKE ? || ".%"';
db.all(query, namespace, function(err, secrets) {


There's no input validation on the namespace parameter and it is injected into the SQL query with no encoding applied. This means you can use the '%' character as the namespace which is the wildcard character matching all secrets.


Code review red flag was using strings to query the database. Additional levels made this harder to exploit by using an API with objects to construct a query rather than strings and by running a query that only returned a single row, only ran a single command, and didn't just dump out the results of the query to the caller.

Level 3


@app.route('/login', methods=['POST'])
def login():
username = flask.request.form.get('username')
password = flask.request.form.get('password')

if not username:
return "Must provide username\n"

if not password:
return "Must provide password\n"

conn = sqlite3.connect(os.path.join(data_dir, 'users.db'))
cursor = conn.cursor()

query = """SELECT id, password_hash, salt FROM users
WHERE username = '{0}' LIMIT 1""".format(username)

res = cursor.fetchone()
if not res:
return "There's no such user {0}!\n".format(username)
user_id, password_hash, salt = res

calculated_hash = hashlib.sha256(password + salt)
if calculated_hash.hexdigest() != password_hash:
return "That's not the password for {0}!\n".format(username)


There's little input validation on username before it is used to constrcut a SQL query. There's no encoding applied when constructing the SQL query string which is used to, given a username, produce the hashed password and the associated salt. Accordingly one can make username a part of a SQL query command which ensures the original select returns nothing and provide a new SELECT via a UNION that returns some literal values for the hash and salt. For instance the following in blue is the query template and the red is the username injected SQL code:

SELECT id, password_hash, salt FROM users WHERE username = 'doesntexist' UNION SELECT id, ('5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8') AS password_hash, ('word') AS salt FROM users WHERE username = 'bob' LIMIT 1
In the above I've supplied my own salt and hash such that my salt (word) plus my password (pass) hashed produce the hash I provided above. Accordingly, by providing the above long and interesting looking username and password as 'pass' I can login as any user.


Code review red flag is again using strings to query the database. Although this level was made more difficult by using an API that returns only a single row and by using the execute method which only runs one command. I was forced to (as a SQL noob) learn the syntax of SELECT in order to figure out UNION and how to return my own literal values.

PermalinkCommentssecurity sql sql-injection technical web-security

Flickr Visual Search in IE8

2009 Apr 10, 9:48

A while ago I promised to say how an xsltproc Meddler script would be useful and the general answer is its useful for hooking up a client application that wants data from the web in a particular XML format and the data is available on the web but in another XML format. The specific case for this post is a Flickr Search service that includes IE8 Visual Search Suggestions. IE8 wants the Visual Search Suggestions XML format and Flickr gives out search data in their Flickr web API XML format.

So I wrote an XSLT to convert from Flickr Search XML to Visual Suggestions XML and used my xsltproc Meddler script to actually apply this xslt.

After getting this all working I've placed the result in two places: (1) I've updated the xsltproc Meddler script to include this XSLT and an XML file to install it as a search provider - although you'll need to edit the XML to include your own Flickr API key. (2) I've created a service for this so you can just install the Flickr search provider if you're interested in having the functionality and don't care about the implementation. Additionally, to the search provider I've added accelerator preview support to show the Flickr slideshow which I think looks snazzy.

Doing a quick search for this it looks like there's at least one other such implementation, but mine has the distinction of being done through XSLT which I provide, updated XML namespaces to work with the released version of IE8, and I made it so you know its good.

PermalinkCommentsmeddler xml ie8 xslt flickr technical boring search suggestions

Thoughts on registerProtocolHandler in HTML 5

2009 Apr 7, 9:02

I'm a big fan of the concept of registerProtocolHandler in HTML 5 and in FireFox 3, but not quite the implementation. From a high level, it allows web apps to register themselves as handlers of an URL scheme so for (the canonical) example, GMail can register for the mailto URL scheme. I like the concept:

However, the way its currently spec'ed out I don't like the following: PermalinkCommentsurl template registerprotocolhandler firefox technical url scheme protocol boring html5 uri urn

