locked
Security Exception Issue Help! RRS feed

  • Question

  • I got a security exception in integration with authorize.net, below is the code:

     

    private void readHtmlPage(string url)

    {

    HttpWebRequest objRequest = (HttpWebRequest)WebRequest.Create(url);

    objRequest.Method = "POST";

    objRequest.ContentType = "application/x-www-form-urlencoded";

    objRequest.BeginGetRequestStream(new AsyncCallback(RequestReady), objRequest);

    }

    void RequestReady(IAsyncResult asyncResult)

    {

    this.Dispatcher.BeginInvoke(delegate()

    {

    WebRequest request = asyncResult.AsyncState as WebRequest;

    System.IO.StreamWriter writer = new System.IO.StreamWriter(request.EndGetRequestStream(asyncResult)); //die here

    writer.Write(getStringForAuthRequest());

    writer.Flush();

    writer.Close();

    request.BeginGetResponse(
    new AsyncCallback(ResponseReady), request);

    });

    }

     

    void ResponseReady(IAsyncResult asyncResult)

    {

    WebRequest request = asyncResult.AsyncState as WebRequest;

    WebResponse response = request.EndGetResponse(asyncResult);   // die here :- getting a security exception

    using (System.IO.Stream responseStream = response.GetResponseStream())

    {

    System.IO.
    StreamReader reader = new System.IO.StreamReader(responseStream);

    string result = reader.ReadToEnd();

    string[] arr = new string[1];

    arr[0] = "|";

    string[] strArray = result.Split(arr, StringSplitOptions.None);

    // Close and clean up the StreamReader

    responseStream.Close();

    if (strArray[0] == "1")

    {

    MessageBox.Show("Successful");

    }

    else

    {

    MessageBox.Show("UnSuccessful");

    }

    }

    }

     

    private string getStringForAuthRequest()

    {

    string strPost = "";

    if (PaymentConfigList.Count > 0)

    {

    foreach(var paymentconfig in PaymentConfigList)

    {

    switch (paymentconfig.ConfigKey)

    {

    case "x_login":

    strPost += "x_login" + "=" + paymentconfig.ConfigValue;

    break;

    case "x_tran_key":

    strPost += "&" + "x_tran_key" + "=" + paymentconfig.ConfigValue;

    break;

    case "x_method":

    strPost += "&" + "x_method" + "=" + paymentconfig.ConfigValue;

    break;

    case "x_type":

    strPost += "&" + "x_type" + "=" + paymentconfig.ConfigValue;

    break;

    case "x_test_request":

    strPost += "&" + "x_test_request" + "=" + paymentconfig.ConfigValue;

    break;

    case "x_version":

    strPost += "&" + "x_version" + "=" + paymentconfig.ConfigValue;break;

    }

    }

    }

    strPost +=
    "&" + "x_delim_data" + "=" + true.ToString();

    strPost += "&" + "x_delim_char" + "=" + "|";

    strPost += "&" + "x_relay_response" + "=" + false.ToString();

    strPost += "&" + "x_amount" + "=" + txtAmount.Text.Trim();

    strPost += "&" + "x_card_num" + "=" + txtCardNo.Text.Trim();

    strPost += "&" + "x_exp_date" + "=" + Convert.ToString(dpdMonth.SelectedValue) + Convert.ToString(dpdYear.SelectedValue);

    return strPost;

    }

     

    Also I added the clientaccesspolicy.xml  below:-

     

    <?xml version="1.0" encoding="utf-8"?>

    <access-policy>

    <cross-domain-access>

    <policy>

    <allow-from>

    <domain uri="*"/>

    </allow-from>

    <grant-to>

    <resource path="/" include-subpaths="true" />

    </grant-to>

    </policy>

    </cross-domain-access>

    </access-policy>

    Thursday, November 12, 2009 6:13 AM

Answers