Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

Security Considerations: Text Services Framework

Best Practices for Developing with TSF

  • Digital Signatures: Text service providers should provide digital signatures with their binary executables. A registered text service has access to system threads and could expose information that would otherwise not be accessible. To help ensure stable and secure operation, the user should verify the digital signature of a text service before the text service is allowed to load. See Introduction to Code Signing for the proper procedure to create a digital signature.
  • Error Checking: Each method or function call should be checked for success. In the event of failure, the remaining method or function calls should be skipped. Most of the code examples in this documentation have limited error checking, or none at all, to avoid obscuring the point to be illustrated. You should not paste examples from the documentation directly into production code; rather, you should enhance the examples by adding your own error checking.

  • LoadLibrary Calls: To obtain a pointer to any of the TSF functions, you will need to use LoadLibrary and GetProcAddress. However, it is important to follow procedures for formatting the DLL path name, as given in LoadLibrary documentation.

Related topics

Security Best Practices
Introduction to Code Signing
TSF functions



Community Additions

© 2015 Microsoft