views:

164

answers:

2

Does the WebBrowser control have any securtiy features included in it? I mean, if i use the WebBrowser control in an application then would using this browser be any more vulnerable than any normal browser, say IE, to securtiy attacks. Does the WebBrowser control share or use security features of IE?

A: 

The WebBrowser control basically is IE. Looking at it from the other direction, IE is basically just a container for a WebBrowser control -- but most settings apply to the underlying WebBrowser control, not to the wrapper. As such, if you instantiate a WebBrowser control, it'll (mostly) act however the user has configured IE.

If you want, you can search for "MFCIE" on the MS web site -- this is a C++ using MFC that also wraps the WebBrowser control, and although it's rather dated, it still gives a pretty fair idea of how little is in the wrapper, and how much of IE is in the WebBrowser control.

Jerry Coffin
+1  A: 

From the official documentation:

"The WebBrowser control is designed to work in full trust only. The HTML content displayed in the control can come from external Web servers and may contain unmanaged code in the form of scripts or Web controls. If you use the WebBrowser control in this situation, the control is no less secure than Internet Explorer would be, but the managed WebBrowser control does not prevent such unmanaged code from running."

Anders Fjeldstad