Xml反序列化在中等信任级别失败
我们的网站托管在中等信任级别,但托管提供商拒绝给予我们完全信任。我们的代码尝试使用以下代码片段反序列化代码,但失败并出现反射权限错误。调试时,我收到“XML 文档中存在错误 (71, 6)”。错误。在完全信任的情况下它工作得非常好。在我们决定转向完全信任的托管提供商之前,请有人建议我如何解决这个问题。
public static T Decrypt<T>(Stream stream)
{
Rijndael rij = Rijndael.Create();
rij.Key = key;
rij.IV = iv;
T obj = default(T); // assigns null if T is a reference type, or 0 (zero) for value types
using (CryptoStream cs = new CryptoStream(stream, rij.CreateDecryptor(), CryptoStreamMode.Read))
{
using (GZipStream zs = new GZipStream(cs, CompressionMode.Decompress))
{
XmlSerializer xs = new XmlSerializer(typeof(T));
obj = (T)xs.Deserialize(zs);
zs.Close();
}
cs.Close();
}
return obj;
}
We have our site hosted in medium trust level and the hosting provider has refused to give us full trust. Our code tries to deserialize code using following code snippet but fails with the reflectionpermission error. Upon debug I get "There is an error in XML document (71, 6)." error. It works perfectly fine in full trust. Please someone advice how I can solve this problem before we decide to move to full trust hosting provider.
public static T Decrypt<T>(Stream stream)
{
Rijndael rij = Rijndael.Create();
rij.Key = key;
rij.IV = iv;
T obj = default(T); // assigns null if T is a reference type, or 0 (zero) for value types
using (CryptoStream cs = new CryptoStream(stream, rij.CreateDecryptor(), CryptoStreamMode.Read))
{
using (GZipStream zs = new GZipStream(cs, CompressionMode.Decompress))
{
XmlSerializer xs = new XmlSerializer(typeof(T));
obj = (T)xs.Deserialize(zs);
zs.Close();
}
cs.Close();
}
return obj;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
打开项目属性并将“生成序列化程序集”设置为“打开”。这将使编译器在编译时生成序列化程序集,而不是动态生成。只需确保部署序列化程序集即可。
Open the project properties and set "Generate serialization assembly" to "on". This will make the compiler generate serialization assemblies at compile-time instead of on the fly. Just make sure to deploy the serialization assemblies.