XtraReport.LoadLayout(Stream) Method
Loads a report from a Stream that contains XML or CodeDOM-based serialized report.
Namespace: DevExpress.XtraReports.UI
Assembly: DevExpress.XtraReports.v24.1.dll
NuGet Package: DevExpress.Reporting.Core
Declaration
Parameters
| Name | Type | Description |
|---|---|---|
| stream | Stream | A Stream object that contains the report serialization data. |
Remarks
TheLoadLayout method allows you to deserialize a report from XML or CodeDOM-based serialization data created with the following methods:
- XtraReport.SaveLayout
- XtraReport.SaveLayoutToXml
- The Save action in the End-User Designer. Review the following topic for more information: Save Report Layouts.
TheLoadLayout method automatically determines whether the specified file contains a serialized XML or CodeDOM-based report and uses the appropriate procedure to load the report. For security reasons, you may decide to use the XtraReport.LoadLayoutFromXml(Stream) method instead, to load only XML-serialized reports.
Note
Deserialization of reports received from untrusted parties can trigger the execution of malicious code, which can either be directly embedded in the report definition or contained in an external assembly referenced by the report.
To avoid this, we recommend that you use XML serialization instead of CodeDOM (so that reports can be safely deserialized using the XtraReport.LoadLayoutFromXml method instead of the less secure LoadLayout method) and prevent any untrusted third-party libraries from being available on the server.
The CodeDOM serialization is not supported under the Full Trust permission level, and XML serialization is the only option to save reports.
Review the following topics for more information: