Upgrading to subtext 2.0-fail

It's been a long time in between updates for subtext, but, has it actually been worth it? Well, kinda. Compared to the 1.9.5 release this one seems a little rough around the edges.

If you're on a shared host WITHOUT full trust, beware! Things will break in multiple places, including:

  1. DTP.aspx (The homepage) (tag "st" undefined, needed to add back 'Register TagPrefix="st" Namespace="Subtext.Web.UI.WebControls"') (My web.config merge error)
  2. /admin/Posts/  (EnclosureMimetypes config section missing requirePermission="false" attribute)
  3. /admin/Feedback/ ("FeedbackStatusFlag" undeclared, needed to prefix with the namespace)
  4. Subtext.Framework.UrlManager.UrlReWriteHandlerFactory.GetHandlerForUrl(string url) also breaks from a security permission when calling UrlAuthorizationModule.CheckUrlAccessForPrincipal(), had to recompile Subtext.Framework to get around this.

EDIT: I don't mean to blast subtext, but I might as well lay a few more issues out there:

  1. The call to "/Admin/Services/Ajax/AjaxServices.ashx?proxy" throws an "Operation could destabilize the runtime" exception, haha I must say this is the first time I've seen that, fixed by generating the AjaxServicesProxy.js file locally.
  2. In the Feedback admin area, when hovering the URL icon the "title" tag shows the email address.
  3. Forgot to add this last night: Had to remove the OpenID stuff from the login page, errors with "Cannot be called from Untrusted assembly".

The problems in this upgrade mostly appear to be stemming from carelessness regarding restrictions in medium trust. I guess the question is - "Is subtext venturing away from medium trust on purpose?"

Looking to the future. From what I recall I don’t think it’s actually possible to run .net 3.5 applications without full trust, features such as anonymous types simply don’t work.

General Errors and Bugs ASP.NET
Posted by: Brendan Kowitz
Last revised: 21 Sep 2013 12:15PM


8/16/2008 1:27:21 PM
It's definitely not on purpose. Sorry for these issues. I'll try to get them fixed soon.
8/17/2008 4:47:35 AM
As far as I can tell, none of these issues are blockers. I guess it's hard to cater for everything, all the time. Subtext is still an awesome package, keep up the good work.
8/17/2008 9:06:19 PM
Regarding the first bug w/ DTP.aspx, did you merge changes from the new Web.config into your web.config? We added the control registrations to the ... section of web.config
8/17/2008 9:39:53 PM
I used beyond compare, looks like your right, must have been a merge error. ;)
8/23/2008 1:02:54 AM
Regarding 3.5 and medium trust, it is possible. .NET 3.5 changes the default medium trust policy to allow for reflection of public types.
10/20/2009 12:43:36 PM
I'm upgrading to 2.1.2 but I still have problems with (at least) the UrlReWriteHandlerFactory error. Godaddy gives the 500 internal server error.

Also the SystemMessages handler does the same thing. Disabling them on web.config allows me to see the update/login page, but with errors.

Any idea?

No new comments are allowed on this post.