CAS prevents call to ConvertTo used by custom TypeConverter

Discussion in 'ASP .Net Building Controls' started by Jim, Oct 21, 2005.

  1. Jim

    Jim Guest

    Hi, I have a web control, that has a property (a collection of strings) with
    it's own editor and typeconverter.

    The problem is that the type converter has to ConvertTo an
    InstanceDescriptor at runtime, but calls InstanceDescriptor (seem to) require
    Unrestricted permission;


    (permview /decl System.dll yields

    Class System.ComponentModel.Design.Serialization.InstanceDescriptor
    LinktimeDemand permission set:
    <PermissionSet class="System.Security.PermissionSet"
    version="1"
    Unrestricted="true"/>
    )




    Also this page
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/aptcatypes.asp says;

    The following is a list of types within these APTCA decorated assemblies
    that are not callable by partially trusted code because they are decorated
    with one of the following declarative security attributes:

    [PermissionSet(SecurityAction.LinkDemand, Name="FullTrust")]
    ....for...
    System.ComponentModel.Design.Serialization.InstanceDescriptor




    I'm perplexed - CAS sounds like a nice idea but are you seriously telling me
    that no-one but FullTrust users can use my code because I have a custom type
    converter!

    Is there anyway around this?

    Thanks in advance
    Jim




    Here's my type converter

    class MyControlsCollectionConverter : TypeConverter
    {

    public override bool CanConvertFrom(ITypeDescriptorContext context, Type
    sourceType){
    if (sourceType == typeof(string)) return true;
    return false;
    }


    public override object ConvertFrom(ITypeDescriptorContext context,
    CultureInfo culture, object value) {
    if (value == null)
    return String.Empty;
    try{
    if (value.GetType() == typeof(string)){
    string[] IDs = ((string)value).Split(new char[]{','});
    MyControlsCollection r = new MyControlsCollection();
    for(int i=0; i<IDs.Length; i++)
    r.Add(IDs);
    return r;
    }
    return null;
    } catch (Exception f){
    throw GetConvertFromException(value+f.Message);
    }
    }

    public override bool CanConvertTo(ITypeDescriptorContext context, Type
    targetType){
    if (targetType == typeof(string) || targetType ==
    typeof(InstanceDescriptor)) return true;
    else return base.CanConvertTo(context, targetType);
    }

    ///<summary>Convert collection to string</summary>
    public override object ConvertTo(ITypeDescriptorContext context,
    CultureInfo culture, object value, Type targetType) {


    if(targetType == typeof(string)){

    string result = "";

    MyControlsCollection list = null;
    MyMainControl myMainControl = null;
    try{
    if(value!=null){
    list = (MyControlsCollection) value;
    if (context != null && context.Instance != null)
    myMainControl = ((MyMainControl)context.Instance);
    for(int i=0; i<list.Count; i++){
    result += list;
    if(i<list.Count-1) result+=",";
    }

    }
    } catch (Exception e){
    result="Internal error occured "+e.Message;
    throw new Exception("Error occured;"+e.Message);
    }

    return result;
    } else if (targetType == typeof(InstanceDescriptor)) {
    //sometimes it wants to convert collection to instance descriptor, so
    create an instance descriptor
    //using string constructor
    InstanceDescriptor desc = null;
    ConstructorInfo ci = typeof(MyControlsCollection).GetConstructor(new
    Type[]{typeof(string)});

    MyControlsCollection t = (MyControlsCollection) value;

    --------------->>>//fails because of this call
    if (ci!=null) desc = CreateInstanceDescriptor(ci, t);

    return desc;
    } else return base.ConvertTo(context,culture,value,targetType);

    }

    InstanceDescriptor CreateInstanceDescriptor(ConstructorInfo ci,
    MyControlsCollection t)
    {
    return new InstanceDescriptor(ci,new object[]{t.ToString()});
    }


    public override bool GetStandardValuesExclusive(ITypeDescriptorContext
    context)
    {return false;}

    public override bool GetStandardValuesSupported(ITypeDescriptorContext
    context)
    {return false;}
    }
    Jim, Oct 21, 2005
    #1
    1. Advertising

  2. Hi

    We have reviewed this issue and are currently researching on it. We will
    update you ASAP. Thanks for your patience!

