2

我正在silverlight 中开发一个Web 应用程序。我已经重载了 WebClient.GetWebRequest 方法,如下所示:-

public class WebClientWithCookies : WebClient
    {
        [SecurityCritical]
        protected override WebRequest GetWebRequest(Uri address)
        {
            string cookieContent = HtmlPage.Document.Cookies;

            WebRequest request = base.GetWebRequest(address);
            HttpWebRequest webRequest = request as HttpWebRequest;
            if (webRequest != null && cookieContent != null && cookieContent != string.Empty)
            {
                CookieContainer cookieContainer = new CookieContainer();
                cookieContainer.Add(address, new Cookie() { Value = HtmlPage.Document.Cookies });
                webRequest.CookieContainer = cookieContainer;
            }
            return request;
        }
    }

但我收到以下异常:

System.TypeInitializationException 未被用户代码处理
Message='SigmaWC.Utility.RestCommunicator' 的类型初始化程序引发了异常。TypeName=SigmaWC.Utility.RestCommunicator
StackTrace:在 SigmaWC.Utility.RestCommunicator..ctor() 在 SigmaWC.App..ctor() InnerException:System.TypeLoadException 消息=在覆盖成员时违反了继承安全规则:'SigmaWC.Utility.WebClientWithCookies ..ctor()'。重写方法的安全可访问性必须与被重写方法的安全可访问性相匹配。StackTrace:在 SigmaWC.Utility.RestCommunicator..cctor() InnerException:

任何人都可以帮助如何提升 Silverlight 中的安全设置。

4

1 回答 1

4

至少可以说有关这方面的文档很少。但是,有几个有用的资源:

MSDN表示您不能将框架成员与SecurityCriticalAttribute.

Silverlight 应用程序代码不能使用具有 SecurityCriticalAttribute 的类型和成员。安全关键类型和成员只能由 .NET Framework for Silverlight 类库中的受信任代码使用。

在 的情况下WebClientGetWebRequest方法没有这个属性,但是构造函数有。

这个 MSDN 安全博客暗示if the default constructor has any Security attribute, the class cannot be used for inheritance in a Silverlight client.

此外,前面提到的 MSDN 博客暗示在 Silverlight 程序集中忽略了安全属性,这些程序不是核心框架的一部分。然而,这可能仅适用于程序集级别的属性。

无论如何,长话短说。You cannot derive from WebClient because of the SecuritySafeAttribute on the constructor. 为了说明这一点,这也会在运行时导致异常:

public class MyWebClient : WebClient
{

}

另一种方法是滚动您自己的 WebClient。这需要一些工作,但以下示例确实适用于以下处理程序:

public class MyHandler : IHttpHandler
{

    public void ProcessRequest(HttpContext context)
    {
        context.Response.ContentType = "text/plain";
        context.Response.Write("Hello World");
        foreach (Cookie cookie in context.Response.Cookies)
        {
            //Cookies from the client - there will be 1 in this case
        }
    }

...

public class MyWebClient
{
    public MyWebClient()
    {

    }

    public void InvokeWebRequest(Uri address)
    {
        //Set the cookie you want to use.
        string cookieContent = "I like cookies";

        // Register a http client - without this the following webRequest.CookieContainer setter will throw an exception
        WebRequest.RegisterPrefix("http://", WebRequestCreator.ClientHttp);

        //This bit you know, but dont forget to set Name on your new Cookie.
        HttpWebRequest webRequest = WebRequest.Create(address.AbsoluteUri) as HttpWebRequest;
        if (webRequest != null && !String.IsNullOrWhiteSpace(cookieContent))
        {
            webRequest.CookieContainer = new CookieContainer();
            webRequest.CookieContainer.Add(address, new Cookie() { Value = cookieContent, Name = "MyCookie" });
        }

        //Invoke the async GetResponse method.
        webRequest.BeginGetResponse(o =>
            {
                HttpWebResponse response = (HttpWebResponse)webRequest.EndGetResponse(o);
                using (StreamReader reader = new StreamReader(response.GetResponseStream()))
                {
                    //Read the result
                    string result = reader.ReadToEnd();
                }

                foreach (Cookie cookie in response.Cookies)
                {
                    //The cookies returned from the server.
                }
            }, null);

    }
}
于 2012-07-26T20:13:36.263 回答