I am trying to host a windows forms control in C# inside an html page and then host that web page in IIS in order to be accessible by other client machines.
The problem is: the user control uses some unmanaged code, which triggers a SecurityPermissionException
when accessing using another machine.
I've managed to dumb down my code to an elementary example in order to pinpoint the error and I just can't seem to find an answer to this.
Here's my user control:
// To handle strong named assembly
[assembly: AllowPartiallyTrustedCallers]
namespace WinFormsHTMLControl
{
[SecurityPermissionAttribute(SecurityAction.Assert, UnmanagedCode = true)] // to allow assertions regarding unmanaged code permissions
public partial class HelloWorldControl : UserControl
{
#region Methods/Consts for Embedding a Window
[DllImport("user32.dll", SetLastError = true)]
private sta开发者_如何转开发tic extern IntPtr FindWindow(string lpClassName, string lpWindowName);
#endregion
public HelloWorldControl()
{
InitializeComponent();
}
private void btnClick_Click(object sender, EventArgs e)
{
new SecurityPermission(PermissionState.Unrestricted).Assert();
IntPtr picBoxHandle = FindWindow("IEFrame", "Internet Explorer");
lblMessage.Text = picBoxHandle.ToString();
SecurityPermission.RevertAssert();
}
}
}
I've signed the assembly with a key, I've created a Permission Set in .NET Configuration Tool in order to grant acess to unmanaged code, and created a CodeGroup
pointing to the strong key used to name the assembly.
I've also created an MSI in order to copy these settings to other machines (i've done this both at Enterprise and Machine levels).
Despite all this, this code still triggers a SecurityPermissionException
when I click the button...
Am I missing something here?
IE is sandboxed and you're trying to perform an operation that you can't perform-- ie, calling directly into user32 from a website. Imagine how dangerous the internet would be if anybody could do that on any website. Your core architecture is flawed.
精彩评论