    Kevin Yu
    =======
    "This posting is provided "AS IS" with no warranties, and confers no
    rights."
    Kevin Yu [MSFT], Oct 22, 2005
    #2
    1. Advertising

  3. Hi Jim,

    Welcome to ASPNET newsgroup.
    As for the problem on calling
    System.ComponentModel.Design.Serialization.InstanceDescriptor in custom
    webcontrol code, it's caused by the .NET CAS model. Since the
    System.ComponentModel.Design.Serialization.InstanceDescriptor class is
    defined as requiring the direct caller to be grant "FullTrust" permission,
    we must make sure that any assembly use this class has been configured as
    FullTrust. So for our custom asp.net web control, the custom control's
    assembly is the direct caller of the
    System.ComponentModel.Design.Serialization.InstanceDescriptor class, and
    since the webcontrol assembly will be loaded into ASP.NET application's
    appdomain, so the security trust level of our custom assembly will be
    determined by two things:

    1. If we can explicitly configure our custom control's assembly as
    "FullTrust" in CAS(by strong-name...), that'll be ok. Or alternatively we
    can also separate the code into another assembly which will be configured
    as "FullTrust" and [assembly:AllowPartiallyTrustedCallers]
    e.g.

    //non fulltrust
    MyControl.dll

    //using the InstanceDescriptor class and must have
    [assembly:AllowPartiallyTrustedCallers] and be configured as "FullTrust"
    in CAS
    MyControl.Design.dll

    attribute, then our main control assembly reference this assembly. Thus,
    the webcontrol can call the converter event being loaded in a non-fulltrust
    asp.net appdomain.

    2. If we don't grant our custom control assembly "FullTrust", we need to
    make sure the web application which load our custom control assembly be
    running under "Full" trust level, this is configured in machine.config or
    web.config's system.web/trust/@Level attribute, e.g:

    <trust level="Full" originUrl=""/>

    by default, asp.net application's trustLevel is configured as "Full",
    however, some public web host may have certain constrains on this.

    If you have anything unclear, please feel free to post here.

    Thanks,

    Steven Cheng
    Microsoft Online Support

    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)








