ProcessStartPolicy.ConfirmationRequest Event
Occurs before the confirmation dialog is displayed (when a DevExpress UI control attempts to start a process that is not included in the list of trusted resources).
Namespace: DevExpress.Data.Utils
Assembly: DevExpress.Data.Desktop.v25.2.dll
NuGet Packages: DevExpress.Data.Desktop, DevExpress.ExpressApp.Win.Design
Declaration
public static event EventHandler<ProcessStartPolicy.RestrictedProcessStartConfirmationEventArgs> ConfirmationRequestEvent Data
The ConfirmationRequest event's data class is ProcessStartPolicy.RestrictedProcessStartConfirmationEventArgs. The following properties provide information specific to this event:
| Property | Description |
|---|---|
| Arguments | Gets command-line arguments that will be passed to the process. |
| ProcessName | Gets the process name. |
| Uri | Gets the URI associated with the process (if the target can be interpreted as a URI). |
The event data class exposes the following methods:
| Method | Description |
|---|---|
| AllowStart() | Explicitly allows the process to start. |
| BlockStart() | Explicitly blocks the process from starting. |
Remarks
Handle the ConfirmationRequest event to programmatically analyze the requested process or URL and explicitly allow or block its execution without displaying the confirmation dialog. The event allows you to implement custom security validation logic (for example, to inspect command-line arguments) and centrally control process execution initiated by DevExpress controls.
- Call the e.AllowStart() method if your validation logic determines that the process is safe and should proceed.
- Call the e.BlockStart() method if the process is unsafe or does not meet your security requirements.
The following example enables the RequireConfirmation() policy at application startup and handles the ConfirmationRequest event to implement custom validation logic. The event handler allows only HTTPS URLs and blocks all other process start requests without displaying the confirmation dialog.
using DevExpress.Data.Utils;
internal static class Program {
[STAThread]
static void Main() {
// Apply the RequireConfirmation policy.
ProcessStartPolicy.RequireConfirmation();
ProcessStartPolicy.ConfirmationRequest += ProcessStartPolicy_ConfirmationRequest;
ApplicationConfiguration.Initialize();
Application.Run(new Form1());
}
// Allow only HTTPS URLs.
static void ProcessStartPolicy_ConfirmationRequest(object? sender, ProcessStartPolicy.RestrictedProcessStartConfirmationEventArgs e) {
if (e.Uri != null)
if (e.Uri.Scheme == Uri.UriSchemeHttps)
e.AllowStart(); // Safe URL — allow execution
else
e.BlockStart(); // Non-HTTPS — block execution
}
}
When Does ConfirmationRequest Fire?
The ConfirmationRequest event is raised before the confirmation dialog is displayed if the active Process Start Policy mode determines that a process or URL request is potentially unsafe and requires user confirmation.
The conditions depend on the active policy mode:
- Default Mode
- The event is raised when a process or URL request fails the built-in DevExpress security validation.
- Require Confirmation Mode
- The event is raised for any process or URL request that is not included in the trusted resources list (all non-trusted processes are treated as potentially unsafe). Refer to the following help topic for additional information: RequireConfirmation().
Most controls operate in this default mode, including:
- Controls that call
Process.Start(for example, when a document is exported and automatically opened in Microsoft Word) - WinForms hyperlink editors, and similar controls
Hyperlinks within Document Viewer controls operate in Require Confirmation Mode.