Skip to main content
BuyLog In
Cross-Platform Class Library
Search in…
Docs > API Reference > DevExpress.Security.Resources > AccessSettings
All docs
V25.2
    • Cross-Platform Core Libraries
    Core Library Assemblies
    AI Integration
    DevExpress Data Library
    DevExpress.Drawing Graphics Library
    DevExpress Pivot Grid Core Library
    Miscellaneous
    API Reference
    DevExpress.AIIntegration
    DevExpress.AIIntegration.Docs
    DevExpress.AIIntegration.Extensions
    DevExpress.AIIntegration.Localization
    DevExpress.AIIntegration.OpenAI.Services
    DevExpress.AIIntegration.Services.Assistant
    DevExpress.AIIntegration.Services.Chat
    DevExpress.Charts.Heatmap
    DevExpress.Charts.Sankey
    DevExpress.DashboardCommon
    DevExpress.DashboardCommon.Diagnostics
    DevExpress.DashboardWeb
    DevExpress.Data
    DevExpress.Data.Browsing
    DevExpress.Data.Camera
    DevExpress.Data.Controls
    DevExpress.Data.Controls.ExpressionEditor
    DevExpress.Data.Entity
    DevExpress.Data.Filtering
    DevExpress.Data.Filtering.Exceptions
    DevExpress.Data.Filtering.Helpers
    DevExpress.Data.Linq
    DevExpress.Data.Mask
    DevExpress.Data.ODataLinq
    DevExpress.Data.PivotGrid
    DevExpress.Data.PLinq
    DevExpress.Data.TreeList
    DevExpress.Data.Utils
    DevExpress.Data.Utils.Security
    DevExpress.Data.Utils.ServiceModel
    DevExpress.Data.WcfLinq
    DevExpress.Data.WizardFramework
    DevExpress.Data.XtraReports.DataProviders
    DevExpress.DataAccess
    DevExpress.DataAccess.ConnectionParameters
    DevExpress.DataAccess.DataFederation
    DevExpress.DataAccess.EntityFramework
    DevExpress.DataAccess.Excel
    DevExpress.DataAccess.ExpressionEditor
    DevExpress.DataAccess.Json
    DevExpress.DataAccess.Localization
    DevExpress.DataAccess.MongoDB
    DevExpress.DataAccess.ObjectBinding
    DevExpress.DataAccess.Sql
    DevExpress.DataAccess.Sql.DataApi
    DevExpress.DataAccess.UI.Localization
    DevExpress.DataAccess.Web
    DevExpress.DataAccess.Web.QueryBuilder
    DevExpress.DataAccess.Web.QueryBuilder.DataContracts
    DevExpress.DataAccess.Wizard
    DevExpress.DataAccess.Wizard.Model
    DevExpress.DataAccess.Wizard.Presenters
    DevExpress.DataAccess.Wizard.Services
    DevExpress.DataAccess.Wizard.Views
    DevExpress.DataProcessing.Criteria
    DevExpress.Diagram.Core
    DevExpress.Diagram.Core.Layout
    DevExpress.Diagram.Core.Localization
    DevExpress.Diagram.Core.Native
    DevExpress.Diagram.Core.Serialization
    DevExpress.Diagram.Core.Shapes
    DevExpress.Diagram.Core.Themes
    DevExpress.DocumentServices.ServiceModel
    DevExpress.DocumentServices.ServiceModel.Client
    DevExpress.DocumentServices.ServiceModel.DataContracts
    DevExpress.DocumentView
    DevExpress.Drawing
    DevExpress.Drawing.Extensions
    DevExpress.Drawing.Printing
    DevExpress.Entity.Model
    DevExpress.Entity.ProjectModel
    DevExpress.Export
    DevExpress.Export.Xl
    DevExpress.Map
    DevExpress.Mvvm
    DevExpress.Mvvm.DataAnnotations
    DevExpress.Mvvm.DataModel
    DevExpress.Mvvm.Gantt
    DevExpress.Mvvm.ModuleInjection
    DevExpress.Mvvm.UI
    DevExpress.Mvvm.Utils
    DevExpress.Mvvm.ViewModel
    DevExpress.Mvvm.Xpf
    DevExpress.Office.Crypto
    DevExpress.PivotGrid.Criteria
    DevExpress.PivotGrid.DataBinding
    DevExpress.PivotGrid.Printing
    DevExpress.Printing
    DevExpress.Printing.ExportHelpers
    DevExpress.ReportServer.Printing
    DevExpress.ReportServer.Printing.Services
    DevExpress.ReportServer.ServiceModel.Client
    DevExpress.ReportServer.ServiceModel.ConnectionProviders
    DevExpress.ReportServer.ServiceModel.DataContracts
    DevExpress.Schedule
