Thursday, December 11, 2008

Silverlight – Under the covers

About 6 months ago, I “blogged” about the book that I had chosen as my summer reading - Essential WPF. Due to some personal problems, however, I was unable to complete my task before the summer end. But “I'm catching up” and I'm half the way with eating Chris Andersons’ words. I must say that the book hasn't convinced me yet, but I'll leave that thought on hold until I'm finished reading it. Nevertheless, every technical book has that little bag of knowledge that can surprise you.

Essential WPF actually answered my biggest question around Silverlight: How on earth does it work? What runs where? Under what security permissions?

Well, WPF hosts applications by implementing an ActiveX DocObject (OLE DocObject). This means that every application that supports hosting DocObjects can actually host WPF applications. To know how to interpret the XBAP extension, when the .NET Framework is installed, a mime handler is registered for the XBAP extension, which loads up WPF. "The real deal" comes next. WPF runs all browser-hosted applications out of process, using a host application called PresentationHost. This isn't what I expected and actually takes me to the answer to one of the questions made above: If it's running "out of the browsers' scope", under what security permissions is it running? The answer is simple: Quoting Chris Anderson, "on Windows XP, PresentationHost.exe is launched with modified NT permissions. The admin token of whatever permission “iexplore.exe” is running is used to set the security permissions. On Windows Vista, the Limited User Access feature provides this same type of security model.”

This is quite intriguing and has brought a few more questions to my head, especially concerning on what’s going on “under the covers”. But let me solve them by myself first and I will post back later.

The Silverlight world is new to me, I wonder if it will amaze me as much as the WF did for the last year.