I am attempting to do a redirect in the Application_Error handler in Global.asax. Nothing fancy at all.
private void Application_Error(object sender, EventArgs e)
{
// ...snip...
Server.Transfer(somePath, false);
// ...snip...
}
This works great under Full trust, but I need to get it to work under Medium trust. The code I'm working on here needs to function properly in a shared hosting environment (Unfortunately, I have no control over this requirement).
However, when I configure the site as follows in our dev environment (XP Pro / IIS 5.1) for testing purposes:
<system.web>
<trust level="Medium"/>
</system.web>
It fails with the following error:
Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.** at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) at System.Security.CodeAccessPermission.Demand() at System.Web.HttpWorkerRequest.SendResponseFromMemory(IntPtr data, Int32 length) at System.Web.HttpWorkerRequest.SendResponseFromMemory(IntPtr data, Int32 length, Boolean isBufferFromUnmanagedPool) at System.Web.HttpResponseUnmanagedBufferElement. System.Web.IHttpResponseElement.Send(HttpWorkerRequest wr) at System.Web.HttpWriter.Send(HttpWorkerRequest wr) at System.Web.HttpResponse.Flush(Boolean finalFlush) at System.Web.HttpResponse.Flush() at System.Web.HttpResponse.End() at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm)
A couple of other things of note:
- This happens whether from Global.asax or from an HttpModule.
- This also happens with Response.Redirect(somePath).
Appreciate any insight you can provide. I have Googled my a$$ off over this, and no joy.
Thanks!
Best Answer
I was experiencing the same problem today, but I think I have found a passable work-around. It turns out that specifying the Response.Status code resolves this issue.
Unfortunately, if you debug the page, it appears that the SecurityPermissions error still occurs. I'm unsure as to how much of a problem this really is since the Server.Transfer will continue without error, and there is no noticeable affect to the user.
I would be interested to know if anyone has thoughts or opinions on the matter.