Skip to main content
BuyLog In
.NET Reporting Tools
Search in…
Docs > API Reference > DevExpress.XtraReports.Security > ScriptPermissionManager
All docs
V24.2
Reporting
Product Information
What's New
.NET Support
Get Started with DevExpress Reporting
Create Different Report Types (Walkthroughs)
Detailed Guide to DevExpress Reporting
Memory Usage in Reporting - Best Practices
Localize Reporting Applications
Security Considerations
AI-powered Extensions
Visual Studio Report Designer
VS Code Report Designer
Reporting for Desktop
Reporting for .NET MAUI
Reporting for Web
Reporting .NET Migration Guides
Cloud Integration
.NET Aspire Integration
Cross-Platform .NET App UI
Backend Web API Service / REST API for Reporting
WCF Report Service
End-User Documentation
Redistribution and Deployment
API Reference
DevExpress.AIIntegration.Web.Reporting.Common.WebDocumentViewer
DevExpress.XtraCharts
DevExpress.XtraPrinting.Caching
DevExpress.XtraPrinting.Diagnostics
DevExpress.XtraReports
DevExpress.XtraReports.CodeCompletion
DevExpress.XtraReports.CodeCompletion.Storages
DevExpress.XtraReports.Configuration
DevExpress.XtraReports.Data
DevExpress.XtraReports.Design
DevExpress.XtraReports.Expressions
DevExpress.XtraReports.Extensions
DevExpress.XtraReports.FavoriteProperties
DevExpress.XtraReports.Import
DevExpress.XtraReports.Interactivity
DevExpress.XtraReports.Localization
DevExpress.XtraReports.Native
DevExpress.XtraReports.Parameters
DevExpress.XtraReports.ReportGallery
DevExpress.XtraReports.ReportGeneration
DevExpress.XtraReports.Scripting
DevExpress.XtraReports.Security
CodeDomLayoutDeserializationRestrictedException
ExecutionMode
ScriptPermissionManager
Members
Constructors
Properties
Methods
SerializationFormatRule
DevExpress.XtraReports.Serialization
DevExpress.XtraReports.Service
DevExpress.XtraReports.Service.Extensions
DevExpress.XtraReports.Services
DevExpress.XtraReports.Templates
DevExpress.XtraReports.UI
DevExpress.XtraReports.UI.CrossTab
DevExpress.XtraReports.UI.PivotGrid
DevExpress.XtraReports.UserDesigner
DevExpress.XtraReports.Web
DevExpress.XtraReports.Web.Azure
DevExpress.XtraReports.Web.Azure.ReportDesigner
DevExpress.XtraReports.Web.Azure.WebDocumentViewer
DevExpress.XtraReports.Web.ClientControls
DevExpress.XtraReports.Web.ClientControls.DataContracts
DevExpress.XtraReports.Web.Extensions
DevExpress.XtraReports.Web.Localization
DevExpress.XtraReports.Web.ParametersPanel
DevExpress.XtraReports.Web.QueryBuilder
DevExpress.XtraReports.Web.QueryBuilder.Native
DevExpress.XtraReports.Web.QueryBuilder.Services
DevExpress.XtraReports.Web.ReportDesigner
DevExpress.XtraReports.Web.ReportDesigner.DataContracts
DevExpress.XtraReports.Web.ReportDesigner.Native
DevExpress.XtraReports.Web.ReportDesigner.Services
DevExpress.XtraReports.Web.WebDocumentViewer
DevExpress.XtraReports.Web.WebDocumentViewer.DataContracts
DevExpress.XtraReports.Web.WebDocumentViewer.Native
DevExpress.XtraReports.Wizards
DevExpress.XtraReports.Wizards.Builder
DevExpress.XtraReports.Wizards.ColorSchemes
DevExpress.XtraReports.Wizards.CrossTab
DevExpress.XtraReports.Wizards.Labels
DevExpress.XtraReports.Wizards.Presenters
DevExpress.XtraReports.Wizards.Templates
DevExpress.XtraReports.Wizards.Views
ASP.NET Core API Reference
Blazor API Reference
Client API Reference
Client API Reference (Web Forms & MVC)
Download CHM

ScriptPermissionManager Class

SECURITY NOTE

Report scripts are not secure and are disabled by default. We recommend that you use expression bindings to customize your reports. Use scripts only if you trust your reports and you cannot switch to expression bindings.

How to implement secure report scripts

Provides functionality to specify scripting security at the application level.

Namespace: DevExpress.XtraReports.Security

Assembly: DevExpress.XtraReports.v24.2.dll

NuGet Package: DevExpress.Reporting.Core

Declaration

public class ScriptPermissionManager

Remarks

To specify the report script execution mode for the entire application, perform the following steps:

  1. Instantiate the ScriptPermissionManager class with the specified mode at application startup.
  2. Assign the ScriptPermissionManager instance to the GlobalInstance static property.

The following code snippet disables script execution in a reporting application:

using DevExpress.XtraReports.Security;
using System;
// ...

protected void Application_Start(object sender, EventArgs e) {
    ScriptPermissionManager.GlobalInstance = new ScriptPermissionManager(ExecutionMode.Deny);
}

Inheritance

Object
ScriptPermissionManager
See Also