Unable to download from HTTPS site using Assembly.LoadFrom

Unable to download from HTTPS site using Assembly.LoadFrom

眼眸 发布于 2021-11-26 字数 1584 浏览 842 回复 1 原文

Unable to use HTTPS path in Assembly.LoadFrom.

Tried using TrustAllCertificatePolicy class too and it didn't work.

I have given fulltrust to server using caspol from the client machine. The same URL works with ssl disabled. It does not work for ssl enabled. please help.

The exception is:

System.IO.FileLoadException: Security problem encountered when connecting to URL for 'https://ip/tasks/tasks.dll'. File name: 'https://ip/tasks/tasks.dll'    
at System.Reflection.Assembly.nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity,
     Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection)    
at System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, 
    StackCrawlMark& stackMark, Boolean forIntrospection)    
at System.Reflection.Assembly.InternalLoadFrom(String assemblyFile, Evidence securityEvidence, 
    Byte[] hashValue, AssemblyHashAlgorithm hashAlgorithm, Boolean forIntrospection, StackCrawlMark& stackMark)    
at System.Reflection.Assembly.LoadFrom(String assemblyFile, Evidence securityEvidence)    
    WRN: Assembly binding logging is turned OFF. To enable assembly bind failure logging, set the registry value 
    [HKLMSoftwareMicrosoftFusion!EnableLog] (DWORD) to 1. Note: There is some performance penalty associated 
    with assembly bind failure logging. To turn this feature off, remove the registry value 

如果你对这篇文章有疑问,欢迎到本站 社区 发帖提问或使用手Q扫描下方二维码加群参与讨论,获取更多帮助。



需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。


不即不离 2022-06-07 1 楼

Code Access Security will block execution of code from http and https locations into normal (full rights access).

You wll need to create a new AppDomain (and possibly remotable/serializable types to span the app domain boundary), with CAS settings in the AppDomain to run with the Internet permission set. This will avoid the downloaded code from modifying the local machine.

You could of course create a custom permission set to allow more access if you really trust the remote code (and everyone who can, or will be able to, modify it).