Sidebar 6: About .NET Control Hosts
Background: Starting a .NET control with reduced rights inside a browser is different from starting it from a WinForms application. This is because the initially enabled rights are different.
It's possible to load a .NET assembly into a WinForms application as if it has been downloaded from the Internet zone - even if the .NET assembly is stored on the local system. Since the application has full trust all rights granted to the .NET assembly can be used without an assertion - if for example the .NET assembly has been granted additional rights through the .NET security configuration based on its strong name. This is different from loading the same .NET assembly into the browser. Since the browser as a CLR host will reduce the initial rights to the related zone the .NET code must explicitly - this includes declarative assertions by using the permission attributes - assert the right before accessing the resource.
Back to List of Sidebars
Back to Projects Home Page