Redirecting from Global.asax in Medium Trust
Asked Answered
S

2

0

I am attempting to do a redirect in the Application_Error handler in Global.asax. Nothing fancy at all.

private void Application_Error(object sender, EventArgs e)
{
   // ...snip...

   Server.Transfer(somePath, false);

   // ...snip...
}

This works great under Full trust, but I need to get it to work under Medium trust. The code I'm working on here needs to function properly in a shared hosting environment (Unfortunately, I have no control over this requirement).

However, when I configure the site as follows in our dev environment (XP Pro / IIS 5.1) for testing purposes:

<system.web>
  <trust level="Medium"/>
</system.web>

It fails with the following error:

Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.**
   at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
   at System.Security.CodeAccessPermission.Demand()
   at System.Web.HttpWorkerRequest.SendResponseFromMemory(IntPtr data, Int32 length)
   at System.Web.HttpWorkerRequest.SendResponseFromMemory(IntPtr data, Int32 length, Boolean isBufferFromUnmanagedPool)
   at System.Web.HttpResponseUnmanagedBufferElement.
      System.Web.IHttpResponseElement.Send(HttpWorkerRequest wr)
   at System.Web.HttpWriter.Send(HttpWorkerRequest wr)
   at System.Web.HttpResponse.Flush(Boolean finalFlush)
   at System.Web.HttpResponse.Flush()
   at System.Web.HttpResponse.End()
   at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm)

A couple of other things of note:

  • This happens whether from Global.asax or from an HttpModule.
  • This also happens with Response.Redirect(somePath).

Appreciate any insight you can provide. I have Googled my a$$ off over this, and no joy.

Thanks!

Sudatorium answered 24/2, 2009 at 6:59 Comment(0)
T
0

I was experiencing the same problem today, but I think I have found a passable work-around. It turns out that specifying the Response.Status code resolves this issue.

private void Application_Error(object sender, EventArgs e)
{
   // ...snip...

   Response.StatusCode = 500;
   Server.Transfer(somePath, false);

   // ...snip...
}

Unfortunately, if you debug the page, it appears that the SecurityPermissions error still occurs. I'm unsure as to how much of a problem this really is since the Server.Transfer will continue without error, and there is no noticeable affect to the user.

I would be interested to know if anyone has thoughts or opinions on the matter.

Tarpaulin answered 11/5, 2009 at 19:58 Comment(0)
M
0

I had the same problem like you.

I used:

Response.Redirect("~/ErrorRedirectPage.aspx",false);

And it works fine.

Minutiae answered 16/1, 2013 at 11:36 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.