Safe Deserialization
DevExpress controls use a safety mechanism for all deserialization operations to improve security. An exception is thrown if a control attempts to load an unsafe type.
Deserialize Trusted Types
You should review all unsafe type exceptions. If you trust a certain type, use the following code to enable deserialization:
Call the following method to trust all types from a specific assembly:
DevExpress.Utils.DeserializationSettings.RegisterTrustedAssembly("CustomAssembly, Version=x.x.x.x, Culture=neutral, PublicKeyToken=xxxxxxxxxxxxxxxx");
DevExpress.Utils.DeserializationSettings.RegisterTrustedAssembly(typeof(CustomClass).Assembly);
Trust a Part of Your Code
If you trust a data source that raises a security exception, you can turn off safe deserialization for certain sections of code: