image upload ysod

Topics: Business Logic Layer
Feb 23, 2011 at 3:46 AM

ya know that old addage about assume... Well I tested a blog post inserting images with the tinymce editor on an early localy hosted test site with web matrix iis express and the XML blog provider. It worked. I've configured for SQL blog provider now, deployed the site and published a post without images using wlw. That worked. I just tried posting an article with images using wlw and got erros so thought I would step back and try to add an image with the tinymce editor. I received the Yellow Screen of Death. So between switching to the SQL blog provider and more likely deploying the site to my hosting provider I've broken the image upload. It also occurs to me this problem may be related to a problem I'm having with the right hand side bar BlogRoll widget. See:

I have checked to see that the App_Data folder has write permissions. - several times. My hosting provider is using cpanel. I did create an ftp account that points to a folder I created in App_Data and I can upload immages. I'm not having any skill configuring the ftp / wlw with the site ( I have the site configured for 2.0 integrated pipeline in cpanel.

Considering this in the error below: "... SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission ... " It sure seems like a writer permission in the App_Data folder but I duno....



Security Exception 
Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. 

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error: 

[No relevant source lines]

Source File: App_Web_weu1lioy.3.cs    Line: 0 

Stack Trace: 

[SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
   System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
   System.Security.CodeAccessPermission.Demand() +58
   System.IO.Directory.InternalCreateDirectory(String fullPath, String path, DirectorySecurity dirSecurity) +595
   System.IO.Directory.CreateDirectory(String path, DirectorySecurity directorySecurity) +150
   System.IO.Directory.CreateDirectory(String path) +6
   Admin.Posts.AddEntry.Upload(String virtualFolder, FileUpload control, String fileName) in Add_entry.aspx.cs:354
   Admin.Posts.AddEntry.BtnUploadImageClick(Object sender, EventArgs e) in Add_entry.aspx.cs:440
   System.Web.UI.WebControls.Button.OnClick(EventArgs e) +111
   System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +110
   System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +10
   System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +13
   System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +36
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6785
   System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +242
   System.Web.UI.Page.ProcessRequest() +80
   System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +21
   System.Web.UI.Page.ProcessRequest(HttpContext context) +49
   ASP.admin_posts_add_entry_aspx.ProcessRequest(HttpContext context) in App_Web_weu1lioy.3.cs:0
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +181
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75


Version Information: Microsoft .NET Framework Version:2.0.50727.3615; ASP.NET Version:2.0.50727.5053 



Feb 23, 2011 at 5:30 AM

googleing around I found this: 

After reading this I made the directory structure under App_Data /files/2011/2 and tried a post again with an image. It worked!

That's nice, but I don't know how to fix this short of a lot of file path creation to cover the next few months... ;-) In reading the mentioned article it appears to possiblly be a problem with the ms .net version.

Perhaps I should try converting to .net 4 ?

Feb 23, 2011 at 8:10 AM

That's good you found that.  You could try explicitly setting the trust level to Full in your web.config file (in the <system.web> section):

	<trust level="Full" />

That may or may not work, depending on the security settings of where your blog is hosted.  If it doesn't work, you could try putting "Medium" there in place of "Full".

Feb 23, 2011 at 8:23 PM

I have that problem, which I believe is an MS issue which occurs with clustered hosts. Not sure if you're on a cluster there, but I am, and that's precisely the issue. Create yourself a directory each month and the problem goes away.

You can't run .net 4 on Rackspace Cloud (well, they have a Beta, but that's no good for production sites...). I don't therefore know if it's fixed in 4.0.

Feb 23, 2011 at 8:43 PM

Hi Philw

Thanks for the comments. Yes I'm on a cluster.

I'm also having a problem with the BlogRoll widget See: 

I'm wondering if you use the BloggRoll widget on your site you mentioned has similar dificulty?  

What version of be are you using where you have the problem similar to mine?

I'm trying to determine if the img upload and the BlogRoll widget are related.


Feb 23, 2011 at 10:55 PM


I asked my hosting provider to allow Full trust since their security policy didn't allow the overide. Which they kindly did. The image upload problem began working and so did the BlogRoll widget problem I wrote about here: 

The tech wrote: "... set it to full trust. The server is configured with a custom default config that is closer to medium trust..."

Thank you all for the help. I <heart> blogengine and the blogengine community.

 - jeffa