Redirecting from Global.asax in Medium Trust

倾然丶 夕夏残阳落幕 提交于 2019-12-24 19:23:10

问题


I am attempting to do a redirect in the Application_Error handler in Global.asax. Nothing fancy at all.

private void Application_Error(object sender, EventArgs e)
{
   // ...snip...

   Server.Transfer(somePath, false);

   // ...snip...
}

This works great under Full trust, but I need to get it to work under Medium trust. The code I'm working on here needs to function properly in a shared hosting environment (Unfortunately, I have no control over this requirement).

However, when I configure the site as follows in our dev environment (XP Pro / IIS 5.1) for testing purposes:

<system.web>
  <trust level="Medium"/>
</system.web>

It fails with the following error:

Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.**
   at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
   at System.Security.CodeAccessPermission.Demand()
   at System.Web.HttpWorkerRequest.SendResponseFromMemory(IntPtr data, Int32 length)
   at System.Web.HttpWorkerRequest.SendResponseFromMemory(IntPtr data, Int32 length, Boolean isBufferFromUnmanagedPool)
   at System.Web.HttpResponseUnmanagedBufferElement.
      System.Web.IHttpResponseElement.Send(HttpWorkerRequest wr)
   at System.Web.HttpWriter.Send(HttpWorkerRequest wr)
   at System.Web.HttpResponse.Flush(Boolean finalFlush)
   at System.Web.HttpResponse.Flush()
   at System.Web.HttpResponse.End()
   at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm)

A couple of other things of note:

  • This happens whether from Global.asax or from an HttpModule.
  • This also happens with Response.Redirect(somePath).

Appreciate any insight you can provide. I have Googled my a$$ off over this, and no joy.

Thanks!


回答1:


I was experiencing the same problem today, but I think I have found a passable work-around. It turns out that specifying the Response.Status code resolves this issue.

private void Application_Error(object sender, EventArgs e)
{
   // ...snip...

   Response.StatusCode = 500;
   Server.Transfer(somePath, false);

   // ...snip...
}

Unfortunately, if you debug the page, it appears that the SecurityPermissions error still occurs. I'm unsure as to how much of a problem this really is since the Server.Transfer will continue without error, and there is no noticeable affect to the user.

I would be interested to know if anyone has thoughts or opinions on the matter.




回答2:


I had the same problem like you.

I used:

Response.Redirect("~/ErrorRedirectPage.aspx",false);

And it works fine.



来源:https://stackoverflow.com/questions/580728/redirecting-from-global-asax-in-medium-trust

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!