Security Considerations
- 3 minutes to read
This document describes how to avoid possible security risks when deploying a WinForms application containing the DashboardDesigner or DashboardViewer control and consists of the following sections:
Data Connection Security
The DashboardDesigner and DashboardViewer can use different data source types to supply dashboards with data. Certain data sources (such as DashboardSqlDataSource or DashboardOlapDataSource) require establishing a data connection using specific connection parameters. You can provide end-users with the capability to create data sources based on predefined data connections, or by adding the required predefined data sources in code. To provide connection parameters in a safe way, use one of the following approaches:
- Add the required connection string to the connectionStrings section in the application’s configuration file.
- Handle the DashboardDesigner.ConfigureDataConnection / DashboardViewer.ConfigureDataConnection events to provide the required connection parameters at runtime.
Important
Storing connection strings in the application’s configuration file is a suitable approach for a development environment. In a production environment, use the ConfigureDataConnection events, because this allows you to implement more flexible security models.
Data Source Security
SQL Data Source - Enabling Custom SQL
The Data Source Wizard allows only visual construction of SQL queries using the built-in Query Builder. Queries constructed using the Query Builder can only contain a SELECT statement and are guaranteed to be safe.
Manual editing of SQL queries is considered unsafe and is disabled by default. You can enable SQL editing at your own risk using the approach described in the following document: Custom SQL Queries
Important
Custom SQL queries are validated before their execution. Although the default validation mechanism only allows custom queries containing SELECT statements (except for SELECT INTO clauses), it cannot be considered safe, as it does not prevent the execution of potentially harmful requests. Before enabling this option, please make sure to apply a secure SQL validation that prevents the execution of harmful requests.
We recommend utilizing the access control functionality of your database management system to achieve the highest level of database security.
Entity Framework Data Source - Restricting Access to Unauthorized Assemblies
Entity Framework data sources (DashboardEFDataSource) the reference the loading of custom assemblies are forbidden by default.
To permit loading a specific assembly, handle the DashboardDesigner.CustomAssemblyLoading / DashboardViewer.CustomAssemblyLoading events. An unauthorized attempt to load a custom assembly results in a CustomAssemblyLoadingProhibitedException.
Object Data Source - Data Validation
If an end-user opens the dashboard containing the DashboardObjectDataSource, the following message displays by default before data loading:
Loading the data sources referenced in this file may harm your computer. Was this file obtained from a trusted source?
This dialog allows end-users to select whether to trust the object data sources available in the application. You can change this default logic using the DataSourceOptionsContainer.ObjectDataSourceLoadingBehavior property. For instance, you can allow loading any object data sources, or you can load object data sources in a safe mode when their data member and data source settings are cleared.
To obtain the DataSourceOptionsContainer object (that exposes DataSourceOptionsContainer.ObjectDataSourceLoadingBehavior), use the DataSourceOptions properties exposed by the DashboardDesigner and DashboardViewer controls.
You can also provide a custom data source validation by handling the ObjectDataSource.BeforeFill event for the specified data source. The corresponding static ObjectDataSource.BeforeFillGlobal event allows you to validate all object data sources in your application.