我可以在启动 XBAP 之前以编程方式检查完全信任吗?
我创建了一个完全信任的 XBAP 应用程序,当使用 .NET 4.0 加载页面时,该应用程序存在于隐藏框架中,而 BrowserInteropHelper 则为我提供主机网页与客户端文件系统访问之间的通信。所有这一切都运行良好。
我发现了以下安装过程,其中我提供了一个支持 URL,@Project Properties Page >发布>选项位于描述下方。然后,当用户收到“未授予信任”错误时向他们显示的支持链接可以提供一组步骤,引导最终用户完成安装过程,最终让用户授予 XBAP 完全信任。
http://social. msdn.microsoft.com/Forums/en-US/wpf/thread/b6f33aa4-4399-430f-ba0f-81fa8ff6efec/
这对我来说效果很好,但我希望为最终用户提供的控件是 UI -less 页面加载时。因此,上述模型不起作用,因为用户无法看到“未授予信任”错误并单击控件上的链接来完成授予信任的过程。
然后,我想到创建第二个没有 UI 的控件,该控件被标记为 PartialTrust,该控件使用与完全信任控件相同的证书进行签名,并在隔离存储沙箱之外执行 IO 操作,以查看该控件是否被授予执行该操作的访问权限因为它具有与已安装在受信任的发布商商店中的签名相同的证书,所以运气不好。
然后,我看到一篇文章,介绍在受信任区域中执行的完全信任 XBAP 如何在启动之前通过一次性点击验证过程,用户可以授予查看软件的发布者并授予 XBAP 完全信任。我认为这可能是一种替代方案,所以我进一步调查,但发现以编程方式检查受信任的站点似乎有点笨拙,因为我真正找到的唯一解决方案是创建一个 activex 对象,否则该站点将无权创建该对象。不是受信任的网站。
我真正寻找的是某种可靠的模型,它可能是 90% 的解决方案,用于确定 XBAP 是否已被授予完全信任,或者当前域是否已被标记为受信任站点,以便最终用户可以访问通过clickonce过程。
提前感谢您的帮助!
编辑: 所以我认为解决方案是编写我的问题的一部分,尚未尝试,但我认为除非你们有更好的建议,否则它就足够了。
在启动页面之前,需要无 UI 控件将用户引导至先决条件页面,该页面加载使用与我的无 UI 控件使用的相同证书签名的 FullTrust XBAP。
重定向到先决条件页面,该页面具有完全信任的带有 UI 的 XBAP,该 XBAP 使用与无 UI 控件相同的证书进行签名。
如果用户看到未授予信任错误,他们可以使用错误中提供的支持 URL 来完成安装过程。
用户完成安装所需的步骤后,会向用户显示一个链接,将其发送回先决条件页面。
每当控件在先决条件页面中加载时,在用户假定授予 XBAP 完全信任之后,通过 .NET 4.0 中支持的 javascript 互操作执行代码,将用户重定向到具有无 UI 控件的页面。
I have created an full trust XBAP application that exists in a hidden frame when the page is loaded using .NET 4.0 and the BrowserInteropHelper which provides me communication between the host web page and access to the client file system. All of this is working perfectly.
I have found the following installation process where I provide a Support URL found @ Project Properties Page > Publish > Options beneath description. Then the support link the user is presented with when they get the 'Trust Not Granted' error can provide a set of steps walking the end user through the installation process ultimately getting the user to grant the XBAP full trust.
http://social.msdn.microsoft.com/Forums/en-US/wpf/thread/b6f33aa4-4399-430f-ba0f-81fa8ff6efec/
This would work fine for me, but the control I wish to provide the end user with is UI-less when the page loads. So the model mentioned above doesn't work because the user can't see the 'Trust Not Granted' error and click the link on the control to walk through the process of granting trust.
I then thought of creating a second control without UI that was marked PartialTrust that was signed with the same cert as the full trust control and performing an IO operation out of the isolated storage sandbox to see if that control would be granted access to perform the operation because it had the same certificate it was signed with already installed in the trusted publishers store, no luck.
I then came across an article about how full trust XBAPs executed in the trusted zone go through a one time clickonce verification process prior to launching where the user can grant see the publisher of the software and grant the XBAP full trust. I thought this may be an alternative so I investigated further but found programmatically checking for a trusted site seems a little cludgy as the only solution I really found has you to create an activex object that the site would otherwise not have permission to create to if it weren't a trusted site.
What I'm really looking for is some kind of a reliable model that may be a 90% solution for determining if an XBAP has already been granted full trust or if the current domain has been marked as a trusted site so the end user can go through the clickonce process.
Thanks for your help in advance!
EDIT:
So I thought of the solution as a part of writing my question and have yet to try it but I think it'll suffice unless any of you have a better suggestion.
Prior to launching the page the requires the UI-less control direct the user to a pre-requisites page that loads a FullTrust XBAP signed with the same cert as my UI-less control uses.
Redirect to pre-requisites page that has a full trust XBAP WITH UI signed with the same cert as the UI-less control.
If the user sees the trust not granted error they can use the Support URL provided as part of the error to walk through the installation process.
After the user completes the steps necessary for installation present the user with a link that sends them back to the pre-requisites page.
Whenever the control loads in the pre-requisites page the after the user supposedly granted the XBAP full trust execute code through the javascript interop supported in .NET 4.0 that redirects the user to the page with the UI-less control.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论