Closed s-bauer closed 5 years ago
@s-bauer You are creating new exception. Would going back and using old exception solve the problem? It would probably be better legacy support...
@ENikS Sorry, but I don't quite understand what you mean
@ENikS Ok, so I'm still using the same exception, just a different way of serializing and deserializing the exception. The other solution would be to either remove the GetObjectData
completely or remove the SecurityTransparent
assembly attribute. I think both of them would cause more trouble than the current solution.
Thank you for your help. Perhaps you could take look at other issues?
@ENikS Sure, now I'm already familiar with the project. You can expect several PRs in the future!
The
Unity.RegistrationByConvention
assembly is marked asSecurityTransparent
, meaning I cannot add the SecurityCriticalAttribute at theGetObjectData
method (or at least it has no effect).For .NET Framework there is a
ISafeSerializationData
Interface with which the Serialization can be handled without needing to deal with SecurityPermissions. This is however not supported in .NET Core so I just excluded it using compiler flag.I also added a Limited PermissionSet test which is going to run the Serialization/Deserialization process with a very limited permission set.
In addition I fixed the test, so they are executed for all .NET versions. Thanks to @GreenKn1ght and his commit https://github.com/GreenKn1ght/registration-by-convention/commit/538f3e6d8257521c83cf8ca05897654c1881c0d8
Let me know if you have any concerns or questions!