<loadFromRemoteSources > 元素<loadFromRemoteSources> element

指定是否应为从远程源加载的程序集授予完全信任在.NET Framework 4 及更高版本。Specifies whether assemblies loaded from remote sources should be granted full trust in .NET Framework 4 and later.

备注

如果你已由于中的 Visual Studio 项目错误列表或生成错误的错误消息定向到这篇文章,请参阅如何:使用 Visual Studio 中的程序集从 WebIf you were directed to this article because of an error message in the Visual Studio project error list or a build error, see How to: Use an Assembly from the Web in Visual Studio.

<configuration><configuration>
<运行时 ><runtime>
<loadFromRemoteSources><loadFromRemoteSources>

语法Syntax

<loadFromRemoteSources    
   enabled="true|false"/>  

特性和元素Attributes and elements

下列各节描述了特性、子元素和父元素。The following sections describe attributes, child elements, and parent elements.

特性Attributes

特性Attribute 描述Description
enabled 必需的特性。Required attribute.

指定是否应为从远程源加载的程序集授予完全信任。Specifies whether an assembly that is loaded from a remote source should be granted full trust.

已启用的属性enabled attribute

“值”Value 描述Description
false 不要授予完全信任应用程序从远程源。Do not grant full trust to applications from remote sources. 这是默认设置。This is the default.
true 从远程源向应用程序授予完全信任。Grant full trust to applications from remote sources.

子元素Child elements

无。None.

父元素Parent elements

元素Element 描述Description
configuration 公共语言运行时和 .NET Framework 应用程序所使用的每个配置文件中的根元素。The root element in every configuration file used by the common language runtime and .NET Framework applications.
runtime 包含有关运行时初始化选项的信息。Contains information about runtime initialization options.

备注Remarks

在.NET Framework 3.5 和更早版本中,如果从远程位置,加载程序集则在程序集中的代码运行时中以部分信任方式取决于从中加载该区域的授予集。In the .NET Framework 3.5 and earlier versions, if you load an assembly from a remote location, code in the assembly runs in partial trust with a grant set that depends on the zone from which it is loaded. 例如,如果从网站加载程序集,它将加载到 Internet 区域,并向其授予 Internet 权限集。For example, if you load an assembly from a website, it is loaded into the Internet zone and granted the Internet permission set. 换而言之,它将执行在 Internet 沙箱中。In other words, it executes in an Internet sandbox.

从.NET Framework 4 开始,已禁用代码访问安全性 (CAS) 策略和程序集被加载到完全信任。Starting with the .NET Framework 4, code access security (CAS) policy is disabled and assemblies are loaded in full trust. 通常,这会向与加载的程序集授予完全信任Assembly.LoadFrom以前曾沙盒的方法。Ordinarily, this would grant full trust to assemblies loaded with the Assembly.LoadFrom method that previously had been sandboxed. 若要防止此情况,默认情况下禁用从远程源加载的程序集在运行代码的能力。To prevent this, the ability to run code in assemblies loaded from a remote source is disabled by default. 默认情况下,如果你尝试加载远程程序集,FileLoadException使用像引发以下异常消息:By default, if you attempt to load a remote assembly, a FileLoadException with an exception message like the following is thrown:

System.IO.FileNotFoundException: Could not load file or assembly 'file:assem.dll' or one of its dependencies. Operation is not supported. 
(Exception from HRESULT: 0x80131515)
File name: 'file:assem.dll' ---> 
System.NotSupportedException: An attempt was made to load an assembly from a network location which would have caused the assembly 
to be sandboxed in previous versions of the .NET Framework. This release of the .NET Framework does not enable CAS policy by default, 
so this load may be dangerous. If this load is not intended to sandbox the assembly, please enable the loadFromRemoteSources switch. 

若要加载的程序集和执行其代码,您必须:To load the assembly and execute its code, you must either:

  • 显式程序集创建一个沙盒 (请参阅如何:运行沙盒中部分受信任的代码)。Explicitly create a sandbox for the assembly (see How to: Run Partially Trusted Code in a Sandbox).

  • 在完全信任环境中运行该程序集的代码。Run the assembly's code in full trust. 执行此操作通过配置<loadFromRemoteSources>元素。You do this by configuring the <loadFromRemoteSources> element. 它允许您指定在早期版本的.NET Framework 中的部分信任中运行的程序集现在运行在完全信任环境中的.NET Framework 4 和更高版本。It lets you specify that the assemblies that run in partial trust in earlier versions of the .NET Framework now run in full trust in the .NET Framework 4 and later versions.

重要

如果该程序集不应在完全信任环境中运行,则不要设置此配置元素。If the assembly should not run in full trust, do not set this configuration element. 相反,创建沙盒AppDomain要在其中加载程序集。Instead, create a sandboxed AppDomain in which to load the assembly.

enabled属性<loadFromRemoteSources>元素仅当禁用代码访问安全性 (CAS) 时才有效。The enabled attribute for the <loadFromRemoteSources> element is effective only when code access security (CAS) is disabled. 默认情况下,在.NET Framework 4 和更高版本中禁用 CAS 策略。By default, CAS policy is disabled in the .NET Framework 4 and later versions. 如果您设置enabledtrue,远程程序集被授予完全信任。If you set enabled to true, remote assemblies are granted full trust.

如果enabled未设置为trueFileLoadException引发在以下条件之一:If enabled is not set to true, a FileLoadException is thrown under the either of the following conditions:

  • 当前域的沙盒行为是不同于.NET Framework 3.5 中其行为。The sandboxing behavior of the current domain is different from its behavior in the .NET Framework 3.5. 这要求 CAS 策略才可被禁用,并且不被进行沙箱处理的当前域。This requires CAS policy to be disabled, and the current domain not to be sandboxed.

  • 正在加载的程序集不是来自MyComputer区域。The assembly being loaded is not from the MyComputer zone.

设置<loadFromRemoteSources>元素true可防止引发此异常。Setting the <loadFromRemoteSources> element to true prevents this exception from being thrown. 它可用于指定,您不依赖于到沙盒公共语言运行时加载的程序集的安全性,和他们可以有权执行在完全信任。It enables you to specify that you are not relying on the common language runtime to sandbox the loaded assemblies for security, and that they can be allowed to execute in full trust.

说明Notes

  • 在.NET Framework 4.5 和更高版本中,本地网络共享上的程序集在完全信任环境中默认情况下运行;无需启用<loadFromRemoteSources>元素。In the .NET Framework 4.5 and later versions, assemblies on local network shares run in full trust by default; you do not have to enable the <loadFromRemoteSources> element.

  • 如果应用程序是从 Web 复制而来,Windows 会将其标记为 Web 应用程序,即使它驻留在本地计算机上也不例外。If an application has been copied from the web, it is flagged by Windows as being a web application, even if it resides on the local computer. 可以通过更改其文件属性,更改该标记也可以使用<loadFromRemoteSources>元素对程序集授予完全信任。You can change that designation by changing its file properties, or you can use the <loadFromRemoteSources> element to grant the assembly full trust. 对于操作系统标记为从 Web 加载的本地程序集,也可以使用 UnsafeLoadFrom 方法进行加载。As an alternative, you can use the UnsafeLoadFrom method to load a local assembly that the operating system has flagged as having been loaded from the web.

  • 你可能会收到FileLoadExceptionWindows Virtual PC 应用程序中运行的应用程序中。You may get a FileLoadException in an application that is running in a Windows Virtual PC application. 当你尝试从托管计算机上的链接文件夹加载文件时,可以发生这种情况。This can happen when you try to load a file from linked folders on the hosting computer. 当你尝试将文件从上链接的文件夹加载它也会发生远程桌面服务(Terminal Services)。It can also occur when you try to load a file from a folder linked over Remote Desktop Services (Terminal Services). 若要避免此异常,设置enabledtrueTo avoid the exception, set enabled to true.

配置文件Configuration file

此元素通常用在应用程序配置文件中,但可根据上下文用于其他配置文件。This element is typically used in the application configuration file, but can be used in other configuration files depending upon the context. 有关详细信息,请参阅文章多个隐式使用 CAS 策略: loadFromRemoteSources .NET 安全性博客中。For more information, see the article More Implicit Uses of CAS Policy: loadFromRemoteSources in the .NET Security blog.

示例Example

下面的示例演示如何向从远程源加载的程序集授予完全信任。The following example shows how to grant full trust to assemblies loaded from remote sources.

<configuration>  
   <runtime>  
      <loadFromRemoteSources enabled="true"/>  
   </runtime>  
</configuration>  

请参阅See also