AccessSettings Class

Allows you to restrict external resource locations for security reasons.

Namespace: DevExpress.Security.Resources

Assembly: DevExpress.Data.v24.1.dll

Declaration

C#
VB.NET

public class AccessSettings

Public Class AccessSettings

The following members return AccessSettings objects:

Remarks

The following image illustrates how to use the AccessSettings class to allow or restrict certain resource locations:

AccessSettings

The table below gives a brief overview of all the API and provides links for more information.

StaticResources	A static property that allows you to specify access settings for images.
DataResources	A static property that allows you to specify access settings for data resources (JSON, Extract, and Excel data sources).
ReportingSpecificResources	A static property that allows you to specify access settings for report style sheets and serialization formats.
SetRules(IAccessRule[]) TrySetRules(IAccessRule[])	Register resource access rules.
DirectoryAccessRule.Allow	A static method that allows access to all or only specified directories.
DirectoryAccessRule.Deny()	A static method that denies access to all or only specified directories.
UrlAccessRule.Allow()	A static method that allows access to all or only specified URLs.
UrlAccessRule.Deny()	A static method that denies access to all or only specified URLs.

You can also create a CustomAccessRule to implement custom logic when a URI is checked.

You can call the SetRules(IAccessRule[]) method only once during a single application run. Subsequent calls raise an exception. This ensures that rules cannot be overridden once specified. Alternatively, use the TrySetRules(IAccessRule[]) method. It does not raise an exception, but returns false.

If no access rules are registered, resources can be loaded from any location.

Examples

C#
VB.NET

// Allow images to be loaded only from the "C:\\StaticResources\\" file directory and "http://mysite.dev" site
DevExpress.Security.Resources.AccessSettings.StaticResources.SetRules(DirectoryAccessRule.Allow("C:\\StaticResources\\"), UrlAccessRule.Allow("http://mysite.dev"));

' Allow images to be loaded only from the "C:\\StaticResources\\" file directory and "http://mysite.dev" site
DevExpress.Security.Resources.AccessSettings.StaticResources.SetRules(DirectoryAccessRule.Allow("C:\\StaticResources\\"), UrlAccessRule.Allow("http://mysite.dev"))

C#
VB.NET

// Allow JSON data load only from the "http://mysite.dev" URL
// Prohibit Excel data load (Excel data load from URLs is not supported)
DevExpress.Security.Resources.AccessSettings.DataResources.SetRules(UrlAccessRule.Allow("http://mysite.dev"), DirectoryAccessRule.Deny());

' Allow JSON data load only from the "http://mysite.dev" URL
' Prohibit Excel data load (Excel data load from URLs is not supported)
DevExpress.Security.Resources.AccessSettings.DataResources.SetRules(UrlAccessRule.Allow("http://mysite.dev"), DirectoryAccessRule.Deny())

C#
VB.NET

// Allow style sheets to be loaded only from the "C:\\StaticResources\\" file directory
// Deny CodeDOM report layout serialization format
DevExpress.Security.Resources.AccessSettings.ReportingSpecificResources.SetRules(DirectoryAccessRule.Allow("C:\\StaticResources\\"), SerializationFormatRule.Deny(SerializationFormat.CodeDom));

' Allow style sheets to be loaded only from the "C:\\StaticResources\\" file directory
' Deny CodeDOM report layout serialization format
DevExpress.Security.Resources.AccessSettings.ReportingSpecificResources.SetRules(DirectoryAccessRule.Allow("C:\\StaticResources\\"), SerializationFormatRule.Deny(SerializationFormat.CodeDom))

Inheritance

Object

AccessSettings

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

Controls

Tools

Controls and Extensions

Tools

Maintenance Mode

AccessSettings Class

Declaration

Remarks

Inheritance

AccessSettings Class

Declaration

Related API Members

Remarks

Inheritance