Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member
Web applications run in a sandboxed environment for a reason. No sane administrator will allow an unknown application to run unfettered on a computer. Most web frameworks, therefore, restrict with a web application can do to the local computer. These frameworks often have a means for users or administrators to grant more trust to the application. With this additional trust, the application gains more privileges and can do more actions on the client computer. In Silverlight, different levels of the trust can be granted to an application. Let's take a more detailed look at those levels.
Standard Silverlight and out-of- browser Silverlight are configured as sandbox- restricted by default. By configuring some project settings in Visual Studio, you can run both Silverlight and out-of- browser apps in elevated trust. For what it's worth, out of browser often goes by the acronym OOB. Silverlight 5 adds a new in-browser elevated trust privilege. This feature works without much fuzz on your developer computer. Any domains in a configurable white list will run in elevated trust without intervention. On the client computer you must enable in browser elevated trust by using a client access policy file or modifying the Windows registry.
Using the policy file allows your applications to run on a private network. Using the Windows registry approach allows your application to run on a single machine. In either approach, you cannot deploy in-browser elevated trust application to everyone on the web. In addition your XAP must be signed with a trusted certificate. When we look at what a standard Silverlight application can do, we know that it runs inside the browser. OOB applications run in a dedicated non-browser window. When running in-browser all keyboard input is processed by the browser and the browser has first access to the keystrokes.
Sometimes it may not pass those onto the client. For instance, it may look at a function key or the Alt key and decide that it does not want to pass that on to the Silverlight app. For OOB apps the host window processes the keystrokes; the browser has no opportunity to swallow key entry. When you run in full screen and in OOB standard, your key input is restricted once again. To prevent spoofing and other nasty problems, standard OOB prevents most key input. You are limited to navigation keys, the Tab key, and a few more.
Switch to OOB elevated and you gain back to full key entry. Silverlight can save files to the client computer. This is known as local storage. When running in standard mode, you get 1 MB space in the isolated storage cache. This is expandable by the user. You have unlimited programmatic access to saving your files or reading your files from isolated storage. You can also store data in other location on the hard drive if you ask a user for their permission, through a dialog. By running in out of browser, the default storage space rises to 25 MB.
OOB elevated can access folders within the local user's directory without user interaction. Silverlight standard and OOB can show floating windows via the pop-up control and the ChildWindow class. OOB elevated gets a lot of more Windows features because it can create native windows, and they are substantially more flexible than the ChildWindow implementation. Elevated trust gives you a few additional benefits. For a long time Microsoft has provided a feature called COM Interop, which permits a programmer to access the functionality inside another application.
Through COM Interop, you can open an Excel spreadsheet, paste some data into the cells, create a chart on another worksheet, and copy that chart into a Word document. COM Interop is now available in OOB elevated trust. You can also interact with the command shell, get easier access to cross domain files, and more. One more point before I wrap up: I'd like to point out the elevated trust does not mean full trust. Your Silverlight application cannot run as an administrator, for instance, on the local machine. The rest of the movies in this chapter show you how to work with elevated trust apps.
Get unlimited access to all courses for just $25/month.Become a member