This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 0%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
We have an ASP.NET Core 3.1 Web API controller that is called from an ASP.NET web app using .NET 3.5 framework. The API controller is called via a HttpWebRequest and results in an error
That assembly does not allow partially trusted callers
Both apps reside on the same shared hosting environment and domain. That is, both app's have the same domain but are in different folders (i.e. applications) in IIS. For instance, mywebsite.com/folder1 and mywebsite.com/folder2.
Here's a sample how asp.net web app calls the .net core web api:
oRequest = HttpWebRequest.Create("https://www.mywebsite.com/folder2/path/to/api")
With oRequest
.Method = "GET"
.ContentType = "application/x-www-form-urlencoded"
.Accept = "application/json"
.ContentLength = 0
oResponse = oRequest.GetResponse()
oReader = New StreamReader(oResponse.GetResponseStream)
'store results in string
sResult = oReader.ReadToEnd
End With
We checked the .NET trust level and both app's are set to "Full (Internal)". Also, we tried adding the AllowPartiallyTrustedCallers attribute to the controller but per MS, "Partially trusted code is no longer supported. This attribute has no effect in .NET Core."
Is there another way to call the api?
Help is appreciated.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 51%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
Hi @wrappingduke ,
ASP.NET Core and ASP.NET 4.x are in general incompatible so they cannot be hosted in certain ways. "called via HttpWebRequest" is also ambiguous so you'd better edit the question to show some code.
Best regards,
Yijing Sun
Please re-read. Sample code has already been provided.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
you don't specify which application gets the error.
your sample code just does a GET, though there is no reason to set the content-type for a GET. what happens if you just type the GET url into the browser?
The expected results are returned when the url is type into a browser. Here's a screenshot of the results:
The Asp.Net web app gets the error and with a little more digging, the following error is returned from the web app:
The action that failed was:
LinkDemand
The Zone of the assembly that failed was:
That assembly does not allow partially trusted callers.
then the error is unrelated to the code you have shown us. in some other code you are calling an untrusted assembly.
note: while you may have configured trust in the application, the IIS machine config has to be configured to allow it.
Yes, I know it's unrelated that's why it wasn't included in the original post but it was requested. I thought the error message would indicate so. Nevertheless, you also felt it was also relevant that you mentioned "content-type" in the web request.
methods can not be marked AllowPartiallyTrustedCallers, only assemblies. you update the assembly.cs file with the attribute and strongly name the assembly.
typically you would do this to the library causing the trust error or wrap the library with a trusted wrapper.
Please re-read the original post where the following is stated:
"Also, we tried adding the AllowPartiallyTrustedCallers attribute to the controller but per MS, "Partially trusted code is no longer supported. This attribute has no effect in .NET Core."
Hi @wrappingduke ,
It has said, this attribute has no effect in .NET Core. You could check this article.
I think you could try to set the config.
<system.web>
<trust level="Full" />
Yep, we did and that article states:
Partially trusted code is no longer supported. This attribute has no effect in .NET Core.
You have to go down a little further in the article or click here
Moreover, it was mentioned in the original post, the following:
"We checked the .NET trust level and both app's are set to "Full (Internal)"
Please read items in its entirety before answering as it mitigates monotony and delay of possible resolution.
you don't show us any relevant information:
the name of assembly that is not trusted
the web.config settings to show your trust settings
the version of .net for app pool for the 3.5 application
the current installed version of 4.*
note: .net 3.5 is out of support
You don't read posts and articles in there entirety:
We've provided relevant information multiple times since it's been repeatedly disregarded
Information not pertinent to the issue has repeatedly been referenced as a solution
Repeated requests of information not pertinent to issue
Pictures are needed instead of words and sentences
Screenshots have been attached.
Full, just means the server default.
which version of .net framework is the app pool and what updates have been installed.
what caspol policies have you installed on the server
what does fuslogvw tell about the error?
what is the version of the server & IIS?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 24%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESW%3C/text%3E%3C/svg%3E)
@wrappingduke It is difficult to reproduce your problem, I suggest you open a case via: https://support.microsoft.com.