    DevExpress.Security.Resources
    AccessPermission
    AccessSettings
    Members
    Constructors
    Properties
    Methods
    Events
    AccessSettings.UriValidatedEventArgs
    AccessSettings.UriValidatedWeakEventHandler
    CustomAccessRule
    DirectoryAccessRule
    IAccessRule
    IUriAccessRule
    UriAccessRule
    UrlAccessRule
    DevExpress.Services
    DevExpress.Sparkline
    DevExpress.TreeMap
    DevExpress.Utils
    DevExpress.Utils.Commands
    DevExpress.Utils.Controls
    DevExpress.Utils.Filtering
    DevExpress.Utils.Filtering.Internal
    DevExpress.Utils.Html
    DevExpress.Utils.IoC
    DevExpress.Utils.Localization
    DevExpress.Utils.Serializing
    DevExpress.Utils.Serializing.Helpers
    DevExpress.Utils.Svg
    DevExpress.WebUtils
    DevExpress.Xpf.Core
    DevExpress.Xpf.Data
    DevExpress.Xpf.Printing
    DevExpress.Xpo
    DevExpress.Xpo.DB
    DevExpress.Xpo.DB.Exceptions
    DevExpress.Xpo.DB.Helpers
    DevExpress.Xpo.Helpers
    DevExpress.XtraCharts
    DevExpress.XtraCharts.Heatmap
    DevExpress.XtraCharts.Heatmap.Printing
    DevExpress.XtraCharts.Localization
    DevExpress.XtraCharts.Printing
    DevExpress.XtraCharts.Sankey
    DevExpress.XtraCharts.Sankey.Printing
    DevExpress.XtraEditors
    DevExpress.XtraEditors.DXErrorProvider
    DevExpress.XtraEditors.Filtering
    DevExpress.XtraExport.Csv
    DevExpress.XtraGauges.Base
    DevExpress.XtraGauges.Core
    DevExpress.XtraGauges.Core.Base
    DevExpress.XtraGauges.Core.Drawing
    DevExpress.XtraGauges.Core.Localization
    DevExpress.XtraGauges.Core.Model
    DevExpress.XtraGauges.Core.Primitive
    DevExpress.XtraGrid
    DevExpress.XtraPivotGrid
    DevExpress.XtraPivotGrid.Customization
    DevExpress.XtraPivotGrid.Data
    DevExpress.XtraPivotGrid.Localization
    DevExpress.XtraPivotGrid.Selection
    DevExpress.XtraPrinting
    DevExpress.XtraPrinting.Accessibility
    DevExpress.XtraPrinting.BarCode
    DevExpress.XtraPrinting.BarCode.EPC
    DevExpress.XtraPrinting.Caching
    DevExpress.XtraPrinting.DataNodes
    DevExpress.XtraPrinting.Drawing
    DevExpress.XtraPrinting.Export
    DevExpress.XtraPrinting.Export.Web
    DevExpress.XtraPrinting.Localization
    DevExpress.XtraPrinting.Native
    DevExpress.XtraPrinting.Security
    DevExpress.XtraPrinting.Shape
    DevExpress.XtraPrinting.Shape.Native
    DevExpress.XtraPrinting.WebClientUIControl.DataContracts
    DevExpress.XtraPrintingLinks
    DevExpress.XtraReports
    DevExpress.XtraReports.Configuration
    DevExpress.XtraReports.Design
    DevExpress.XtraReports.Expressions
    DevExpress.XtraReports.Expressions.Native
    DevExpress.XtraReports.Parameters
    DevExpress.XtraReports.Parameters.ViewModels
    DevExpress.XtraReports.ReportGeneration
    DevExpress.XtraReports.UI
    DevExpress.XtraReports.Web.ReportDesigner
    DevExpress.XtraReports.Web.ReportDesigner.DataContracts
    DevExpress.XtraReports.Web.WebDocumentViewer
    DevExpress.XtraReports.Web.WebDocumentViewer.DataContracts
    DevExpress.XtraScheduler
    DevExpress.XtraScheduler.Compatibility
    DevExpress.XtraScheduler.Drawing
    DevExpress.XtraScheduler.Exchange
    DevExpress.XtraScheduler.iCalendar
    DevExpress.XtraScheduler.iCalendar.Components
    DevExpress.XtraScheduler.Localization
    DevExpress.XtraScheduler.Native
    DevExpress.XtraScheduler.Outlook
    DevExpress.XtraScheduler.Outlook.Interop
    DevExpress.XtraScheduler.Reporting
    DevExpress.XtraScheduler.Services
    DevExpress.XtraScheduler.Services.Implementation
    DevExpress.XtraScheduler.Tools
    DevExpress.XtraScheduler.UI
    DevExpress.XtraScheduler.Xml
    DevExpress.XtraSpellChecker
    DevExpress.XtraSpellChecker.Rules