    --------------------
    | Thread-Topic: CAS prevents call to ConvertTo used by custom TypeConverter
    | thread-index: AcXWjJpZEaRQkx7oTzmBQ22uluJxdg==
    | X-WBNR-Posting-Host: 70.68.236.247
    | From: =?Utf-8?B?Smlt?= <>
    | Subject: CAS prevents call to ConvertTo used by custom TypeConverter
    | Date: Fri, 21 Oct 2005 15:13:02 -0700
    | Lines: 144
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    | Newsgroups: microsoft.public.dotnet.framework.aspnet.buildingcontrols
    | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
    | Xref: TK2MSFTNGXA01.phx.gbl
    microsoft.public.dotnet.framework.aspnet.buildingcontrols:4369
    | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.buildingcontrols
    |
    | Hi, I have a web control, that has a property (a collection of strings)
    with
    | it's own editor and typeconverter.
    |
    | The problem is that the type converter has to ConvertTo an
    | InstanceDescriptor at runtime, but calls InstanceDescriptor (seem to)
    require
    | Unrestricted permission;
    |
    |
    | (permview /decl System.dll yields
    |
    | Class System.ComponentModel.Design.Serialization.InstanceDescriptor
    | LinktimeDemand permission set:
    | <PermissionSet class="System.Security.PermissionSet"
    | version="1"
    | Unrestricted="true"/>
    | )
    |
    |
    |
    |
    | Also this page
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
    ml/aptcatypes.asp says;
    |
    | The following is a list of types within these APTCA decorated assemblies
    | that are not callable by partially trusted code because they are
    decorated
    | with one of the following declarative security attributes:
    |
    | [PermissionSet(SecurityAction.LinkDemand, Name="FullTrust")]
    | ...for...
    | System.ComponentModel.Design.Serialization.InstanceDescriptor
    |
    |
    |
    |
    | I'm perplexed - CAS sounds like a nice idea but are you seriously telling
    me
    | that no-one but FullTrust users can use my code because I have a custom
    type
    | converter!
    |
    | Is there anyway around this?
    |
    | Thanks in advance
    | Jim
    |
    |
    |
    |
    | Here's my type converter
    |
    | class MyControlsCollectionConverter : TypeConverter
    | {
    |
    | public override bool CanConvertFrom(ITypeDescriptorContext context, Type
    | sourceType){
    | if (sourceType == typeof(string)) return true;
    | return false;
    | }
    |
    |
    | public override object ConvertFrom(ITypeDescriptorContext context,
    | CultureInfo culture, object value) {
    | if (value == null)
    | return String.Empty;
    | try{
    | if (value.GetType() == typeof(string)){
    | string[] IDs = ((string)value).Split(new char[]{','});
    | MyControlsCollection r = new MyControlsCollection();
    | for(int i=0; i<IDs.Length; i++)
    | r.Add(IDs);
    | return r;
    | }
    | return null;
    | } catch (Exception f){
    | throw GetConvertFromException(value+f.Message);
    | }
    | }
    |
    | public override bool CanConvertTo(ITypeDescriptorContext context, Type
    | targetType){
    | if (targetType == typeof(string) || targetType ==
    | typeof(InstanceDescriptor)) return true;
    | else return base.CanConvertTo(context, targetType);
    | }
    |
    | ///<summary>Convert collection to string</summary>
    | public override object ConvertTo(ITypeDescriptorContext context,
    | CultureInfo culture, object value, Type targetType) {
    |
    |
    | if(targetType == typeof(string)){
    |
    | string result = "";
    |
    | MyControlsCollection list = null;
    | MyMainControl myMainControl = null;
    | try{
    | if(value!=null){
    | list = (MyControlsCollection) value;
    | if (context != null && context.Instance != null)
    | myMainControl = ((MyMainControl)context.Instance);
    | for(int i=0; i<list.Count; i++){
    | result += list;
    | if(i<list.Count-1) result+=",";
    | }
    |
    | }
    | } catch (Exception e){
    | result="Internal error occured "+e.Message;
    | throw new Exception("Error occured;"+e.Message);
    | }
    |
    | return result;
    | } else if (targetType == typeof(InstanceDescriptor)) {
    | //sometimes it wants to convert collection to instance descriptor, so
    | create an instance descriptor
    | //using string constructor
    | InstanceDescriptor desc = null;
    | ConstructorInfo ci = typeof(MyControlsCollection).GetConstructor(new
    | Type[]{typeof(string)});
    |
    | MyControlsCollection t = (MyControlsCollection) value;
    |
    | --------------->>>//fails because of this call
    | if (ci!=null) desc = CreateInstanceDescriptor(ci, t);
    |
    | return desc;
    | } else return base.ConvertTo(context,culture,value,targetType);
    |
    | }
    |
    | InstanceDescriptor CreateInstanceDescriptor(ConstructorInfo ci,
    | MyControlsCollection t)
    | {
    | return new InstanceDescriptor(ci,new object[]{t.ToString()});
    | }
    |
    |
    | public override bool GetStandardValuesExclusive(ITypeDescriptorContext
    | context)
    | {return false;}
    |
    | public override bool GetStandardValuesSupported(ITypeDescriptorContext
    | context)
    | {return false;}
    | }
    |
    Steven Cheng[MSFT], Oct 24, 2005
    #3
  4. Jim

    Jim Guest

    Hi Steven, thanks for your detailed reply, however it doesn't really resolve
    the issue;

    1. Good idea, and this is something I was trying, however, I've found that
    the InstanceDescriptor code path is called even at runtime. In other words

    In the .ConvertTo method, this block:

    } else if (targetType == typeof(InstanceDescriptor)) {

    InstanceDescriptor desc = null;
    ConstructorInfo ci = typeof(MyControlsCollection).GetConstructor(new
    Type[]{typeof(string)});

    MyControlsCollection t = (MyControlsCollection) value;

    --------------->>>//fails because of this call
    if (ci!=null) desc = CreateInstanceDescriptor(ci, t);

    return desc;
    }

    is being called, so separating the designer code from the runtime assembly
    won't help. I'm not sure why the instance descriptor is being required (if
    this isnt normal) at runtime? For the record I also changed the CanConvertTo
    method to return false for InstanceDescriptor at runtime, I got an exception
    saying that the convertor couldnt convert to InstanceDescriptor...

