Security Considerations

This document describes how to avoid possible security risks when deploying a WinForms application containing the DashboardDesigner or DashboardViewer control and consists of the following sections:

Data Connection Security

The DashboardDesigner and DashboardViewer can use different data source types to supply dashboards with data. Certain data sources (such as DashboardSqlDataSource or DashboardOlapDataSource) require establishing a data connection using specific connection parameters. You can provide end-users with the capability to create data sources based on predefined data connections, or by adding the required predefined data sources in code. To provide connection parameters in a safe way, use one of the following approaches:

Important

Storing connection strings in the application's configuration file is a suitable approach for a development environment. In a production environment, use the ConfigureDataConnection events, because this allows you to implement more flexible security models.

Data Source Security

  • SQL Data Source - Enabling Custom SQL

    The Data Source Wizard allows only visual construction of SQL queries using the built-in Query Builder. Queries constructed using the Query Builder can only contain a SELECT statement and are guaranteed to be safe.

    Manual editing of SQL queries is considered unsafe and is disabled by default. You can enable SQL editing at your own risk using the approach described in the following document: Custom SQL Queries

    Important

    Custom SQL queries are validated before their execution. Although the default validation mechanism only allows custom queries containing SELECT statements (except for SELECT INTO clauses), it cannot be considered safe, as it does not prevent the execution of potentially harmful requests. Before enabling this option, please make sure to apply a secure SQL validation that prevents the execution of harmful requests.

    We recommend utilizing the access control functionality of your database management system to achieve the highest level of database security.

  • Entity Framework Data Source - Restricting Access to Unauthorized Assemblies

    Entity Framework data sources (DashboardEFDataSource) the reference the loading of custom assemblies are forbidden by default.

    To permit loading a specific assembly, handle the DashboardDesigner.CustomAssemblyLoading / DashboardViewer.CustomAssemblyLoading events. An unauthorized attempt to load a custom assembly results in a CustomAssemblyLoadingProhibitedException.

  • Object Data Source - Data Validation

    If an end-user opens the dashboard containing the DashboardObjectDataSource, the following message displays by default before data loading:

    Loading the data sources referenced in this file may harm your computer. Was this file obtained from a trusted source?

    WinDashboard_SecurityConsiderations_Warning

    This dialog allows end-users to select whether to trust the object data sources available in the application. You can change this default logic using the DataSourceOptionsContainer.ObjectDataSourceLoadingBehavior property. For instance, you can allow loading any object data sources, or you can load object data sources in a safe mode when their data member and data source settings are cleared.

    To obtain the DataSourceOptionsContainer object (that exposes DataSourceOptionsContainer.ObjectDataSourceLoadingBehavior), use the DataSourceOptions properties exposed by the DashboardDesigner and DashboardViewer controls.

    You can also provide a custom data source validation by handling the ObjectDataSource.BeforeFill event for the specified data source. The corresponding static ObjectDataSource.BeforeFillGlobal event allows you to validate all object data sources in your application.