我有一个做一些文件 IO 工作的 ASP.Net 页面。当我从 Web 浏览器(即 chrome)请求它时,它会成功,但是当我从应用程序中的 WebClient 实例请求它时,它会给我一个“System.Security.SecurityException”。这两个请求是否存在显着差异?为了让这个页面在我的 Web 客户端中工作,我需要了解哪些关于代码访问安全的知识?
这是原始提琴手请求和响应:
浏览器请求:
GET http://192.168.1.89/QuickCutConsoleDataProvider/UpdateItemFiles.aspx HTTP/1.1
Host: 192.168.1.89
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
浏览器响应:
HTTP/1.1 200 OK
Via: 1.1 PHOBOS
Connection: Keep-Alive
Proxy-Connection: Keep-Alive
Content-Length: 35189
Date: Tue, 14 Dec 2010 14:08:46 GMT
Content-Type: application/zip
Server: Microsoft-IIS/7.5
Cache-Control: private
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
... Binary Content ...
网络客户端请求:
POST http://192.168.1.89/QuickCutConsoleDataProvider/UpdateItemFiles.aspx?Guid=e30e1826-3d96-4769-a540-acd911cccf02 HTTP/1.1
Content-Type: multipart/form-data; boundary=---------------------8cd697dcbf75ed4
Host: 192.168.1.89
Content-Length: 303
Expect: 100-continue
-----------------------8cd697dcbf75ed4
Content-Disposition: form-data; name="file"; filename="Catalog.xml"
Content-Type: application/octet-stream
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<catalog version="1.0">
<items />
</catalog>
-----------------------8cd697dcbf75ed4--
Web 客户端响应(例外):
HTTP/1.1 200 OK
Via: 1.1 PHOBOS
Connection: Keep-Alive
Proxy-Connection: Keep-Alive
Content-Length: 1244
Date: Tue, 14 Dec 2010 14:12:34 GMT
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/7.5
Cache-Control: private
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
<error type="System.Security.SecurityException">
<message>Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.</message>
<stack-trace><![CDATA[ at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
at System.Security.CodeAccessPermission.Demand()
at System.IO.File.GetLastWriteTimeUtc(String path)
at Ionic.Zip.ZipEntry.Create(String nameInArchive, ZipEntrySource source, Object arg1, Object arg2)
at Ionic.Zip.ZipEntry.CreateFromFile(String filename, String nameInArchive)
at Ionic.Zip.ZipFile.AddFile(String fileName, String directoryPathInArchive)
at Ionic.Zip.ZipFile.AddFile(String fileName)
at MyApplication.UpdateItemFiles.GetUpdateContent(XDocument a_xManifest, Stream[] a_arrExtraContent) in C:\Software\MyApplication\Alpha\Web Interface\UpdateItemFiles.aspx.cs:line 282
at MyApplication.UpdateItemFiles.Page_Load(Object sender, EventArgs e) in C:\Software\MyApplication\Alpha\Web Interface\UpdateItemFiles.aspx.cs:line 31]]></stack-trace>
<inner-exception>null</inner-exception>
</error>