Magnus Rahl
Feb 18, 2011
  4960
(0 votes)

Todays gotcha: Windows 7 assembly blocking

Yesterday I was playing with our new build server, trying to get it to run my fully-functional unit tests with code coverage analysis. Why that didn’t work is a different story, but in the progress of changing project settings and checking in updates something strange happened. Suddenly my local web site stopped working.

The error message

My local copy of the site with the web root set to my working folder for the project suddenly refused to start, prompting me with the yellow screen of death and this cryptic error message:

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.ReflectionPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
Source Error:

Mapper.CreateMap<OtherProject.ClientProxies.Core.Person, MyProject.ExternalDataAccess.DTO.Person>();

(In the example above, I removed all the lines except the one where it indicated failure, which was the first line of my AutoMapper bootstrapper.)

Troubleshooting

I started troubleshooting blindly, rolling back the project, cleaning, rebuilding, checking that all dependencies were copied on build etc. etc., but all looked fine. I then checked the trust settings of IIS in case they had been messed up. No luck there either.

After some time googling I decided to follow a vague tip about checking the properties of all assemblies that are references or other dependences. BOOM – at the very bottom of the properties dialog of the AutoMapper assembly was this message:

This file came from another computer and might be blocked to help protect this computer.

Why on earth Windows had suddenly decided that the assembly came from another computer (and what does that mean, don’t most assemblies come from other computers?) I had no Idea about. But luckily it left me the option to unblock the assembly. After doing so, and after deleting the copy in the bin folder letting the rebuild take a fresh copy the unblocked assembly and finally restarting IIS, the site came back to life.

Feb 18, 2011

Comments

Feb 20, 2011 02:11 PM

This typically happen if you download files using IE, and the site is not among the Trusted Sites (not many are).

I've seen this happen several times, when people deploy to production servers and download the new files by zipping them, sending an email to themselves, and open the email through the browser. The zip file has this blocked flag, and when using Windows Explorer to unzip, all files in the zip fill also be blocked (using 7zip or Winrar remove the block flag when unpacking.) I always check and remove that flag before I unzip anything.

This is especially nasty when you deploy only one new .dll, cause the error message may vary, depending on how that dll is loaded into memory.

Magnus Rahl
Magnus Rahl Feb 20, 2011 08:53 PM

Agreed, it's very deceitful because there's no special error message for this type of "security breach", it will simply depend on the first time anything from that assembly is requested. In my case the clues pointed clearly to AutoMapper, but It might as well have been something deeper within the call stack there. It should really have its own Exception type.

And the ways of assembly blocking must indeed be mysterious, because in my case the AutoMapper dll probably never even left the bin folder. My copy task in the project is set to only replace the files if they have been changed, and I never cleared the bin folder so a fresh copy shouldn't have occurred either. Absolutely no web, email or zipping involved.

Please login to comment.
Latest blogs
SNAT - Azure App Service socket exhaustion

Did you know that using HttpClient within a using statement can cause SNAT (Source Network Address Translation) port exhaustion? This can lead to...

Oleksandr Zvieriev | Sep 9, 2024

Micro front-ends are massive for Optimizely One

Optimizely products have evolved. Their new generation of products changes the game.

Mark Everard | Sep 9, 2024 | Syndicated blog

Micro front-ends are massive for Optimizely One

Optimizely products have evolved. Their new generation of products changes the game.   A multi-year journey for Optimizely. They have engineered...

Mark Everard | Sep 9, 2024 | Syndicated blog

Handling Nynorsk and Bokmål in Optimizely CMS

Warning: Blog post about Norwegian language handling (but might be applicable to other languages and/or use cases). Optimizely have flexible and...

Haakon Peder Haugsten | Sep 5, 2024

Remove Unwanted properties for Headless Implementation using Content Delivery API

While working with Headless, whenever we want to send data to the front end, many properties are also shown in JSON that we don't wish to, which...

PuneetGarg | Sep 4, 2024

Optimizely Headless Form Setup

1. Create empty CMS applications First, let’s setup an empty CMS application. Install the NuGet packages in your solution using the NuGet Package...

Linh Hoang | Sep 4, 2024