It's been a long time in between updates for subtext, but, has it actually been worth it? Well, kinda. Compared to the 1.9.5 release this one seem...

Upgrading to subtext 2.0-fail

Aug 16 2008

It's been a long time in between updates for subtext, but, has it actually been worth it? Well, kinda. Compared to the 1.9.5 release this one seems a little rough around the edges.

If you're on a shared host WITHOUT full trust, beware! Things will break in multiple places, including:

  1. DTP.aspx (The homepage) (tag "st" undefined, needed to add back 'Register TagPrefix="st" Namespace="Subtext.Web.UI.WebControls"') (My web.config merge error)
  2. /admin/Posts/  (EnclosureMimetypes config section missing requirePermission="false" attribute)
  3. /admin/Feedback/ ("FeedbackStatusFlag" undeclared, needed to prefix with the namespace)
  4. Subtext.Framework.UrlManager.UrlReWriteHandlerFactory.GetHandlerForUrl(string url) also breaks from a security permission when calling UrlAuthorizationModule.CheckUrlAccessForPrincipal(), had to recompile Subtext.Framework to get around this.

EDIT: I don't mean to blast subtext, but I might as well lay a few more issues out there:

  1. The call to "/Admin/Services/Ajax/AjaxServices.ashx?proxy" throws an "Operation could destabilize the runtime" exception, haha I must say this is the first time I've seen that, fixed by generating the AjaxServicesProxy.js file locally.
  2. In the Feedback admin area, when hovering the URL icon the "title" tag shows the email address.
  3. Forgot to add this last night: Had to remove the OpenID stuff from the login page, errors with "Cannot be called from Untrusted assembly".

The problems in this upgrade mostly appear to be stemming from carelessness regarding restrictions in medium trust. I guess the question is - "Is subtext venturing away from medium trust on purpose?"

Looking to the future. From what I recall I don’t think it’s actually possible to run .net 3.5 applications without full trust, features such as anonymous types simply don’t work.
General Errors and Bugs ASP.NET
Posted by: Brendan Kowitz
Last revised: 16 Aug, 2008 11:52 AM History

Comments

Haacked
Haacked
16 Aug, 2008 01:27 PM

It's definitely not on purpose. Sorry for these issues. I'll try to get them fixed soon.

Brendan
Brendan
17 Aug, 2008 04:47 AM

As far as I can tell, none of these issues are blockers. I guess it's hard to cater for everything, all the time. Subtext is still an awesome package, keep up the good work.

Haacked
Haacked
17 Aug, 2008 09:06 PM

Regarding the first bug w/ DTP.aspx, did you merge changes from the new Web.config into your web.config? We added the control registrations to the ... section of web.config

Brendan
Brendan
17 Aug, 2008 09:39 PM

I used beyond compare, looks like your right, must have been a merge error. ;)

Haacked
Haacked
23 Aug, 2008 01:02 AM

Regarding 3.5 and medium trust, it is possible. .NET 3.5 changes the default medium trust policy to allow for reflection of public types.

Vasco Oliveira
Vasco Oliveira
20 Oct, 2009 12:43 PM

I'm upgrading to 2.1.2 but I still have problems with (at least) the UrlReWriteHandlerFactory error. Godaddy gives the 500 internal server error.

Also the SystemMessages handler does the same thing. Disabling them on web.config allows me to see the update/login page, but with errors.

Any idea?

No new comments are allowed on this post.

Powered by FunnelWeb, the blog engine of real developers.

Web Statistics

Is this your blog? Log in and update it.