    2. This is a commercial control, so we cannot always demand full trust.

    Any ideas;
    Is InstanceDescriptor usually a convert to target at runtime? - if not
    perhaps I've err'ed elsewhere?

    Thanks for your help.
    Jim


    "Steven Cheng[MSFT]" wrote:

    > Hi Jim,
    >
    > Welcome to ASPNET newsgroup.
    > As for the problem on calling
    > System.ComponentModel.Design.Serialization.InstanceDescriptor in custom
    > webcontrol code, it's caused by the .NET CAS model. Since the
    > System.ComponentModel.Design.Serialization.InstanceDescriptor class is
    > defined as requiring the direct caller to be grant "FullTrust" permission,
    > we must make sure that any assembly use this class has been configured as
    > FullTrust. So for our custom asp.net web control, the custom control's
    > assembly is the direct caller of the
    > System.ComponentModel.Design.Serialization.InstanceDescriptor class, and
    > since the webcontrol assembly will be loaded into ASP.NET application's
    > appdomain, so the security trust level of our custom assembly will be
    > determined by two things:
    >
    > 1. If we can explicitly configure our custom control's assembly as
    > "FullTrust" in CAS(by strong-name...), that'll be ok. Or alternatively we
    > can also separate the code into another assembly which will be configured
    > as "FullTrust" and [assembly:AllowPartiallyTrustedCallers]
    > e.g.
    >
    > //non fulltrust
    > MyControl.dll
    >
    > //using the InstanceDescriptor class and must have
    > [assembly:AllowPartiallyTrustedCallers] and be configured as "FullTrust"
    > in CAS
    > MyControl.Design.dll
    >
    > attribute, then our main control assembly reference this assembly. Thus,
    > the webcontrol can call the converter event being loaded in a non-fulltrust
    > asp.net appdomain.
    >
    > 2. If we don't grant our custom control assembly "FullTrust", we need to
    > make sure the web application which load our custom control assembly be
    > running under "Full" trust level, this is configured in machine.config or
    > web.config's system.web/trust/@Level attribute, e.g:
    >
    > <trust level="Full" originUrl=""/>
    >
    > by default, asp.net application's trustLevel is configured as "Full",
    > however, some public web host may have certain constrains on this.
    >
    > If you have anything unclear, please feel free to post here.
    >
    > Thanks,
    >
    > Steven Cheng
    > Microsoft Online Support
    >
    > Get Secure! www.microsoft.com/security
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >
    >
    >
    >
    >
    >
    >
    >
    > --------------------
    > | Thread-Topic: CAS prevents call to ConvertTo used by custom TypeConverter
    > | thread-index: AcXWjJpZEaRQkx7oTzmBQ22uluJxdg==
    > | X-WBNR-Posting-Host: 70.68.236.247
    > | From: =?Utf-8?B?Smlt?= <>
    > | Subject: CAS prevents call to ConvertTo used by custom TypeConverter
    > | Date: Fri, 21 Oct 2005 15:13:02 -0700
    > | Lines: 144
    > | Message-ID: <>
    > | MIME-Version: 1.0
    > | Content-Type: text/plain;
    > | charset="Utf-8"
    > | Content-Transfer-Encoding: 7bit
    > | X-Newsreader: Microsoft CDO for Windows 2000
    > | Content-Class: urn:content-classes:message
    > | Importance: normal
    > | Priority: normal
    > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    > | Newsgroups: microsoft.public.dotnet.framework.aspnet.buildingcontrols
    > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
    > | Xref: TK2MSFTNGXA01.phx.gbl
    > microsoft.public.dotnet.framework.aspnet.buildingcontrols:4369
    > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.buildingcontrols
    > |
    > | Hi, I have a web control, that has a property (a collection of strings)
    > with
    > | it's own editor and typeconverter.
    > |
    > | The problem is that the type converter has to ConvertTo an
    > | InstanceDescriptor at runtime, but calls InstanceDescriptor (seem to)
    > require
    > | Unrestricted permission;
    > |
    > |
    > | (permview /decl System.dll yields
    > |
    > | Class System.ComponentModel.Design.Serialization.InstanceDescriptor
    > | LinktimeDemand permission set:
    > | <PermissionSet class="System.Security.PermissionSet"
    > | version="1"
    > | Unrestricted="true"/>
    > | )
    > |
    > |
    > |
    > |
    > | Also this page
    > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
    > ml/aptcatypes.asp says;
    > |
    > | The following is a list of types within these APTCA decorated assemblies
    > | that are not callable by partially trusted code because they are
