TAGS :Viewed: 2 - Published at: a few seconds ago

[ Would a Silverlight full trust in-browser application on the Internet work? ]

I am developing a Silverlight application which needs to run with elevated trust, because of what it does and how it works.

I have duly obtained a Certificate from COMODO and signed the application with this certificate. Next, in Visual Web Developer, I have configured the Silverlight application to run 'out-of-browser', and all works well i.e. the application is 'trusted' and does what it is supposed to do when I test.

However ... I would dearly like to embed this application in one of my website's pages i.e. I would like it to run as an elevated trust 'in-browser' application, e.g. when the 'RUN' button on a certain page is clicked.

For this to happen, (according to MSDN et. al.) I have to modify the registry entries of my 'target' machine which means I have to update a couple of HKEY_LOCAL_MACHINE entries, which I can do, but my question is this :-

If my ‘target’ machine is the same one on which I host my website, then what will happen Someone on the Internet browsing my website clicks the 'RUN' button? Will my ‘in browser’ application fail for them (as not ‘trusted’), or will the Silverlight runtime use the HKEY_LOCAL_MACHINE entries from target machine (i.e. my host) and confer that ‘in browser’ elevated trust to that Someone browsing my page?

I can see how this can work on an Intranet, but I cannot find anywhere that describes what would happen on the Internet.

Thank you in advance for any advice or help


Answer 1

Answered my own question here after searching on the net:

'One thing to understand first is that this feature obviously is not meant for random internet applications. It requires signed XAPs, locally installed certificates and a certain registry key to be set, which e.g. can be managed through Group Policy. This makes it pretty difficult to use for applications outside a closed environment like an enterprise.'

So it seems my question should have been 'What's the difference (apart from the obvious) between running an 'out-of-browser' full-trust Silverlight 5 application and an 'in-browser' full-trust Silverlight 5 application? I can link the 'out-of-browser' full-trust app into my web page can't I, so why not use the 'in-browser' full-trust app directly from my webpage? Or am I missing something??