Skip Navigation

Blog » Trust Not Granted: A guide to what you can and can't do with XBAPS

I've done poorly at updating these last few months ... still moving the site to a new server but work is relentless at the moment and leaving me with little enthusiasm to carry on with more of the same when I get home!

Fortunately, I have friends and colleagues who are not so similarly burdened at the moment, and one of these is Allan Wenham, .NET developer extrordinaire. He has put together a guest post - a short guide to non-permitted actions in XBAPs. Over to you, Al:

So you're going to make an XBAP application, lucky you. First thing you should consider is the limitations imposed by the security model and importantly the framework itself.

Rule 0: You must have at least framework 3.0 to run an XBAP, 3.5 SP1 is highly recommended.

Rule 1: You can't run an XBAP on any other browser then IE in with .net framework 3.0. 3.5 SP1 of the .Net framework supports Mozilla Firefox; sadly no other browsers are supported at this time.

Rule 2: There are many things you cannot do with your XBAP in partial trust mode. Here I will provide what I hope is a fairly comprehensive list of non-permitted actions that will give you the dreaded "Trust not Granted" error. Main because as the time of writing I couldn't find such a list!

  • Opening up a new browser window
  • Directly connecting with a database
  • Any File IO
  • Talking to a WCF services that is not on the same hosting server
  • Talking to a WCF service that has any other binding apart from BasicHTTPBinding
  • Most standard dialogs (as well as input box)
  • OS driven Drag and Drop
  • Bitmap Effects- although these are deprecated in .NET 3.5 SP1
  • Shader Effects

Al works for Venture Finance PLC doing .Net Programming. When he's not building websites, he's writing about Turkish Delight (Fry's specifically). You can email him with questions at or leave comments below. Thanks, Al!

comments powered by Disqus