sandboxing silverlight 1.0.. (aka the internal script model)


Say you are a hoster ( fake example: myspace)  of some website where users create pages..  
You will hopefully want to give them the ability to ‘host silverlight’ but want to restrict what they can script ( so they don’t turn off your ads or messup the navigation) ..    How to ??


In comes the ‘internal script model’ in silverlight …  Here is the ‘gist’ of how it works:



  1. You can add an <x:Code > tags to your XAML to bring in Javascript for the interactivity within silverlight..
    <Canvas  xmlns=”http://schemas.microsoft.com/client/2007″ xmlns:x=”http://schemas.microsoft.com/winfx/2006/xaml
    Width=”390″ Height=”340″ Loaded=”onRootLoaded”>
        <x:Code Source=”silverlight.js” Type=”application/x-jscript” />
        <x:Code Source=”default.html.js” Type=”application/x-jscript” />
        <x:Code Source=”scene.xaml.js” Type=”application/x-jscript” /> .
        …
    </Canvas>


Note:



  • you can have as many x:Code tags as you need, the x:Code tags must be children in the root Canvas.. the “type” and Source attributes are required..
  • x:Code can not be used from createFromXaml  ..


  1. When you add these x:Code tags, you are automatically running in ‘internal script mode’ ..  Your Javascript can NOT access any thing outside of the other JS files included in the xaml file .. 


    • It can not access the browser DOM  ( no access to window, document or any thing like that)..  A couple of FAQs here:


      • No access to window.setTimeout or similar callbacks, the workaround is to use Silverlights animation model to get timers…
      • No access to XmlHttp or similar objects to make WS calls..  the workaround is to use the Downloader object.. ideally calling some GETs of JSON stuff so you avoid parsing manually …

 



  1. Likely, the next question is how to instantiate the silverlight plug-in..  using the recommended createSilverlight javascript is likely out since we said no external script, so you can use an object tag …

    <object id=”ag” type=”application/ag-plugin” height=”340″ width=”390″ >
    <param name=”Source” value=”sceneInternal.xaml”/>
    <param name=”MaxFrameRate” value=”30″ />
    <param name=”OnError” value=”default_error_handler” />
    </object>


     


Live sample is here.. There is an “internal script version” and a non-sandboxed version…    The difference shows when you left click on the MediaElement itself.. (one alerts, the other one throws error caught in try catch) ..

Download the source here...



Disclaimers:



  1. the sample is not a full blown player, just wanted to wire enough to show you the gist..   The play/pause button does work of course…
  2. the ugly logos are to illustrate the likely “Brought to you by ..” ad-scenario that I think would go well with this embeddable player model..
  3. This feature is still under development.. I would expect small changes to come between now and RTM..  my wish is that  it would be opening up a small communication channel back to the DOM.. even if one-directional… [though not sure if everyone else desires that]  
  4. I put together the sample in 20 mins.. only tested in Windows Vista.. IE and Firefox.. if you find issues let me know..

Comments (1)

  1. slyi says:

    Great example.

    Is there any way to place the JS inside the x:code via cdata block?

    Why does inline xaml only allow you to reference xaml in <script> tags, why not <xml> tags?