Пример #1
0
        void DeserializeItem(String name, bool check)
        {
            object val;

            lock (_serializedItemsLock) {
                if (check)
                {
                    // No-op if SessionStateItemCollection is not deserialized from a persistent storage,
                    if (_serializedItems == null)
                    {
                        return;
                    }

                    // User is asking for an item we don't have.
                    if (!_serializedItems.ContainsKey(name))
                    {
                        return;
                    }
                }

                Debug.Assert(_serializedItems != null);
                Debug.Assert(_stream != null);

                SerializedItemPosition position = (SerializedItemPosition)_serializedItems[name];
                if (position.IsDeserialized)
                {
                    // It has been deserialized already.
                    return;
                }

                // Position the stream to the place where the item is stored.
                _stream.Seek(position.Offset, SeekOrigin.Begin);

                // Set the value
                Debug.Trace("SessionStateItemCollection", "Deserialized an item: keyname=" + name);

                if (!HttpRuntime.DisableProcessRequestInApplicationTrust)
                {
                    // VSWhidbey 427316: Sandbox Serialization in non full trust cases
                    if (HttpRuntime.NamedPermissionSet != null && HttpRuntime.ProcessRequestInApplicationTrust)
                    {
                        HttpRuntime.NamedPermissionSet.PermitOnly();
                    }
                }

                // This deserialization work used to be done in AcquireRequestState event when
                // there is no user code on the stack.
                // In whidbey we added this on-demand deserialization for performance reason.  However,
                // in medium and low trust cases the page doesn't have permission to do it.
                // So we have to assert the permission.
                // (See VSWhidbey 275003)
                val = ReadValueFromStreamWithAssert();

                BaseSet(name, val);

                // At the end, mark the item as deserialized by making the offset -1
                position.MarkDeserializedOffsetAndCheck();
            }
        }
Пример #2
0
 private void DeserializeItem(string name, bool check)
 {
     lock (this._serializedItemsLock)
     {
         if (!check || ((this._serializedItems != null) && this._serializedItems.ContainsKey(name)))
         {
             SerializedItemPosition position = (SerializedItemPosition)this._serializedItems[name];
             if (!position.IsDeserialized)
             {
                 this._stream.Seek((long)position.Offset, SeekOrigin.Begin);
                 if ((!HttpRuntime.DisableProcessRequestInApplicationTrust && (HttpRuntime.NamedPermissionSet != null)) && HttpRuntime.ProcessRequestInApplicationTrust)
                 {
                     HttpRuntime.NamedPermissionSet.PermitOnly();
                 }
                 object obj2 = this.ReadValueFromStreamWithAssert();
                 base.BaseSet(name, obj2);
                 position.MarkDeserializedOffsetAndCheck();
             }
         }
     }
 }