Using REGFORM.EXE to Fully Trust an InfoPath Form
Maybe it’s a late-night glitch at MSDN but I cannot find anything on the InfoPath SDK. I feel like I am incorrectly blaming myself for this oversight. In the meantime, I am resorting to Google’s cache to pull up “Understanding Fully Trusted Forms” that cannot be found at MSDN:
“For a form to be used, InfoPath must be able to access the form template that the form is based on. When you create a form template, InfoPath creates an entry in the form definition (.XSF) file that contains the URL of the location of the form template. A URL-based form is said to be sandboxed: When a user fills it out, the form is placed in a local cache and denied access to system resources. This type of form inherits its permissions from the domain in which it is opened…However, you can modify a form so that it is based on a Uniform Resource Name (URN) instead, allowing access to system resources. Forms of this type are said to be fully trusted.”
This article goes on to explain how to use REGFORM.EXE to mark a form fully trusted in the context of formalized maintenance and deployment. Since I am just trying to open one form on one machine for informal use without annoying ADO security warnings this is my simplified version:
- Locate REGFORM.EXE. I found my copy under %ProgramFiles%\Microsoft Office 2003 Developer Resources\Microsoft Office InfoPath 2003 SDK\Tools\regform.exe.
- Run REGFORM.EXE MyForm.xsn to generate a Jscript file that will perform the full trust operation (and make a backup file of the original .XSN file).
- Run the Jscript file using CSCRIPT.For a brutally honest overview of the InfoPath security “model,” see “InfoPath SP1 Security” on David Fries’ Blog. I will continue to look for InfoPath SDK documentation on MSDN. I still think it’s my fault. I can’t imagine professional developers pulling documentation without explanation and not even announcing it on at least one Blog.