<loadFromRemoteSources > 元素<loadFromRemoteSources> element

指定是否應將 .NET Framework 4 和更新版本中的完全信任授與從遠端來源載入的元件。Specifies whether assemblies loaded from remote sources should be granted full trust in .NET Framework 4 and later.

注意

如果您因為 Visual Studio 專案錯誤清單中的錯誤訊息或組建錯誤而被導向本文,請參閱如何:在 Visual Studio 中使用 Web 元件If you were directed to this article because of an error message in the Visual Studio project error list or a build error, see How to: Use an Assembly from the Web in Visual Studio.

<configuration> <configuration>
    <runtime >   <runtime>
     <loadFromRemoteSources >    <loadFromRemoteSources>

語法Syntax

<loadFromRemoteSources    
   enabled="true|false"/>  

屬性和元素Attributes and elements

下列各節描述屬性、子項目和父項目。The following sections describe attributes, child elements, and parent elements.

屬性Attributes

屬性Attribute 描述Description
enabled 必要屬性。Required attribute.

指定是否應授與從遠端來源載入的元件完全信任。Specifies whether an assembly that is loaded from a remote source should be granted full trust.

enabled 屬性enabled attribute

Value 描述Description
false 請勿將完全信任授與遠端來源的應用程式。Do not grant full trust to applications from remote sources. 這是預設值。This is the default.
true 授與從遠端來源對應用程式的完全信任。Grant full trust to applications from remote sources.

子元素Child elements

無。None.

父元素Parent elements

項目Element 描述Description
configuration 通用語言執行平台和 .NET Framework 應用程式所使用之每個組態檔中的根項目。The root element in every configuration file used by the common language runtime and .NET Framework applications.
runtime 包含有關執行階段初始化選項的資訊。Contains information about runtime initialization options.

備註Remarks

在 .NET Framework 3.5 和更早版本中,如果您從遠端位置載入元件,則元件中的程式碼會以部分信任的方式執行,而該授權集是根據載入它的區域而定。In the .NET Framework 3.5 and earlier versions, if you load an assembly from a remote location, code in the assembly runs in partial trust with a grant set that depends on the zone from which it is loaded. 例如,如果您從網站載入元件,則會將它載入至網際網路區域並授與網際網路許可權集合。For example, if you load an assembly from a website, it is loaded into the Internet zone and granted the Internet permission set. 換句話說,它會在網際網路沙箱中執行。In other words, it executes in an Internet sandbox.

從 .NET Framework 4 開始,會停用代碼啟用安全性(CAS)原則,並以完全信任的方式載入元件。Starting with the .NET Framework 4, code access security (CAS) policy is disabled and assemblies are loaded in full trust. 一般來說,這會授與完全信任給以先前已沙箱化的 Assembly.LoadFrom 方法所載入的元件。Ordinarily, this would grant full trust to assemblies loaded with the Assembly.LoadFrom method that previously had been sandboxed. 為了避免這種情況,預設會停用在從遠端來源載入的元件中執行程式碼的功能。To prevent this, the ability to run code in assemblies loaded from a remote source is disabled by default. 根據預設,如果您嘗試載入遠端元件,則會擲回含有例外狀況訊息的 FileLoadException,如下所示:By default, if you attempt to load a remote assembly, a FileLoadException with an exception message like the following is thrown:

System.IO.FileNotFoundException: Could not load file or assembly 'file:assem.dll' or one of its dependencies. Operation is not supported. 
(Exception from HRESULT: 0x80131515)
File name: 'file:assem.dll' ---> 
System.NotSupportedException: An attempt was made to load an assembly from a network location which would have caused the assembly 
to be sandboxed in previous versions of the .NET Framework. This release of the .NET Framework does not enable CAS policy by default, 
so this load may be dangerous. If this load is not intended to sandbox the assembly, please enable the loadFromRemoteSources switch. 

若要載入元件並執行其程式碼,您必須執行下列其中一項:To load the assembly and execute its code, you must either:

  • 明確建立元件的沙箱(請參閱如何:在沙箱中執行部分信任的程式碼)。Explicitly create a sandbox for the assembly (see How to: Run Partially Trusted Code in a Sandbox).

  • 以完全信任的方式執行元件的程式碼。Run the assembly's code in full trust. 您可以藉由設定 <loadFromRemoteSources> 元素來完成此動作。You do this by configuring the <loadFromRemoteSources> element. 它可讓您指定在舊版 .NET Framework 中以部分信任方式執行的元件,現在會在 .NET Framework 4 和更新版本中以完全信任的方式執行。It lets you specify that the assemblies that run in partial trust in earlier versions of the .NET Framework now run in full trust in the .NET Framework 4 and later versions.

