D
Dave Keen
Hi all
I am writing a webpage which asks the user for the name of a picture
file, then reads the file, resizes if necessary and saves it to the
server. The code to read the file is...
' Set permissions for loaded file.
Dim FileIOPerm1 As
System.Security.Permissions.FileIOPermission
FileIOPerm1 = New
System.Security.Permissions.FileIOPermission(PermissionState.Unrestricted,
Me.File1.PostedFile.FileName())
FileIOPerm1.AllLocalFiles =
FileIOPermissionAccess.AllAccess
FileIOPerm1.Assert()
' Load file into memory.
Dim FullSizeImage As System.Drawing.Image
FullSizeImage =
System.Drawing.Image.FromFile(Me.File1.PostedFile.FileName())
Me.File1.PostedFile.FileName() holds the file name, which has the full
path, is valid and can be anywhere locally. This all works fine on my
development machine (without the need for the FileIOPermission object)
running direct from VS2003, but when run from the web I get the
following error...
Request for the permission of type
System.Security.Permissions.FileIOPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
failed.
Now I can see the value of not making it easy to see local files from
any old webpage, so my question is how can this be achieved? As a
model I am thinking of Hotmail, where you can specfiy files as
attachments without going through any security hoops.
Thanks in advance.
Dave
I am writing a webpage which asks the user for the name of a picture
file, then reads the file, resizes if necessary and saves it to the
server. The code to read the file is...
' Set permissions for loaded file.
Dim FileIOPerm1 As
System.Security.Permissions.FileIOPermission
FileIOPerm1 = New
System.Security.Permissions.FileIOPermission(PermissionState.Unrestricted,
Me.File1.PostedFile.FileName())
FileIOPerm1.AllLocalFiles =
FileIOPermissionAccess.AllAccess
FileIOPerm1.Assert()
' Load file into memory.
Dim FullSizeImage As System.Drawing.Image
FullSizeImage =
System.Drawing.Image.FromFile(Me.File1.PostedFile.FileName())
Me.File1.PostedFile.FileName() holds the file name, which has the full
path, is valid and can be anywhere locally. This all works fine on my
development machine (without the need for the FileIOPermission object)
running direct from VS2003, but when run from the web I get the
following error...
Request for the permission of type
System.Security.Permissions.FileIOPermission, mscorlib,
Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
failed.
Now I can see the value of not making it easy to see local files from
any old webpage, so my question is how can this be achieved? As a
model I am thinking of Hotmail, where you can specfiy files as
attachments without going through any security hoops.
Thanks in advance.
Dave