mattjohnsonpint
commented
8 years ago Thanks, but it feels more like this is an issue with JSON.Net. It should probably be discussed there. I'm not too keen on getting into custom parsing routines in this library.
I found only one issue about ReflectionPermission, in JamesNK/Newtonsoft.Json#476. It looks like some stuff was changed to make this easier. Try upgrading to the latest JSON.Net to see if it's still an issue. Thanks.
When I found this project, I tried using it in a security-restricted application, but the JsonConvert.DeserializeObject() kept getting an exception saying the request for ReflectionPermission had failed. Since security is very important to me, I decided to expand the parsing code to better handle the case when the DeserializeObject() function gets an exception. When this happens, it will try an alternative method which uses a function I just wrote to manually parse the JSON into a string dictionary. While I am not positive the function handles all possible cases, I was pretty careful with the logic, and I certainly did test it with various strings to make sure nothing is obviously wrong with it. A key thing to note here is that this new function comes into effect only if the original approach gets an exception. Hence, for those users with ReflectionPermission enabled, there should be no functional or performance difference whatsoever.