This project is read-only.

ASP.NET ZipFile Extract To Web Directory Error?

Jan 16, 2009 at 4:02 AM
I recieve the following security error since using DotNetZip to Extract a .zip file to a trusted folder. I can use the asp:FileUpload component to successfully upload to the same folder that DotNetZip errors.


using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Net;
using Ionic.Utils.Zip;
using System.IO;

public partial class upload : System.Web.UI.Page

    protected void Page_Load(object sender, EventArgs e)

    protected void btnFileUpload_Click(object sender, ImageClickEventArgs e)
        HttpFileCollection files = Request.Files;

        for (int i = 0; i < files.Count; i++)
            HttpPostedFile file = files[i];

            if (file.ContentLength > 0)
                file.SaveAs(Server.MapPath("~/temp/") + System.IO.Path.GetFileName(file.FileName));
    protected void btnUnzip_Click(object sender, EventArgs e)
        using (ZipFile zip = ZipFile.Read(FileUpload1.FileName.ToString()))
            foreach (ZipEntry entry in zip)
                entry.Extract(Server.MapPath("~/temp/"), true);  // overwrite == true


[DotNetZip Error]

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy.  To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
   System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
   System.Security.CodeAccessPermission.Demand() +58
   System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) +644
   System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) +66
   System.IO.File.OpenRead(String path) +30
   Ionic.Utils.Zip.ZipFile.get_ReadStream() +129
   Ionic.Utils.Zip.ZipFile.ReadIntoInstance(ZipFile zf) +454

Jan 18, 2009 at 3:41 PM
You should set the property TempFileFolder on the ZipFile instance.
The folder must be writable by your ASP.NET application.