By default, server-side script is prevented from running .NET and Java classes from script, thus keeping that code sand-boxed.
In order to run classes, such as System.IO or java.IO, set UnsafeScriptAllowed="True".
To help prevent script injection exploits, ensure that values fed into the script are known to be safe. |