-
InfoPath 2003 must protect against security risks.
-
Using information across domains poses security risks.
-
InfoPath has two basic types of form template ”sandboxed form templates (URL-based forms) and fully trusted form templates (URN-based forms).
-
The InfoPath client makes use of the Internet Explorer approach to security. In particular, InfoPath uses Internet Explorer security zones.
-
The InfoPath object model has three levels of security ”level 0, level 2, and, for fully trusted forms, level 3.
-
Fully trusted InfoPath form templates require explicit installation on a user 's computer because of the potential damage malicious code in a form template can cause.
-
If you have Microsoft Visual Studio installed, you can use the RegForm.exe utility to create an .msi installer for a fully trusted form.
-
An alternative technique is to create a JScript installer (which isn't dependent on the presence of Visual Studio) using RegForm.exe .
-
InfoPath allows the digital signing of InfoPath forms.