I have created a project in Visual Studio 2012 C# . I have added a file .xml
and this file contains information that the console reads when it is executed.
I need to publish it so I can run it and give it to the people who asked me to do this.
It is that the file .exe
can be found in the debug directory, but this does not work for me because when I run it on another computer it says that it is missing files related to the console (the file xml
)
When I've published the console, it gives me some files in the release directory, but it doesn't include it xml
and I don't have to include it for it to be visible as it contains private information.
How could I do this?
XML file syntax:
<root>
<url></url>
</root>
In the code I am using XmlDocument
with this I load my xml file calling it by tag, that is GetElementsByTagName
, and thus I reference the tag that I want to call inside a loop for
.
Assuming your IDE is Visual Studio, then you can embed the file
xml
in it.exe
as a resource.In the properties of the project you want to add it to, go to the //add the page
Recursos
(Agregar recurso
thisarchivo existente.
differs from the language the IDE is configured in)Once the resource is loaded you will be able to view it in the Properties folder.
One of the ways to load the file by code is this:
Where
MiArchivoCargado
is the file that you uploaded earlier!For the XML to appear in the folder add the XML file to the project, once added you right click, properties.
There you find the Build Action option and set it with Copy if newer .
However, you say that you don't want to do it either because of private data, the point is that if the application must access that data then it will never be private and an advanced user will be able to access it no matter what.
As alternatives, and it won't shield you 100%, they would just make the data a little less accessible:
In any case, you could encrypt the contents and have the application decrypt them, in which case you would have to have a certificate embedded in the
exe
.The option to leave the XML embedded should make you think about it.
Another more sophisticated alternative is that the application does not read any file but asks for these parameters from a Web Service, whether or not it is encrypted depends on you.
As an extra fact, the parametric configuration data of an application is rarely shielded from access by the user, in your place I would keep the XML and the private information would encrypt it, being decryptable only by the app through an embedded certificate that in the same way it would be accessible by a power user.
As they told you, you can embed the file (within the same assembly) but you will not be able to modify it easily (unless it is by code) You could also have a "default" file that always goes in the compilation and your app always tries to read it from the location of the calling assembly (.exe)
LESSON 1: Save a configuration variable with the path of the file
For projects that have xml files, and other types of resources we use AppSettings of ConfigurationManager So, you can go to the properties of your console project and in Configuration(Settings) add the configuration item for example "PathFile", something like this: To then be able to use it:
The good thing about having it separated (and locating it in a path) is that it is easy to change/update it, you can use it in several applications
TOPIC2: To protect...
You will have no choice but to encrypt (just as you propose), if you want it for that it is good to use Windows Data Protection API (DPAPI) because it uses a unique key per machine, so you do not have to share the key. But keep in mind that since it is unique per machine, when you take the same XML to another encrypted machine it will not work. But also for this the first time you must "encrypt" the file on the machine where it will be used (here it is common to have an Application that only does this, once, or the same console... that has commands to encrypt a file) I leave it to you to investigate ProtectedData Provides the methods to encrypt and decrypt the data.
The good thing is that you don't need to share keys (but the bad thing is this too since it's unique per machine/server) you can't decrypt on another machine (BUT I think you can use another mechanism with DPAPI to do it Also, you have to see "the first time", that is, when you install the app with the file (uncompressed) you can do something that we did once in a project (have a .xml file and if it is not encrypted, it encrypts the file the first time. dat or something like that, and then it uses that file) we did all this with configuration
Links that can help or guide you