重要

如果元件不應在完全信任中執行,請不要設定此 configuration 元素。If the assembly should not run in full trust, do not set this configuration element. 相反地,請建立要在其中載入元件的沙箱化 AppDomainInstead, create a sandboxed AppDomain in which to load the assembly.

只有在停用代碼啟用安全性(CAS)時,<loadFromRemoteSources> 元素的 enabled 屬性才有效。The enabled attribute for the <loadFromRemoteSources> element is effective only when code access security (CAS) is disabled. 預設會停用 .NET Framework 4 和更新版本中的 CAS 原則。By default, CAS policy is disabled in the .NET Framework 4 and later versions. 如果您將 enabled 設定為 true,遠端元件會被授與完全信任。If you set enabled to true, remote assemblies are granted full trust.

如果 enabled 未設定為 true,則會在下列任一情況下擲回 FileLoadExceptionIf enabled is not set to true, a FileLoadException is thrown under the either of the following conditions:

  • 目前網域的沙箱行為與其在 .NET Framework 3.5 中的行為不同。The sandboxing behavior of the current domain is different from its behavior in the .NET Framework 3.5. 這需要停用 CAS 原則,而目前的網域則不會進行沙箱處理。This requires CAS policy to be disabled, and the current domain not to be sandboxed.

  • 正在載入的元件不是來自 MyComputer 區域。The assembly being loaded is not from the MyComputer zone.

<loadFromRemoteSources> 專案設定為 true 可避免擲回此例外狀況。Setting the <loadFromRemoteSources> element to true prevents this exception from being thrown. 它可讓您指定您不依賴 common language runtime 將載入的元件沙箱處理為安全性,而且可以允許在完全信任的情況下執行。It enables you to specify that you are not relying on the common language runtime to sandbox the loaded assemblies for security, and that they can be allowed to execute in full trust.

備註Notes

  • 在 .NET Framework 4.5 和更新版本中,本機網路共用上的元件預設會以完全信任的方式執行;您不需要啟用 <loadFromRemoteSources> 元素。In the .NET Framework 4.5 and later versions, assemblies on local network shares run in full trust by default; you do not have to enable the <loadFromRemoteSources> element.

  • 如果已從網路複製應用程式,即使該應用程式位於本機電腦上,Windows 仍會將它標示為 Web 應用程式。If an application has been copied from the web, it is flagged by Windows as being a web application, even if it resides on the local computer. 您可以藉由變更其檔案屬性來變更該指定,也可以使用 <loadFromRemoteSources> 專案來授與元件完全信任。You can change that designation by changing its file properties, or you can use the <loadFromRemoteSources> element to grant the assembly full trust. 或者,您可以使用 UnsafeLoadFrom 方法載入作業系統標示為從 Web 載入的本機組件。As an alternative, you can use the UnsafeLoadFrom method to load a local assembly that the operating system has flagged as having been loaded from the web.

  • 您可能會在 Windows Virtual PC 應用程式中執行的應用程式中取得 FileLoadExceptionYou may get a FileLoadException in an application that is running in a Windows Virtual PC application. 當您嘗試從主控電腦上的連結資料夾載入檔案時,就會發生這種情況。This can happen when you try to load a file from linked folders on the hosting computer. 當您嘗試從連結于遠端桌面服務(終端機服務)的資料夾載入檔案時,也可能會發生此問題。It can also occur when you try to load a file from a folder linked over Remote Desktop Services (Terminal Services). 若要避免例外狀況,請將 enabled 設定為 trueTo avoid the exception, set enabled to true.

組態檔Configuration file

此項目通常用於應用程式組態檔,不過可以根據內容用於其他組態檔。This element is typically used in the application configuration file, but can be used in other configuration files depending upon the context. 如需詳細資訊,請參閱 .NET 安全性 blog 中的 CAS 原則的更多隱含用法: loadFromRemoteSources 一文。For more information, see the article More Implicit Uses of CAS Policy: loadFromRemoteSources in the .NET Security blog.

範例Example

下列範例顯示如何將完全信任授與從遠端來源載入的元件。The following example shows how to grant full trust to assemblies loaded from remote sources.

<configuration>  
   <runtime>  
      <loadFromRemoteSources enabled="true"/>  
   </runtime>  
</configuration>  

請參閱See also