I'm just getting started with writing an XBAP page. I need to pass some information into the XBAP context via query string parameters. I am expecting the XBAP to execute in a partial trust context.
When I run the following XBAP code-behind hosted on IIS, it throws the following
System.Reflection.TargetInvocationException:
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation.
---> System.Security.SecurityException: That assembly does not allow partially trusted callers. at UI.UIEntryPage..ctor()
If I comment out the call to HttpUtility.ParseQueryString(), the XBAP loads properly, so it seems I'm not allowed to use HttpUtility to parse the query string in a partial trust context? (I find this surprising since a static method to parse a string into a NameValueCollection doesn't really seem like a security risk...)
Is there anything I can do to call this method in a partial trust context? Or, failing that, how can I parse the query string parameters securely without using HttpUtility?
namespace UI
{
/// <summary>
/// Interaction logic for UIEntryPage.xaml
/// </summary>
public partial class UIEntryPage : Page
{
public UIEntryPage()
{
InitializeComponent();
if (!ApplicationDeployment.IsNetworkDeployed) return;
Uri launchUri = ApplicationDeployment.CurrentDeployment.ActivationUri;
string query = launchUri.Query;
// This line causes an exception to be thrown
// when the XBAP is loaded.
NameValueCollection uriParameters = HttpUtility.ParseQueryString(query);
foreach (string key in uriParameters.AllKeys)
{
UriParameters.Add(key, uriParameters[key]);
}
DataContext = this;
}
public readonly Dictionary<string, string> UriParameters = new Dictionary<string, string>();
}
}
}
Aucun commentaire:
Enregistrer un commentaire