如何向 html 中托管的 Windows 窗体授予非托管代码访问权限?
我正在尝试在 html 页面内托管 C# 中的 Windows 窗体控件,然后在 IIS 中托管该网页,以便其他客户端计算机可以访问。 问题是:用户控件使用了一些非托管代码,当使用另一台机器访问时会触发SecurityPermissionException
。
我已经设法将我的代码简化为一个基本示例,以便查明错误,但我似乎找不到答案。
这是我的用户控件:
// To handle strong named assembly
[assembly: AllowPartiallyTrustedCallers]
namespace WinFormsHTMLControl
{
[SecurityPermissionAttribute(SecurityAction.Assert, UnmanagedCode = true)] // to allow assertions regarding unmanaged code permissions
public partial class HelloWorldControl : UserControl
{
#region Methods/Consts for Embedding a Window
[DllImport("user32.dll", SetLastError = true)]
private static extern IntPtr FindWindow(string lpClassName, string lpWindowName);
#endregion
public HelloWorldControl()
{
InitializeComponent();
}
private void btnClick_Click(object sender, EventArgs e)
{
new SecurityPermission(PermissionState.Unrestricted).Assert();
IntPtr picBoxHandle = FindWindow("IEFrame", "Internet Explorer");
lblMessage.Text = picBoxHandle.ToString();
SecurityPermission.RevertAssert();
}
}
}
我已经使用密钥对程序集进行了签名,我在 .NET 配置工具中创建了一个权限集以授予对非托管代码的访问权限,并创建了一个指向用于命名程序集的强键。 我还创建了一个 MSI,以便将这些设置复制到其他计算机(我已在企业级和计算机级执行此操作)。
尽管如此,当我单击按钮时,此代码仍然会触发 SecurityPermissionException
...
我在这里遗漏了什么吗?
I am trying to host a windows forms control in C# inside an html page and then host that web page in IIS in order to be accessible by other client machines.
The problem is: the user control uses some unmanaged code, which triggers a SecurityPermissionException
when accessing using another machine.
I've managed to dumb down my code to an elementary example in order to pinpoint the error and I just can't seem to find an answer to this.
Here's my user control:
// To handle strong named assembly
[assembly: AllowPartiallyTrustedCallers]
namespace WinFormsHTMLControl
{
[SecurityPermissionAttribute(SecurityAction.Assert, UnmanagedCode = true)] // to allow assertions regarding unmanaged code permissions
public partial class HelloWorldControl : UserControl
{
#region Methods/Consts for Embedding a Window
[DllImport("user32.dll", SetLastError = true)]
private static extern IntPtr FindWindow(string lpClassName, string lpWindowName);
#endregion
public HelloWorldControl()
{
InitializeComponent();
}
private void btnClick_Click(object sender, EventArgs e)
{
new SecurityPermission(PermissionState.Unrestricted).Assert();
IntPtr picBoxHandle = FindWindow("IEFrame", "Internet Explorer");
lblMessage.Text = picBoxHandle.ToString();
SecurityPermission.RevertAssert();
}
}
}
I've signed the assembly with a key, I've created a Permission Set in .NET Configuration Tool in order to grant acess to unmanaged code, and created a CodeGroup
pointing to the strong key used to name the assembly.
I've also created an MSI in order to copy these settings to other machines (i've done this both at Enterprise and Machine levels).
Despite all this, this code still triggers a SecurityPermissionException
when I click the button...
Am I missing something here?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
IE 是沙盒的,并且您正在尝试执行无法执行的操作,即从网站直接调用 user32。想象一下,如果任何人都可以在任何网站上这样做,那么互联网将会多么危险。你的核心架构有缺陷。
IE is sandboxed and you're trying to perform an operation that you can't perform-- ie, calling directly into user32 from a website. Imagine how dangerous the internet would be if anybody could do that on any website. Your core architecture is flawed.