    > decorated
    > | with one of the following declarative security attributes:
    > |
    > | [PermissionSet(SecurityAction.LinkDemand, Name="FullTrust")]
    > | ...for...
    > | System.ComponentModel.Design.Serialization.InstanceDescriptor
    > |
    > |
    > |
    > |
    > | I'm perplexed - CAS sounds like a nice idea but are you seriously telling
    > me
    > | that no-one but FullTrust users can use my code because I have a custom
    > type
    > | converter!
    > |
    > | Is there anyway around this?
    > |
    > | Thanks in advance
    > | Jim
    > |
    > |
    > |
    > |
    > | Here's my type converter
    > |
    > | class MyControlsCollectionConverter : TypeConverter
    > | {
    > |
    > | public override bool CanConvertFrom(ITypeDescriptorContext context, Type
    > | sourceType){
    > | if (sourceType == typeof(string)) return true;
    > | return false;
    > | }
    > |
    > |
    > | public override object ConvertFrom(ITypeDescriptorContext context,
    > | CultureInfo culture, object value) {
    > | if (value == null)
    > | return String.Empty;
    > | try{
    > | if (value.GetType() == typeof(string)){
    > | string[] IDs = ((string)value).Split(new char[]{','});
    > | MyControlsCollection r = new MyControlsCollection();
    > | for(int i=0; i<IDs.Length; i++)
    > | r.Add(IDs);
    > | return r;
    > | }
    > | return null;
    > | } catch (Exception f){
    > | throw GetConvertFromException(value+f.Message);
    > | }
    > | }
    > |
    > | public override bool CanConvertTo(ITypeDescriptorContext context, Type
    > | targetType){
    > | if (targetType == typeof(string) || targetType ==
    > | typeof(InstanceDescriptor)) return true;
    > | else return base.CanConvertTo(context, targetType);
    > | }
    > |
    > | ///<summary>Convert collection to string</summary>
    > | public override object ConvertTo(ITypeDescriptorContext context,
    > | CultureInfo culture, object value, Type targetType) {
    > |
    > |
    > | if(targetType == typeof(string)){
    > |
    > | string result = "";
    > |
    > | MyControlsCollection list = null;
    > | MyMainControl myMainControl = null;
    > | try{
    > | if(value!=null){
    > | list = (MyControlsCollection) value;
    > | if (context != null && context.Instance != null)
    > | myMainControl = ((MyMainControl)context.Instance);
    > | for(int i=0; i<list.Count; i++){
    > | result += list;
    > | if(i<list.Count-1) result+=",";
    > | }
    > |
    > | }
    > | } catch (Exception e){
    > | result="Internal error occured "+e.Message;
    > | throw new Exception("Error occured;"+e.Message);
    > | }
    > |
    > | return result;
    > | } else if (targetType == typeof(InstanceDescriptor)) {
    > | //sometimes it wants to convert collection to instance descriptor, so
    > | create an instance descriptor
    > | //using string constructor
    > | InstanceDescriptor desc = null;
    > | ConstructorInfo ci = typeof(MyControlsCollection).GetConstructor(new
    > | Type[]{typeof(string)});
    > |
    > | MyControlsCollection t = (MyControlsCollection) value;
    > |
    > | --------------->>>//fails because of this call
    > | if (ci!=null) desc = CreateInstanceDescriptor(ci, t);
    > |
    > | return desc;
    > | } else return base.ConvertTo(context,culture,value,targetType);
    > |
    > | }
    > |
    > | InstanceDescriptor CreateInstanceDescriptor(ConstructorInfo ci,
    > | MyControlsCollection t)
    > | {
    > | return new InstanceDescriptor(ci,new object[]{t.ToString()});
    > | }
    > |
    > |
    > | public override bool GetStandardValuesExclusive(ITypeDescriptorContext
    > | context)
    > | {return false;}
    > |
    > | public override bool GetStandardValuesSupported(ITypeDescriptorContext
    > | context)
    > | {return false;}
    > | }
    > |
    >
    >
    Jim, Oct 24, 2005
    #4
  5. Thanks for your response Jim,

    If the runtime code also reference the InstanceDescriptor, I'm afraid we're
    limited to granting our assembly FullTrust permission(if can not avoid
    involving calling such classes). In fact, such component really need this
    trust level since it can do powerful operations (creating object instance
    dynamically) and it is mostly used in many fundamental classes such as the
    serizalier.... I think you may consider strong-named your webcontrol
    library and inform the user/admin to grant the sufficient permission (we
    can apply such attribute so as to let the end user use permview tool to
    check the required permissions) , just as the .NET's buildin assemblies
    do(grant fulltrust through strong-name...)

