Skip to main content

ScriptPermissionManager Class

SECURITY NOTE

Report scripts are not secure. We recommend that you use expression bindings to customize your reports. Only enable scripts if you trust your reports and cannot use expression bindings.

How to implement secure report scripts

Provides functionality to specify scripting security at the application level.

Namespace: DevExpress.XtraReports.Security

Assembly: DevExpress.XtraReports.v24.1.dll

NuGet Package: DevExpress.Reporting.Core

Declaration

public class ScriptPermissionManager

Remarks

To specify the report script execution mode for the entire application, perform the following steps:

  1. Instantiate the ScriptPermissionManager class with the specified mode at application startup.
  2. Assign the ScriptPermissionManager instance to the GlobalInstance static property.

The following code snippet disables script execution in a reporting application:

using DevExpress.XtraReports.Security;
using System;
// ...

protected void Application_Start(object sender, EventArgs e) {
    ScriptPermissionManager.GlobalInstance = new ScriptPermissionManager(ExecutionMode.Deny);
}

Inheritance

Object
ScriptPermissionManager
See Also