ScriptPermissionManager Class
In This Article
SECURITY NOTE
Report scripts are not secure and are disabled by default. We recommend that you use expression bindings to customize your reports. Use scripts only if you trust your reports and you cannot switch to expression bindings.
Provides functionality to specify scripting security at the application level.
Namespace: DevExpress.XtraReports.Security
Assembly: DevExpress.XtraReports.v24.2.dll
NuGet Package: DevExpress.Reporting.Core
#Declaration
#Related API Members
The following members return ScriptPermissionManager objects:
#Remarks
To specify the report script execution mode for the entire application, perform the following steps:
- Instantiate the
ScriptPermissionManager
class with the specified mode at application startup. - Assign the
ScriptPermissionManager
instance to the GlobalInstance static property.
The following code snippet disables script execution in a reporting application:
using DevExpress.XtraReports.Security;
using System;
// ...
protected void Application_Start(object sender, EventArgs e) {
ScriptPermissionManager.GlobalInstance = new ScriptPermissionManager(ExecutionMode.Deny);
}
See Also