    Thanks,

    Steven Cheng
    Microsoft Online Support

    Get Secure! www.microsoft.com/security
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)
    --------------------
    | Thread-Topic: CAS prevents call to ConvertTo used by custom TypeConverter
    | thread-index: AcXYw4F//2cjrzoKRjelpc0yTJLnQQ==
    | X-WBNR-Posting-Host: 70.68.236.247
    | From: =?Utf-8?B?Smlt?= <>
    | References: <>
    <>
    | Subject: RE: CAS prevents call to ConvertTo used by custom TypeConverter
    | Date: Mon, 24 Oct 2005 10:51:05 -0700
    | Lines: 280
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    | Newsgroups: microsoft.public.dotnet.framework.aspnet.buildingcontrols
    | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
    | Xref: TK2MSFTNGXA01.phx.gbl
    microsoft.public.dotnet.framework.aspnet.buildingcontrols:4372
    | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.buildingcontrols
    |
    | Hi Steven, thanks for your detailed reply, however it doesn't really
    resolve
    | the issue;
    |
    | 1. Good idea, and this is something I was trying, however, I've found
    that
    | the InstanceDescriptor code path is called even at runtime. In other
    words
    |
    | In the .ConvertTo method, this block:
    |
    | } else if (targetType == typeof(InstanceDescriptor)) {
    |
    | InstanceDescriptor desc = null;
    | ConstructorInfo ci = typeof(MyControlsCollection).GetConstructor(new
    | Type[]{typeof(string)});
    |
    | MyControlsCollection t = (MyControlsCollection) value;
    |
    | --------------->>>//fails because of this call
    | if (ci!=null) desc = CreateInstanceDescriptor(ci, t);
    |
    | return desc;
    | }
    |
    | is being called, so separating the designer code from the runtime
    assembly
    | won't help. I'm not sure why the instance descriptor is being required
    (if
    | this isnt normal) at runtime? For the record I also changed the
    CanConvertTo
    | method to return false for InstanceDescriptor at runtime, I got an
    exception
    | saying that the convertor couldnt convert to InstanceDescriptor...
    |
    | 2. This is a commercial control, so we cannot always demand full trust.
    |
    | Any ideas;
    | Is InstanceDescriptor usually a convert to target at runtime? - if not
    | perhaps I've err'ed elsewhere?
    |
    | Thanks for your help.
    | Jim
    |
    |
    | "Steven Cheng[MSFT]" wrote:
    |
    | > Hi Jim,
    | >
    | > Welcome to ASPNET newsgroup.
    | > As for the problem on calling
    | > System.ComponentModel.Design.Serialization.InstanceDescriptor in custom
    | > webcontrol code, it's caused by the .NET CAS model. Since the
    | > System.ComponentModel.Design.Serialization.InstanceDescriptor class is
    | > defined as requiring the direct caller to be grant "FullTrust"
    permission,
    | > we must make sure that any assembly use this class has been configured
    as
    | > FullTrust. So for our custom asp.net web control, the custom
    control's
    | > assembly is the direct caller of the
    | > System.ComponentModel.Design.Serialization.InstanceDescriptor class,
    and
    | > since the webcontrol assembly will be loaded into ASP.NET application's
    | > appdomain, so the security trust level of our custom assembly will be
    | > determined by two things:
    | >
    | > 1. If we can explicitly configure our custom control's assembly as
    | > "FullTrust" in CAS(by strong-name...), that'll be ok. Or alternatively
    we
    | > can also separate the code into another assembly which will be
    configured
    | > as "FullTrust" and [assembly:AllowPartiallyTrustedCallers]
    | > e.g.
    | >
    | > //non fulltrust
    | > MyControl.dll
    | >
    | > //using the InstanceDescriptor class and must have
    | > [assembly:AllowPartiallyTrustedCallers] and be configured as
    "FullTrust"
    | > in CAS
    | > MyControl.Design.dll
    | >
    | > attribute, then our main control assembly reference this assembly.
    Thus,
    | > the webcontrol can call the converter event being loaded in a
    non-fulltrust
    | > asp.net appdomain.
    | >
    | > 2. If we don't grant our custom control assembly "FullTrust", we need
    to
    | > make sure the web application which load our custom control assembly be
    | > running under "Full" trust level, this is configured in machine.config
    or
    | > web.config's system.web/trust/@Level attribute, e.g:
    | >
    | > <trust level="Full" originUrl=""/>
    | >
    | > by default, asp.net application's trustLevel is configured as "Full",
    | > however, some public web host may have certain constrains on this.
    | >
    | > If you have anything unclear, please feel free to post here.
    | >
    | > Thanks,
    | >
    | > Steven Cheng
    | > Microsoft Online Support
    | >
    | > Get Secure! www.microsoft.com/security
    | > (This posting is provided "AS IS", with no warranties, and confers no
    | > rights.)
    | >
    | >
    | >
    | >
    | >
    | >
    | >
    | >
    | > --------------------
    | > | Thread-Topic: CAS prevents call to ConvertTo used by custom
    TypeConverter
    | > | thread-index: AcXWjJpZEaRQkx7oTzmBQ22uluJxdg==
    | > | X-WBNR-Posting-Host: 70.68.236.247
    | > | From: =?Utf-8?B?Smlt?= <>
    | > | Subject: CAS prevents call to ConvertTo used by custom TypeConverter
    | > | Date: Fri, 21 Oct 2005 15:13:02 -0700
    | > | Lines: 144
    | > | Message-ID: <>
    | > | MIME-Version: 1.0
    | > | Content-Type: text/plain;
    | > | charset="Utf-8"
    | > | Content-Transfer-Encoding: 7bit
    | > | X-Newsreader: Microsoft CDO for Windows 2000
    | > | Content-Class: urn:content-classes:message
    | > | Importance: normal
    | > | Priority: normal
    | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    | > | Newsgroups: microsoft.public.dotnet.framework.aspnet.buildingcontrols
    | > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    | > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
    | > | Xref: TK2MSFTNGXA01.phx.gbl
    | > microsoft.public.dotnet.framework.aspnet.buildingcontrols:4369
    | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.buildingcontrols
    | > |
    | > | Hi, I have a web control, that has a property (a collection of
    strings)
    | > with
    | > | it's own editor and typeconverter.
    | > |
    | > | The problem is that the type converter has to ConvertTo an
    | > | InstanceDescriptor at runtime, but calls InstanceDescriptor (seem to)
    | > require
    | > | Unrestricted permission;
    | > |
    | > |
    | > | (permview /decl System.dll yields
    | > |
    | > | Class System.ComponentModel.Design.Serialization.InstanceDescriptor
    | > | LinktimeDemand permission set:
    | > | <PermissionSet class="System.Security.PermissionSet"
    | > | version="1"
    | > | Unrestricted="true"/>
    | > | )
    | > |
    | > |
    | > |
    | > |
    | > | Also this page
    | >
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
    | > ml/aptcatypes.asp says;
    | > |
    | > | The following is a list of types within these APTCA decorated
    assemblies
    | > | that are not callable by partially trusted code because they are
    | > decorated
    | > | with one of the following declarative security attributes:
    | > |
    | > | [PermissionSet(SecurityAction.LinkDemand, Name="FullTrust")]
    | > | ...for...
    | > | System.ComponentModel.Design.Serialization.InstanceDescriptor
    | > |
    | > |
    | > |
    | > |
    | > | I'm perplexed - CAS sounds like a nice idea but are you seriously
    telling
    | > me
    | > | that no-one but FullTrust users can use my code because I have a
    custom
    | > type
    | > | converter!
    | > |
    | > | Is there anyway around this?
    | > |
    | > | Thanks in advance
    | > | Jim
    | > |
    | > |
    | > |
    | > |
    | > | Here's my type converter
    | > |
    | > | class MyControlsCollectionConverter : TypeConverter
    | > | {
