System.Security.Permissions.ReflectionPermission

Discussion in 'Microsoft Development' started by olley, Sep 20, 2011.

  1. olley

    olley Guppy

    Is there a chance to get System.Security.Permissions.ReflectionPermission allowed for .NET 4.0?

    I am getting an error when I try using standard .NET classes for JSON serialization.

    Here is the stack trace:

    Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.ReflectionPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

    Code:
    [SecurityException: Request for the permission of type 'System.Security.Permissions.ReflectionPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
       System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
       System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, StackCrawlMark& stackMark) +31
       System.Security.CodeAccessPermission.Demand() +46
       System.Reflection.Emit.DynamicMethod.PerformSecurityCheck(Module m, StackCrawlMark& stackMark, Boolean skipVisibility) +248
       System.Reflection.Emit.DynamicMethod..ctor(String name, Type returnType, Type[] parameterTypes, Module m, Boolean skipVisibility) +49
       System.Runtime.Serialization.Json.CriticalHelper.BeginMethod(CodeGenerator ilg, String methodName, Type delegateType, Boolean allowPrivateMemberAccess) +162
       System.Runtime.Serialization.Json.CriticalHelper.GenerateClassWriter(ClassDataContract classContract) +144
    If I am not mistaken, JodoHost has this permission granted for .NET 2.0 (see http://support.jodohost.com/showthread.php?t=7974&highlight=ReflectionPermission topic). May be it is time to add it to the list of granted permissions for .NET 4.0 too?
  2. Stephen

    Stephen US Operations Staff Member

    We do allow certain reflection, I am checking this out.
  3. olley

    olley Guppy

    Here is a simple ASPX page for testing.

    Code:
    <%@ Page Language="C#" %>
    
    <%@ Import Namespace="System.IO" %>
    <%@ Import Namespace="System.Runtime.Serialization.Json" %>
    <%@ Import Namespace="System.Runtime.Serialization" %>
    
    
    <script runat="server">
    
        [DataContract]
        class Foo
        {
            [DataMember]
            public bool bar = true;
        }
        
        class Tester
        {
    
            public static string DoStuff()
            {
                DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(Foo));
                MemoryStream memStream = new MemoryStream();
    
                Foo foo = new Foo();
    
                serializer.WriteObject(memStream, foo); // Fails on this line
                memStream.Position = 0;
                StreamReader reader = new StreamReader(memStream);
                return reader.ReadToEnd();
            }
        }    
    
    </script>
    
    <html>
     <% Response.Write( Tester.DoStuff()); %>
    </html>
    
    
    On my local machine it outputs the JASON representation of the the Foo object: {"bar":true}
    On the hosted site it throws the above mentioned exception.
  4. olley

    olley Guppy

    I am on win15 (Windows Server 2003) if that matters.
  5. olley

    olley Guppy

    Um... Any thoughts on that? Will you add this permission?
  6. Stephen

    Stephen US Operations Staff Member

    still checking it, wasnt in a lot on software side due to some other plans (prep to take dc pics)
  7. olley

    olley Guppy

    Thank you, I really appreciate that.
  8. Stephen

    Stephen US Operations Staff Member

    Check it now and see if any error, I've allowed an additional reflection permission.
  9. olley

    olley Guppy

    Same error if I try the sample page provided above :(
  10. Stephen

    Stephen US Operations Staff Member

    On reflection, we really can't allow it in full, I have allowed ReflectionEmit and RestrictedMemberAccess (for LINQ functions)

    I tried to find which exactly JSON was using, but wasn't able, do you know?
    Looks like it is wanting PrivateMemberAccess...
  11. olley

    olley Guppy

    Yes, LINQ works for me, I can confirm that. Don't know about JSON error besides what I see in that exception info though...

Share This Page

JodoHost - 26,000 hosting end-users in 100 countries
Plesk Web Hosting
VPS Hosting
H-Sphere Web Hosting
Other Services