«
»

daBlog’s New Medium Trust Made Me Sad (for a little while, anyway)

Posted by admin on August 24, 2007 – 1:49 am      
Filed under ASP, Blogging, dasBlog

Oops, don’t try this:

      Dim req As System.Net.HttpWebRequest = System.Net.WebRequest.Create(URL)

on an ASP.NET page in a web app marked with MEDIUM trust (as the new dasBlog 2.0 comes configured, as in this web.config file)

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.web>
        <trust originurl="" level="Medium">
    </system.web>
</configuration>

Guess that’s one of the no-nos of medium trust.

In my case, the only place I’m doing this is where the incoming URL is a value fixed in code, not something coming from user input, so I don’t believe it can be usurped for unscrupulous uses (I think I just blew my “u” quota for the day<g>) .

If you’re wondering, that code came from the ICQ status request bit I coded up and blogged about here.

To solve it in my case, I went back to normal trust level.

Anyone know how you’d handle doing this in medium trust? 

Comments RSS Feed   Post a comment   Trackback URL   Share on Twitter   Share on Facebook

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*