    | > |
    | > | public override bool CanConvertFrom(ITypeDescriptorContext context,
    Type
    | > | sourceType){
    | > | if (sourceType == typeof(string)) return true;
    | > | return false;
    | > | }
    | > |
    | > |
    | > | public override object ConvertFrom(ITypeDescriptorContext context,
    | > | CultureInfo culture, object value) {
    | > | if (value == null)
    | > | return String.Empty;
    | > | try{
    | > | if (value.GetType() == typeof(string)){
    | > | string[] IDs = ((string)value).Split(new char[]{','});
    | > | MyControlsCollection r = new MyControlsCollection();
    | > | for(int i=0; i<IDs.Length; i++)
    | > | r.Add(IDs);
    | > | return r;
    | > | }
    | > | return null;
    | > | } catch (Exception f){
    | > | throw GetConvertFromException(value+f.Message);
    | > | }
    | > | }
    | > |
    | > | public override bool CanConvertTo(ITypeDescriptorContext context,
    Type
    | > | targetType){
    | > | if (targetType == typeof(string) || targetType ==
    | > | typeof(InstanceDescriptor)) return true;
    | > | else return base.CanConvertTo(context, targetType);
    | > | }
    | > |
    | > | ///<summary>Convert collection to string</summary>
    | > | public override object ConvertTo(ITypeDescriptorContext context,
    | > | CultureInfo culture, object value, Type targetType) {
    | > |
    | > |
    | > | if(targetType == typeof(string)){
    | > |
    | > | string result = "";
    | > |
    | > | MyControlsCollection list = null;
    | > | MyMainControl myMainControl = null;
    | > | try{
    | > | if(value!=null){
    | > | list = (MyControlsCollection) value;
    | > | if (context != null && context.Instance != null)
    | > | myMainControl = ((MyMainControl)context.Instance);
    | > | for(int i=0; i<list.Count; i++){
    | > | result += list;
    | > | if(i<list.Count-1) result+=",";
    | > | }
    | > |
    | > | }
    | > | } catch (Exception e){
    | > | result="Internal error occured "+e.Message;
    | > | throw new Exception("Error occured;"+e.Message);
    | > | }
    | > |
    | > | return result;
    | > | } else if (targetType == typeof(InstanceDescriptor)) {
    | > | //sometimes it wants to convert collection to instance descriptor,
    so
    | > | create an instance descriptor
    | > | //using string constructor
    | > | InstanceDescriptor desc = null;
    | > | ConstructorInfo ci =
    typeof(MyControlsCollection).GetConstructor(new
    | > | Type[]{typeof(string)});
    | > |
    | > | MyControlsCollection t = (MyControlsCollection) value;
    | > |
    | > | --------------->>>//fails because of this call
    | > | if (ci!=null) desc = CreateInstanceDescriptor(ci, t);
    | > |
    | > | return desc;
    | > | } else return base.ConvertTo(context,culture,value,targetType);
    | > |
    | > | }
    | > |
    | > | InstanceDescriptor CreateInstanceDescriptor(ConstructorInfo ci,
    | > | MyControlsCollection t)
    | > | {
    | > | return new InstanceDescriptor(ci,new object[]{t.ToString()});
    | > | }
    | > |
    | > |
    | > | public override bool
    GetStandardValuesExclusive(ITypeDescriptorContext
    | > | context)
    | > | {return false;}
    | > |
    | > | public override bool
    GetStandardValuesSupported(ITypeDescriptorContext
    | > | context)
    | > | {return false;}
    | > | }
    | > |
    | >
    | >
    |
    Steven Cheng[MSFT], Oct 25, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Christian
    Replies:
    1
    Views:
    466
    Gary Varga
    Jul 18, 2003
  2. Sky Sigal
    Replies:
    1
    Views:
    486
    Sky Sigal
    Jul 14, 2004
  3. cas in python

    , Jul 5, 2006, in forum: Python
    Replies:
    2
    Views:
    365
  4. Sky
    Replies:
    0
    Views:
    122
  5. Sky Sigal

    Help! custom TypeConverter/Persistence problems...

    Sky Sigal, Jul 13, 2004, in forum: ASP .Net Web Controls
    Replies:
    0
    Views:
    146
    Sky Sigal
    Jul 13, 2004
Loading...

Share This Page