Launch Silverlight Out-of-Browser from browser post-installation

views:

464

answers:

+9 Q:

Launch Silverlight Out-of-Browser from browser post-installation

Hello all,

I am building a prototype application in Silverlight 4 Beta and I am using the Out-of-Browser (OOB) functionality. I need the OOB functionality to be able to access the local file system, and I would like to avoid writing an ActiveX component or Java applet.

I have a requirement to be able to launch the OOB experience from the browser once it has been installed on the client machine. All I seem to be able to do is detect from the browser whether the application has been installed, and then ask the user to start it from the desktop or start menu (as a normal application).

This however 'breaks' the experience required by the customer, which should be directed from the browser. Has anyone been able to launch the OOB application directly from the browser?

Thank you,

Martijn

+3 A:

This should not be possible.

Just because a user has agreed to install an application as an OOB this should not confer rights to the source site that it can then invoke the OOB experience without the user explictly deciding to do so.

So the closest your going to get is what you already have. Politely remind the user that they have the app already installed as an OOB. If possible allow some functionality from the browser and in your "already installed message" explain that the best experience may be had by using the installed version instead.

AnthonyWJones 2010-02-24 14:46:37

Much appreciated AnthonyWJones (+1). However, would a button click on the web site launching the previously installed OOB not count as a user 'explicitly deciding to do so' ? (just thinking out loud)

martijn_himself 2010-02-24 15:06:32

@martijn_himself: No. What if my OOB was called "Global Thermonuclear War" but the button in the browser says "See Joke of the Day" ??

AnthonyWJones 2010-02-24 16:24:48

@AnthonyWJones: Hmmm, I am still not sure that is a valid point. The user has previously agreed to install and trust the OOB. I can achieve the same thing with an ActiveX component or trusted Java Applet (i.e. break the sandbox). Whether that is a good idea in the first place is a different discussion :).

martijn_himself 2010-02-24 16:53:38

@AnthonyWJones: Can't edit my previous comment. I'm confused :). Any more thoughts/ clarifications greatly appreciated.

martijn_himself 2010-02-24 17:06:39

@martijn_himself: It may be technologically possible for an in-browser instance of an SL app that knows it has an OOB version of itself installed on the client machine to launch said OOB version. However Microsoft would have to take stringent measures in order that a) another Silverlight app can't do this for the OOB app and b) the in-browser version isn't being hoodwinked into firing up something malicious. This would have to be exhaustively tested and would still represent an increase in the attack surface. That then needs to be balanced with the value of feature it would deliver.

AnthonyWJones 2010-02-24 19:07:57

@AnthonyWJones Thank you for clarification, answer accepted.

martijn_himself 2010-02-25 09:33:42

ansaurus

tags:

views:

answers:

Launch Silverlight Out-of-Browser from browser post-installation

related questions