Security Exception with Insert Image

Last post 09-20-2006, 2:44 PM by Adam. 6 replies.
Sort Posts: Previous Next
  •  09-12-2006, 7:03 PM 22637

    Security Exception with Insert Image

    Hi,

    Having some massive headache with this.

    When running on the production server, the insert image dialog works fine as long as there are no files in the uploads folder... i know, sounds silly.

    As soon as there's 1 single image in the uploads folder it crashes with a "security exception". You remove the file and bang, it's "working" again.

    Editor is 5.2 (or 5.3)
    uploads folder is the default folder
    Asp.Net account has full access to the folder.

    I've tried adding a CuteEditorTempPath setting in the web.config file (and asp.net account as full access to that folder).

    I believe the hosting uses Medium trust, but really that should allow to browse some files shouldn't it?

    Any idea? Has anybody come around this problem and has a solution to it?

    Hope someone can help.

    Cheers

    Ben
  •  09-12-2006, 7:34 PM 22639 in reply to 22637

    Re: Security Exception with Insert Image

    Ben,
     
    It's strange.
     
    Have you contacted the host of your web server and let them know this issue?
     
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

  •  09-12-2006, 7:52 PM 22640 in reply to 22639

    Re: Security Exception with Insert Image

    Hi Adam,

    Yes it is a bit strange. I've sent a request to the host to check that all access rights are enforced, waiting on that. But as far as i know they did change it.

    Apart from the Temp folder (or the one listed in CuteEditorTempPath setting), does it need access to another folder?

    Ben

  •  09-12-2006, 7:57 PM 22641 in reply to 22640

    Re: Security Exception with Insert Image

    Ben,
     
    >>Apart from the Temp folder (or the one listed in CuteEditorTempPath setting), does it need access to another folder?
     
    No.
     
    Please check your .net framework version as well.  If you are using .net framework 2.0, please use the CuteEditor.dll for .net 2.0.
     
    I also suggest you upgrade your version 5.2 to the latest build of version 5.3.
     
     

     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

  •  09-12-2006, 8:22 PM 22644 in reply to 22641

    Re: Security Exception with Insert Image

    I've checked the version, it's 5.3.

    Framework used is 1.1, and the error is reported as a 1.1. framework error.

    I'll post again when I get a reply from the host.

    If anyone else had that issue, please reply!

    Ben

  •  09-19-2006, 7:45 PM 22836 in reply to 22641

    Re: Security Exception with Insert Image

    Hi again,

    i'm back with more. I've talked to the hosting company and all the rights are sets correctly.
    I've created the CuteEditorTemp folder and added the CuteEditorTempPath key to to web config. The aspnet account has write access.
    If I open the Insert Image dialog, it comes up fine while the directory is empty.
    I select a file and upload. The actual upload works fine and the file goes into the /upload folder (I can see it via FTP).

    But when the page reloads, and as long as a file remains in the folder, i get a Security Exception error.
    If I remove the file (via FTP), then the dialog runs fine.

    Trust Level is medium, but that shouldn't be a problem to what I read.

    Here's all the details I can give about the exception - if that can be of any help:

    Exception Details: System.Security.SecurityException: Request for the permission of type System.Security.Permissions.SecurityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.

    Source Error:

    Line 25: 	</HEAD>
    Line 26: <body>
    Line 27: <form runat="server" enctype="multipart/form-data" id="Form1">
    Line 28: <!-- start hidden -->
    Line 29: <script>

    Source File: e:\inetpub\esvc000273\CuteSoft_Client\CuteEditor\Dialogs\Gecko_InsertImage.Frame.Aspx    Line: 27

    Stack Trace:

    [SecurityException: Request for the permission of type System.Security.Permissions.SecurityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.]
    System.Security.CodeAccessSecurityEngine.CheckHelper(PermissionSet grantedSet, PermissionSet deniedSet, CodeAccessPermission demand, PermissionToken permToken) +675
    System.Security.CodeAccessSecurityEngine.Check(PermissionToken permToken, CodeAccessPermission demand, StackCrawlMark& stackMark, Int32 checkFrames, Int32 unrestrictedOverride) +0
    System.Security.CodeAccessSecurityEngine.Check(CodeAccessPermission cap, StackCrawlMark& stackMark, PermissionType permType) +140
    System.Security.CodeAccessPermission.DemandInternal(PermissionType permissionType) +229
    System.Runtime.Serialization.Formatters.Binary.ObjectWriter.Serialize(Object graph, Header[] inHeaders, __BinaryWriter serWriter, Boolean fCheck) +41
    System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Serialize(Stream serializationStream, Object graph, Header[] headers, Boolean fCheck) +136
    System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Serialize(Stream serializationStream, Object graph) +13
    System.Web.UI.LosFormatter.SerializeValue(TextWriter output, Object value) +1418
    System.Web.UI.LosFormatter.SerializeValue(TextWriter output, Object value) +430
    System.Web.UI.LosFormatter.SerializeValue(TextWriter output, Object value) +430
    System.Web.UI.LosFormatter.SerializeValue(TextWriter output, Object value) +764
    System.Web.UI.LosFormatter.SerializeValue(TextWriter output, Object value) +847
    System.Web.UI.LosFormatter.SerializeValue(TextWriter output, Object value) +872
    System.Web.UI.LosFormatter.SerializeInternal(TextWriter output, Object value) +102
    System.Web.UI.Page.OnFormRender(HtmlTextWriter writer, String formUniqueID) +143
    System.Web.UI.HtmlControls.HtmlForm.RenderChildren(HtmlTextWriter writer) +35
    System.Web.UI.HtmlControls.HtmlForm.Render(HtmlTextWriter output) +262
    System.Web.UI.Control.RenderControl(HtmlTextWriter writer) +243
    ASP.Gecko_InsertImage_Frame_aspx.__Render__control1(HtmlTextWriter __output, Control parameterContainer) in e:\inetpub\esvc000273\CuteSoft_Client\CuteEditor\Dialogs\Gecko_InsertImage.Frame.Aspx:27
    System.Web.UI.Control.RenderChildren(HtmlTextWriter writer) +27
    System.Web.UI.Control.Render(HtmlTextWriter writer) +7
    CuteEditor.EditorUtilityPage.Render(HtmlTextWriter writer) +98
    System.Web.UI.Control.RenderControl(HtmlTextWriter writer) +243
    System.Web.UI.Page.ProcessRequestMain() +2112
    System.Web.UI.Page.ProcessRequest() +217
    System.Web.UI.Page.ProcessRequest(HttpContext context) +18
    System.Web.CallHandlerExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute() +179
    System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +87


    Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300

    Hellllllllllllllllllp Please

    Ben

  •  09-20-2006, 2:44 PM 22866 in reply to 22836

    Re: Security Exception with Insert Image

    Ben,
     
    Please set up FTP access to your server and send it to us. It's a very strange issue.
     
     
     

    asp.net Chat http://cutesoft.net/ASP.NET+Chat/default.aspx
    Web Messenger: http://cutesoft.net/Web-Messenger/default.aspx
    asp.net wysiwyg editor: http://cutesoft.net/ASP.NET+WYSIWYG+Editor/default.aspx
    asp wysiwyg html editor: http://cutesoft.net/ASP
    asp.net Image Gallery: http://cutesoft.net/ASP.NET+Image+Gallery/default.aspx
    Live Support: http://cutesoft.net/live-support/default.aspx

View as RSS news feed in XML