tag:blogger.com,1999:blog-199106851038957806.post1044810735068033001..comments2024-03-15T01:45:57.877+00:00Comments on David Jennaway - Microsoft Dynamics CRM: UR 7 breaks Attachment Download code, and how to fix itDavid Jennawayhttp://www.blogger.com/profile/09695858105618938443noreply@blogger.comBlogger11125tag:blogger.com,1999:blog-199106851038957806.post-80195365177280853192013-06-04T09:32:20.395+01:002013-06-04T09:32:20.395+01:00This comment has been removed by the author.Rizwan Ahmedhttps://www.blogger.com/profile/06385650011715695151noreply@blogger.comtag:blogger.com,1999:blog-199106851038957806.post-70675354571997735832013-06-04T09:31:44.897+01:002013-06-04T09:31:44.897+01:00I am facing same issue.
here is the solution
htt...I am facing same issue. <br />here is the solution<br /><br />http://cloudytech.blogspot.com/2013/06/access-denied-opening-attachment-in-crm.htmlRizwan Ahmedhttps://www.blogger.com/profile/06385650011715695151noreply@blogger.comtag:blogger.com,1999:blog-199106851038957806.post-54614181705167083952010-11-01T02:31:05.052+00:002010-11-01T02:31:05.052+00:00Dave, I appreciate your analysis of the situation,...Dave, I appreciate your analysis of the situation, but wonder if perhaps an IFD environment adds considerations to the matter. At any rate, I felt it worthwhile to post here an example of how to use inline-data URIs to work around limitations of interfacing with download.aspx:<br /><br /><a href="http://crmentropy.blogspot.com/2010/10/tito-zs-iframe-embedded-image-code.html" rel="nofollow">http://crmentropy.blogspot.com/2010/10/tito-zs-iframe-embedded-image-code.html</a>Dave Berryhttps://www.blogger.com/profile/00550842553228989698noreply@blogger.comtag:blogger.com,1999:blog-199106851038957806.post-14509741577077444462010-04-19T20:05:24.898+01:002010-04-19T20:05:24.898+01:00I'm afraid I have to disagree with you, Dave. ...I'm afraid I have to disagree with you, Dave. Accessing an attachment via download.aspx is still subject to the standard CRM authentication and authorisation model - i.e. you need a valid CRM user account that has rights to access the attachment.<br /><br />The only security that tokens add is a defence agains cross-site reqquest forgery (XSRF) attacks. XSRF attacks are only really an issue if you either have Cross-site scripting (XSS) problems, or if you have a web application that allows data modification via GET (rather than POST) requests. Given that neither of those issues apply to MSCRM, then I fail to find a good reason for requiring tokens to download an attachment in this way.David Jennawayhttps://www.blogger.com/profile/09695858105618938443noreply@blogger.comtag:blogger.com,1999:blog-199106851038957806.post-89399341296507157612010-04-19T17:07:02.469+01:002010-04-19T17:07:02.469+01:00I believe this is because the attachment.aspx meth...I believe this is because the attachment.aspx method doesn't preserve the rights and privileges model of CRM when pertaining to authorized access to said attachments, and the new token model is a mechanism that achieves it. Creating and downloading attachments would be completely open for anyone to achieve. And the "token" is an internal part of CRM's authentication mechanisms, meaning our use of it is limited to the standard CRM API.<br />I can see why they have changed this, and am thankful they have done so.Dave Berryhttps://www.blogger.com/profile/00550842553228989698noreply@blogger.comtag:blogger.com,1999:blog-199106851038957806.post-29584194187751374302010-03-02T10:18:57.718+00:002010-03-02T10:18:57.718+00:00Registry fix: https://community.dynamics.com/blogs...Registry fix: https://community.dynamics.com/blogs/crmdavidjennaway/comments/41406.aspxUnknownhttps://www.blogger.com/profile/12664421697818745922noreply@blogger.comtag:blogger.com,1999:blog-199106851038957806.post-65822891655811890412009-12-11T12:00:18.306+00:002009-12-11T12:00:18.306+00:00David,
Could you help me with the registry change?...David,<br />Could you help me with the registry change? <br />I'm a nerd on the other workaroundArthurhttps://www.blogger.com/profile/07127287379082151175noreply@blogger.comtag:blogger.com,1999:blog-199106851038957806.post-33420593447496817662009-12-08T23:05:13.868+00:002009-12-08T23:05:13.868+00:00I replace my older codes with new codes, The major...I replace my older codes with new codes, The major change is, that I use the web service to handle the attachment download but now I replace it and use FileStream.<br /><br /><br /><br />System.Text.StringBuilder FileName = new System.Text.StringBuilder(System.Environment.GetEnvironmentVariable("TEMP")).Append(@"\" + DateTime.Now.ToString("yyyyMMddhhmmssffff") + "_" + ((activitymimeattachment)ent).filename); <br /><br /> //System.Net.WebClient myWebClient = new System.Net.WebClient(); <br /> //myWebClient.Credentials = System.Net.CredentialCache.DefaultCredentials;<br /> //myWebClient.DownloadFile(url, FileName.ToString()); <br /><br /> using (FileStream fileStream = new FileStream(Convert.ToString(FileName),FileMode.OpenOrCreate))<br /> {<br /> byte[] fileContent = Convert.FromBase64String(((activitymimeattachment)ent).body);<br /> fileStream.Write(fileContent, 0, fileContent.Length);<br /> <br /> }<br /> <br />Goktug - crmAkademi<br />www.crmAkademi.netGoktug Atachttps://www.blogger.com/profile/05719006772305427694noreply@blogger.comtag:blogger.com,1999:blog-199106851038957806.post-82812779840403512552009-11-16T18:56:58.706+00:002009-11-16T18:56:58.706+00:00Stuart
Yes it did. The short(ish) answer is that ...Stuart<br /><br />Yes it did. The short(ish) answer is that MS aren't that happy on that information appearing on a blog that's sindicated on their sites. <br /><br />There's an ongoing discussion about the security implications of the registry change, and while that's going on I thought it was polite to remove it.<br /><br />In the meantime, I'm sure it won't be hard to find a cahced copy of the post on one of the search engines, or those sites that syndicate this blog<br /><br />DavidDavid Jennawayhttps://www.blogger.com/profile/09695858105618938443noreply@blogger.comtag:blogger.com,1999:blog-199106851038957806.post-6812219187454871892009-11-16T16:09:47.740+00:002009-11-16T16:09:47.740+00:00Didn't this post previously mention a registry...Didn't this post previously mention a registry change that overcame this? If so what's happened to it...Stuarthttps://www.blogger.com/profile/00022537106311798907noreply@blogger.comtag:blogger.com,1999:blog-199106851038957806.post-62427620228365579502009-11-06T20:18:53.856+00:002009-11-06T20:18:53.856+00:00I was waiting for someone who will resolve attachm...I was waiting for someone who will resolve attachment problem in UR7. <br /><br />kgorczewski <br />My Dynamics blog http://bovoweb.blogspot.comkgorczewskihttps://www.blogger.com/profile/07299841243615962972noreply@blogger.com