Tuesday, April 21, 2009

SharePoint SafeControl Listing

Lately I was having this pretty good discussion with my friends and colleagues on the SafeControl list in Sharepoint.

Well, you already might have a clear opinion on it, but this is for those who are beginners who want to have strong fundamentals.

Genre: Fundamentals

Scenario / Question: Do we need to safecontrol list every binary we create? For instance, We have third party binaries (Grid Controls) in GAC (Full trust)... but not in safecontrol list and they are referenced and used in webparts with out any issues.

Short Answer : No. Read below.

SafeControl entry in web config only controls the behaviour of WSS Safe Page Parser by allowing a given class deriving from Web.UI.WebPart to be instantiated as a WebPart on the page. this is the only use. if the Type is not a web part (or any number of derivatives like ASCX control templates), there is no use listing it as a safe control.

GAC (and associated full trust) on the other hand controls CAS permissions of any .NET code (not just ASP.NET controls and WPs) and does not intersect with the Safe Page Parser.

No comments: