Hi,
I'm having trouble with the new .NET 4 security-transparent code, level 2. I'm upgrading my ASP.NET 3.5 web application which uses XSLT with Extension Objects. In .NET 4 the transform causes a SecurityException, after lots of research it appears this exception has to do with the new transparent code, level 2.
As a fix I now have this in my own assembly:
[assembly: SecurityRules(SecurityRuleSet.Level1)]
That works, but on MSDN I read it's not the recommended way (I should use the .NET 4 way, ie. Level2). I can't find what the recommended fix for this is, Level2 always causes the SecurityException. Isn't the problem in System.Xml.dll which contains the XSLT transformation functions? Shouldn't that library allow partially trusted callers?
What do I have to do to use it with Level2 security?
Thanks
ps. this is the exception:
[SecurityException: Request failed.]
System.RuntimeMethodHandle.PerformSecurityCheck(Object obj, RuntimeMethodHandleInternal method, RuntimeType parent, UInt32 invocationFlags) +0
System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks) +323
System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) +38
System.Reflection.MethodBase.Invoke(Object obj, Object[] parameters) +35
System.Xml.Xsl.XsltOld.FuncExtension.Invoke(XsltContext xsltContext, Object[] args, XPathNavigator docContext) +164
MS.Internal.Xml.XPath.FunctionQuery.Evaluate(XPathNodeIterator nodeIterator) +430