    AccessSettings Class

    Allows you to restrict external resource locations for security reasons.

    Namespace: DevExpress.Security.Resources

    Assembly: DevExpress.Data.v25.2.dll

    Declaration

    public class AccessSettings

    The following members return AccessSettings objects:

    Remarks

    The following image illustrates how to use the AccessSettings class to allow or restrict certain resource locations:

    AccessSettings

    The table below gives a brief overview of all the API and provides links for more information.

    StaticResources

    A static property that allows you to specify access settings for images.

    DataResources

    A static property that allows you to specify access settings for data resources (JSON, Extract, and Excel data sources).

    ReportingSpecificResources

    A static property that allows you to specify access settings for report style sheets and serialization formats.

    SetRules(IAccessRule[])

    Register resource access rules.

    DirectoryAccessRule.Allow

    A static method that allows access to all or only specified directories.

    DirectoryAccessRule.Deny()

    A static method that denies access to all or only specified directories.

    UrlAccessRule.Allow()

    A static method that allows access to all or only specified URLs.

    UrlAccessRule.Deny()

    A static method that denies access to all or only specified URLs.

    You can also create a CustomAccessRule to implement custom logic when a URI is checked.

    You can call the SetRules(IAccessRule[]) method only once during a single application run. Subsequent calls raise an exception. This ensures that rules cannot be overridden once specified.

    If no access rules are registered, resources can be loaded from any location.

    Examples

    // Allow images to be loaded only from the "C:\\StaticResources\\" file directory and "http://mysite.dev" site
DevExpress.Security.Resources.AccessSettings.StaticResources.SetRules(DirectoryAccessRule.Allow("C:\\StaticResources\\"), UrlAccessRule.Allow("http://mysite.dev"));

    // Allow JSON data load only from the "http://mysite.dev" URL
// Prohibit Excel data load (Excel data load from URLs is not supported)
DevExpress.Security.Resources.AccessSettings.DataResources.SetRules(UrlAccessRule.Allow("http://mysite.dev"), DirectoryAccessRule.Deny());

    // Allow style sheets to be loaded only from the "C:\\StaticResources\\" file directory
// Deny CodeDOM report layout serialization format
DevExpress.Security.Resources.AccessSettings.ReportingSpecificResources.SetRules(DirectoryAccessRule.Allow("C:\\StaticResources\\"), SerializationFormatRule.Deny(SerializationFormat.CodeDom));

    Inheritance

    Object
    AccessSettings
    See Also