Security Tips
In this article, you will find helpful security tips and resources to strengthen the protection of your WinUI app that uses Telerik UI for WinUI controls.
Secure Hyperlink Clicks
In WinUI hyperlink navigation actions can start a new process on the user machine. This can execute a malicious command untrusted by the user. Most of the time this can be controlled in the application's logic, where such addresses can be validated, thus mitigating the security risk.
In cases when the hyperlink is loaded dynamically from an unknown source, like from a document loaded in Telerik PdfViewer, the link may be insecure. For such scenarios the hyperlink component in the PdfViewer comes with a built-in URI validation logic. If the hyperlink doesn't point to a valid address, the navigation won't work and a message box will be displayed.
Additional to that, the Telerik PdfViewer exposes a HyperlinkClicked event that can be handled in order to further modify the click action, thus improving the security even more. Read more about the event in the Link Annotations article.
Additional Resources
- Security FAQ: For more answers to common security-related questions, visit the Security FAQ article.
- Upgrade Recommendations: Regularly updating to the latest version of Telerik UI for WinUI is one of the best ways to ensure security. You can find the information on the installation approaches in the corresponding section in the documentation.