Exposing RSS Comments

2009 Mar 10, 1:27Description of wfw:commentRss RSS extension: Content of the element is a URL to a feed of the comments for the particular RSS item. Exactly the sort of thing I was looking for a couple of years ago. At the time none of my web services used it, but now the Delicious v2 feed uses it! Maybe its time to reexamine this sort of thing...PermalinkCommentsrss comment feed reference blog namespace xml wfw

draft-masinter-dated-uri-05 - names are readily assigned, offer the persistence of reference that is required by URNs, but do not require a stable authority to assign the name. The first namespace ("duri") is used to refer to URI-

2009 Feb 4, 4:30PermalinkCommentsduri tdb uri url scheme reference ietf date datetime rfc

Tag Metadata in Feeds

2008 Aug 25, 10:13PermalinkCommentsfeed media delicious technical atom youtube yahoo rss tag

The Evolution of a specification -- Commentary on Web architecture

2007 Oct 3, 10:21Tim Berners-Lee writes about principles for new technology in the context of the evolution of HTML and the development of namespaces and XML.PermalinkCommentsarchitecture article tim-berners-lee w3c internet history evolution html namespace xml web mmm multimedia-mesh humor test-of-independent-invention

Namespaces in XML 1.0 (Second Edition)

2007 Sep 11, 1:46The XML spec. Info on setting the default namespace including how to remove a default namespace once its been set.PermalinkCommentsspecification reference w3c xml namespace

XPointer Framework - IE7 XML Source View Upgrade Part 3

2007 May 17, 5:16Previously I created some resource tools and then I used them to overwrite msxml3's XML source view. In this update I've added support for the XPointer Framework.

This time around I've started to add support for the XPointer Framework to my XML source view and I've added installation instructions. The framework consists of a series of pointer segments each of which has a scheme name followed by data in parenthesis. For example 'scheme1(data1)scheme2(data2)scheme3(data3)'. A pointer segment resolves to a portion of the XML document based on the data and the scheme name. The whole pointer resolves to the first segment that successfully resolves. That is, from the example, if scheme1 resolves to nothing and scheme2 resolves to something then that's used and scheme3 is ignored. In addition to the framework I've added support for the xmlns scheme which binds namespace prefixes to a namespace URI and the element scheme which is a simple way to resolve to particular elements in an XML. I also have limited support for the xpointer scheme the content of which is resolved as an XPath with some extra functions (which I don't support -- hence the limited). I've also thrown in schemes for the two SelectionLanguage values supported by msxml3.

Next time I might try to support the xpointer functions that aren't in xpath using msxml script. But I think I'm losing steam on this project... we'll see.PermalinkCommentsresource technical xml xpointer res xpath xslt


2007 Apr 19, 3:35Interesting projects related to maps of physical space and the semantic web.PermalinkCommentsarchitecture data map ontology rdf place semanticweb tag wifi xml space research

RFC 2141 URN Syntax

2007 Apr 12, 10:55Uniform Resource Names (URNs) are intended to serve as persistent, location-independent, source identifiers. This document sets forward the canonical syntax for URNs.PermalinkCommentsurn uri rfc reference internet namespace standard

FOAF Vocabulary Specification

2007 Feb 7, 4:43How to indicate human relationships and human information in a machine readable fashion.PermalinkCommentsfoaf rdf xml semanticweb specification metadata social identity namespace schema standard

The Shell Namespace (MSDN)

2006 Aug 23, 10:27PermalinkCommentsmsdn microsoft shell namespace programming windows pidl

URN Namespaces - [RFC2141, RFC3406]

2006 Jun 27, 11:56This is the Official IANA Registry of URN Namespaces (Last updated 05 Jun 2006)PermalinkCommentsiana urn uri standards namespace reference rfc

RFC4198 - Federated Content URN Namespace

2006 Jun 27, 11:55This document describes a URN (Uniform Resource Name) namespace for identifying content resources within federated content collections. A federated content collection often does not have a strong centralized authority but relies upon sharedPermalinkCommentsurn uri fdc internet rfc specification
Older Entries Creative Commons License Some rights reserved.