Skip to main content

DevExpress v24.2 Update — Your Feedback Matters

Our What's New in v24.2 webpage includes product-specific surveys. Your response to our survey questions will help us measure product satisfaction for features released in this major update and help us refine our plans for our next major release.

Take the survey Not interested

UserDesignerOptions.ReportLoadingRestrictionLevel Property

Specifies whether end-users are allowed to load untrusted reports with potentially dangerous content in a desktop reporting application.

Namespace: DevExpress.XtraReports.Configuration

Assembly: DevExpress.XtraReports.v24.2.dll

NuGet Package: DevExpress.Reporting.Core

#Declaration

public RestrictionLevel ReportLoadingRestrictionLevel { get; set; }

#Property Value

Type Description
RestrictionLevel

A RestrictionLevel enumeration value.

Available values:

Name Description
Enable

Permit loading untrusted reports by end-users via application GUI.

Disable

Forbid loading untrusted reports by end-users via application GUI.

Prompt

Ask for an end-user’s permission on every attempt to load an untrusted report.

#Property Paths

You can access this nested property as listed below:

Object Type Path to ReportLoadingRestrictionLevel
ReportingSettings
.UserDesignerOptions .ReportLoadingRestrictionLevel
Settings
.UserDesignerOptions .ReportLoadingRestrictionLevel

#Remarks

End-User Report Designer (WinForms and WPF) displays the following warning when a user attempts to load a potentially unsafe report:

report-designer-load-report-warning

A report is considered unsafe if it or any of its subreports contain any of the following:

The following code prevents users from loading unsafe reports:

static class Program {
    static void Main() {
        DevExpress.XtraReports.Configuration.Settings.Default.UserDesignerOptions.ReportLoadingRestrictionLevel =
    DevExpress.XtraReports.UI.RestrictionLevel.Disable;
    }
}

The code above displays the error message when the user attempts to load a potentially unsafe report.

report-designer-load-report-disabled-warning

In a restricted environment where all reports are guaranteed to be safe, you can disable this warning and allow users to load any report by setting the UserDesignerOptions.ReportLoadingRestrictionLevel property to RestrictionLevel.Enable.

The following code lets you determine whether a report is considered unsafe, and displays detected security warnings in the Output window:

var traceSource = DevExpress.XtraPrinting.Tracer.GetSource("DXperience.Reporting", 
    System.Diagnostics.SourceLevels.Error | System.Diagnostics.SourceLevels.Warning);
var listener = new System.Diagnostics.DefaultTraceListener();
traceSource.Listeners.Add(listener);
try {
    new XtraReport1().ShowRibbonDesignerDialog();
} finally {
    traceSource.Listeners.Remove(listener);
}
See Also