Store Data Safely
Brian Noyes

Visual Studio Magazine

The download package for this article includes both VB and C# sample code for several sample applications.

SimpleIsoStorage contains a very simple console application that reads and writes from isolated storage. 
You should be able to compile and run this one, then go look under 
C:\Documents and Settings\username\Local Settings\Application Data\Isolated Storage 
to see the folder structure that is created to house the isolated store. It writes some date out to the store, 
then reads it back in and displays it in the console window. Since the console window goes away as soon as it 
exits when running in debug mode, you'll want to select Start without Debugging from the Debug menu to be sure 
you see the output before the window goes away.

SharedIsoAssembly + DerivedFormApps
This application consists of a shared assembly class library and two Windows form apps. 
If you open the SharedIsoAssembly solution, it contains the other two apps in the solution. 
You can compile and run the two DerivedFormApps from Explorer so that you can get both going at once. 
The SharedIsoAssembly project contains two classes, IsoAssemblyIO and IsoDomainIO that read and write 
from Isolated Storage, isolated by user and by the additional separation that their name indicates. It 
also contains the BaseIsoDemoForm that the two DerivedFormApps derived from. This just saves on some 
repetitive code in the two application that call methods on the to Isolated Storage classes. The project 
also sets the AssemblyKeyFileAttribute to demoKey.snk in AssemblyInfo.vb (or .cs). This makes the assembly 
get signed with a strong name so that the runtime can recognize the two copies made by VS.NET in the 
DerivedFormApp bin folders as the same assembly.

To see the impacts of selecting assembly or domain separation, run one instance of DerivedFormApp1 
and one of DerivedFormApp2 and select the different isolation levels. Type something in the Type Text 
To Save box and press the save button. This will write the line out to a text file in isolated storage, 
isolated by user and either assembly or domain, depending on which radio button you selected. You can then 
press the Read button to read the text back in from the file. If you try to read in from another form instance 
that is trying to read from a different isolated store that has not been created yet, you will get an exception 
because no error checking has been included for this. If you have assembly selected in both forms, you should 
see that they can read in what was saved from the other form, because they are using the same shared assembly 
to do the writing. But if you select domain, you will see that they maintain their own store.

DownloadableFormApp
This sample is just a simple WinForms app that has two buttons. One tries to do normal file I/O, writing out a 
text file to the root C:\ drive. The other uses IsolatedStorage to do its writing. If you run the app as a normal 
application, through the IDE or from Explorer, both operations will succeed. In the code folder is a SimpleWebApp 
folder. If you set this folder up as a virtual directory in IIS named SimpleWebApp, you can then open a browser 
and navigate to http://localhost/SimpleWebApp. If you click on the link on the page, it will download a compiled 
version of the DownloadableFormApp and run it within a partially trusted code sandbox managed by the .NET runtime. 
If you try to do the normal file I/O, you will get a security exception. But the Isolated Storage I/O succeeds 
since the runtime sees it as safe.

If you have any questions or problems with the samples, please contact me at brian@softinsight.com.

 

 

