|Internet media type|
|Type of format|
XAML Browser Applications (XBAP, pronounced "ex-bap") are
XBAP applications have certain restrictions on what
Starting in February 2009, XBAP applications no longer function when run from the Internet. Attempting to run the XBAP will cause the browser to present a generic error message. An option exists in Internet Explorer 9 that can be used to allow the applications to run, but this must be done with care as it increases the potential attack surface - and there have been security vulnerabilities in XBAP.
- 2D drawing
- Access to OS drag-and-drop
- Bitmap effects (these are deprecated in .NET 3.5 SP1)
- Direct database communication (unless the application is fully trusted)
- Interoperability with Windows controls or ActiveX controls
- Most standard dialogs
- Shader effects
- Stand-alone Windows
- Extensible Application Markup Language (XAML)
- Google Native Client (NaCl)
- HTML Application (HTA)
- Microsoft Silverlight
- Windows UI Library (WinUI or WinRT XAML)
- XAP (file format)
- Java Web Start
- "What is XBAP?". XBap.org. p. Home page. Retrieved 2011-02-16.
XBAP (XAML Browser Application) is a new Windows technology used for creating Rich Internet Applications with a file extension .xbap to be run inside the Internet Explorer. They are run within a security sandbox to prevent untrusted applications from controlling local system resources.
"WPF Partial Trust Security". MSDN. Retrieved 2011-02-16.
For XBAP applications, code that exceeds the default permission set will have different behavior depending on the security zone. In some cases, the user will receive a warning when they attempt to install it. The user can choose to continue or cancel the installation. The following table describes the behavior of the application for each security zone and what you have to do for the application to receive full trust.
- "IE9 RC Minor Changes List". 11 February 2011.
- "IE9 – XBAPs Disabled in the Internet Zone". 9 March 2011.
- "XBAP - This application type has been disabled". Stack Overflow.
- BetaFred (March 2023). "Microsoft Security Bulletin MS13-004 - Important". technet.microsoft.com.