Safe File Upload from an XBAP Sample
This sample illustrates how a XAML browser application (XBAP) that is running in partial trust can safely upload files from a client machine.
This sample demonstrates a specific feature of the Windows Presentation Foundation and, consequently, does not follow application development best practices. For comprehensive coverage of Windows Presentation Foundation (WPF) and Microsoft .NET Framework application development best practices, refer to the following as appropriate:
Accessibility - Accessibility Best Practices
Localization - WPF Globalization and Localization Overview
Performance - Optimizing WPF Application Performance
Security - Windows Presentation Foundation Security
Install the Windows Software Development Kit (SDK) and open its build environment command window. On the Start menu, point to All Programs, Microsoft Windows SDK, and then click CMD Shell.
Download the sample, usually from the software development kit (SDK) documentation, to your hard disk drive.
To build the sample from the build environment command window, go to the source directory of the sample. At the command prompt, type MSBUILD.
To build the sample in Microsoft Visual Studio, load the sample solution or project file and then press CTRL+SHIFT+B.
A XBAP that is running in partial trust does not have permission to either open or save files on the client machine. However, it is possible to safely open read-only files chosen by the user: OpenFileDialog exposes only the name of the (i.e. no path information) using SafeFileName, and only returns a read-only stream from the OpenFile method with read-only access.