Tip of the Day #111 – How to Configure your Silverlight App to run in Elevated Trust Mode
With Silverlight you can run your Out-of-Browser applications in elevated trust mode. This will allow you to relax the normal sandboxed barrier Silverlight restricts applications to. While you still will not have full control of the local machine, the following features are made available to you in elevated trust mode:
- Clipboard Access – Retrieve items from the system clipboard without the prompt for permissions to access the clipboard as seen below:
- HTML Hosting – Display HTML Content in the WebBrowser control.
- Removal of Cross Domain Restrictions – Your application can interact with any domain bypassing the normal security check that required the ClientAccessPolicy.xml or CrossDomain.xml files.
- File Access – Your application can now directly access files without user initiated interaction that then invokes the OpenFileDialog or SaveFileDialog dialogs. However, you are still limited to user folders such as My Documents, My Videos, My Music, My Pictures and any sub folder. Example code you can execute:
if (App.Current.IsRunningOutOfBrowser && Application.Current.HasElevatedPermissions)
{
string picturesPath = Environment.GetFolderPath(Environment.SpecialFolder.MyPictures);
string path = picturesPath + @"\test.txt";
StreamReader sr = new StreamReader(path);
string line = sr.ReadLine();
while (line != null)
{
line = sr.ReadLine();
}
sr.Close();
}
- Notification Window – Also know as a “toast” window, this is a small window that pops up in the lower right corner for a specified interval of time before disappearing.
- COM Interoperability – Direct access to COM enabled applications installed on the clients machine.
In order to configure your application to run in elevated mode open your project in Visual Studio 2010. Once open, right click on your Silverlight application in the solution explorer and select Properties. Under the Silverlight tab, check “Enable running application out of the browser” and click the “Out-of-Browser settings" button as circled below in the screenshot.
Once this dialog is open check the “Require elevated trust when running outside the browser” checkbox as seen circle in the screenshot below.
Now, when a user chooses to install your Silverlight application out of browser they will get this rather intimidating security warning dialog before they can proceed. Note that you can replace this dialog with something more friendly if your XAP is digitally signed (this will be covered in the next tip of the day).
Final Notes
On a final note, you will want to make certain your application verifies it’s running in out of browser mode before making calls that are required to be in this mode before being executed. Your application can check to see if it’s running in Out-of-Browser mode through this call:
if (App.Current.IsRunningOutOfBrowser)
{
}
Also, your application can verify it has elevated permissions with this call:
if (Application.Current.HasElevatedPermissions)
{
}
Thank you,
--Mike