I have a Silverlight 5.1.10411.0 Out-of-Browser application that is NOT trusted and I am trying to close the application using the App.Current.MainWindow.Close method. According to the documentation I can only use this mechanism if one of these conditions is true:
- It is a trusted application (not true for my application)
- Before the Application.Startup event has completed (not true for my application)
- In response to a user-initiated action, for example, in a button Click event handler (This is what I am trying to get to work)
In my attempts to get this to work I have kept things extremely simple and am calling the method directly in a code behind button click event handler as shown below but it has no effect.
void closeButton_Click(object sender, RoutedEventArgs e) { var mainWindow = Application.Current.MainWindow; mainWindow.Close(); } When I attach the debugger and set "Break when an exception is Thrown" I can see the exception
SecurityException: Access to the property or method call is not allowed unless the application has elevated permissions, or the code was called through a user initiated action.
Any ideas why my code is not being considered a user initiated action?
I have tried attaching the event handler in both XAML and in the code-behind (not at the same time)
<Button x:Name="closeButton" Content="Close" Click="closeButton_Click" /> or
closeButton.Click += closeButton_Click; without success. I have read the User-Initiated Events documentation very carefully and cannot see why my code is not considered user initiated. I have tried this in both debug and release mode as well as when no debugger is attached without success. If I change "Require elevated trust when running outside the browser" to be true, the close call works as expected.
I have redefined my application requirements to work around this issue but I would really like to understand what I am doing wrong ;-)
Update: SonOfPirate's answer indicate that the documentation for this method is not accurate but I'm not convinced. Using the reflection tool dotPeek the method that is throwing the exception is
private void CheckForPermissions() { if (!Application.Current.HasElevatedPermissions && !XcpImports.IsUserInitiatedAction() && Application.Current.ApplicationStarted) throw new SecurityException(Resx.GetString("Window_AccessNotAllowed")); } I find this a bit confusing to read so I've mocked the code and written unit tests for it as shown by this gist and as you can see from the results I should be able to call close from an untrusted application, provided it is user initiated.
The security exception message
Access to the property or method call is not allowed unless the application has elevated permissions, or the code was called through a user initiated action.
also indicates that it should be possible so I am back to the question - why is this code not considered user initiated?
Answer: 1
The mistake is in the very first paragraph when you state that you "can only use this mechanism if one of these conditions is true:" Re-read the MS documentation a little closer and you will see that they do not say "one" of these conditions. Here is the exact text from the MS reference page for the Close method:
You can call this method only in the following cases:
- In response to a user-initiated action, for example, in a button Click event handler.
- Before the Application.Startup event has completed (that is, in an IApplicationService.StartService method, an IApplicationLifetimeAware.Starting method, or a Startup event handler).
- In a trusted application.
As you have seen, you need to enable elevated trust.
UPDATE
I concede that the wording used by Microsoft is a bit misleading with either of the first two cases required in combination with the third. Perhaps it would be clearer if worded more accurately as:
by : SonOfPiratehttp://stackoverflow.com/users/173281You can call this method only in a trusted application in either of the following cases:
- In response to a user-initiated action, for example, in a button Click event handler.
- Before the Application.Startup event has completed (that is, in an IApplicationService.StartService method, an IApplicationLifetimeAware.Starting method, or a Startup event handler).
Answer: 2
My OOB application is trusted and I get an error in VS 2010. I think the problem here is that under VS 2010 (debug session -- aka Debugger.IsAttached) Application.Current.MainWindow.Close() only works for OOB deployed applications and NOT in VS 2010. Even when you have an application configured to run OOB in VS 2010, if you check the Application.Current.IsRunningOutOfBrowser it equals FALSE. And further more, Application.Current.HasElevatedPermissions = FALSE ... even though, my SL application setting are set (Enable running application out of the browser = checked, and Require elevated trust when running outside the browser = checked).
This is the error I get in VS 2010 but when deployed to a server it works fine.
"System.NotSupportedException was unhandled by user code Message=Out-of-browser specific settings do not affect in-browser applications. StackTrace: at System.Windows.Application.get_MainWindow() ... "
I find most Silverlight 5 documentation to be pretty bad, very confusing, and often without code samples and even when code samples are provided they are usually wrong or just not very useful examples. I can only assume this is intentional given how bad a state the MSDN library (online) is in, assuming Microsoft are leaving the door open for people to write books. Sadly Books (I've read 9 of these 1000 page books) don't cover these critical topics (which is even more mind boggling given a simple Google search will reveal what questions developers are asking the most) .. book authors just seem to be cashing in and nothing more, tis sad.
Working with just about any Microsoft product these days is a game of trial and error, incredibly inefficient and I'm going to dare suggest why developers aren't adopting their platforms/technologies -- not many folks h
by : user1630972http://stackoverflow.com/users/1630972
No comments:
Post a Comment
Send us your comment related to the topic mentioned on the blog