UrlAccessSecurityLevelSetting Class
Specifies the security settings for resolving URL’s in a web application.
Namespace: DevExpress.Utils
Assembly: DevExpress.Data.v24.1.dll
NuGet Package: DevExpress.Data
Declaration
Remarks
The XRPictureBox.ImageUrl property of the XRPictureBox report control does not accept the “file://“ protocol by default to prevent unauthorized access to images on the server (e.g., BMP, PNG and JPG files). The same applies to the XRRichText report control when images are added using the IncludePicture field. For security reasons, both these controls only support the “http://“, “https://“ and “ftp://“ protocols by default.
To enable using the “file://“ protocol for loading images, use the corresponding methods (UrlAccessSecurityLevelSetting.RegisterCustomBaseDirectories and UrlAccessSecurityLevelSetting.RegisterCustomCallback) or set the UrlAccessSecurityLevelSetting.SecurityLevel property to one of the following UrlAccessSecurityLevel enumeration values.
- UrlAccessSecurityLevel.FilesFromBaseDirectory - enables loading images from the working directory (defined by the AppDomain.CurrentDomain.BaseDirectory property).
- UrlAccessSecurityLevel.Unrestricted - enables loading of any image from any directory.