Saurabh Pant's Weblog

At PDC 2009 we (RIA Services Team) announced the re-branding of Microsoft .NET RIA Services to Windows Communication Foundation (WCF) RIA Services.  We backed this branding change with a new Preview release, that has RIA Services built heavily on the WCF stack.

In this post I plan to talk briefly about the motivation behind aligning RIA Services with WCF and then dig deep into how exactly RIA Services consumes WCF.

RIA Services on WCF: Best of both worlds

Ever since we announced RIA Services at MIX '09, we have heard strong customers feedback that they would like a consolidated services story from Microsoft. Acting on that feedback, over the last few months RIA Services has spent a significant amount of effort aligning closely with WCF. The Data Services team at their end has been working on a similar alignment with WCF as well.

By centering all our service offerings around WCF we are maximizing developer knowledge transfer and skill reuse, both in the short and the long term.

For more details on the alignment and the motivation behind it please also check out this post by the WCF team.

I strongly believe that with WCF RIA Services our users get the best of both worlds -

• They get all the simplicity and productivity of the RIA Services Prescriptive Programming Model and Tooling
• And if need be, they can dig deep into our services infrastructure and harness all the power and flexibility that WCF has to offer  

Understanding RIA Services use of WCF

To help users better understand how RIA Services uses WCF, in the following section I walkthrough what happens under the covers when a user creates a simple DomainService and then communicated with it.

1. ‘Add new DomainService Class’

Lets assume an application developer opens up the ‘Add new Domain Service Class’ item template and adds a new Domain Service.

The item template, besides producing a skeletal Domain Service Class, adds the right assembly references and registers an Http modules in the Web.Config. By default it registers an httpModule for Cassini (for Visual Studio F5 experience) and one for IIS, as shown below.

<?xml version="1.0"?>

<configuration>

  <system.web>

    <httpModules>

      <add name="DomainServiceModule" 

type="System.Web.Ria.Services.DomainServiceHttpModule, 

System.Web.Ria" />

    </httpModules>

    <compilation debug="true" targetFramework="4.0" /> 

  </system.web>

  <system.webServer>

    <validation validateIntegratedModeConfiguration="false"/>

    <modules runAllManagedModulesForAllRequests="true">

      <add name="DomainServiceModule" preCondition="managedHandler"

type="System.Web.Ria.Services.DomainServiceHttpModule, 

System.Web.Ria" />

    </modules>

    <validation validateIntegratedModeConfiguration="false" />

  </system.webServer>

2. Domain Service Code

The developer then goes ahead and adds Business logic to his DomainService.The methods exposed via the DomainService can be broken into two broad categories –

CRUD operations – Query, Update, Named Update and Delete operations. These operations follow the RIA Services prescriptive guideline and rely on the RIA Services framework. This is added functionality that RIA Services introduces on top of WCF and is not available to Core WCF Services.

Service Operation/ Invoke Operations - These are [Invoke] operation in the RIA Services terminology and Service Operations in WCF terminology. These methods are independent of the RIA Services concept of ChangeSet (ChangeSet applies only to the CRUD operations above) and are ‘Online/Direct’ methods that communicate with the Server immediately when invoked.

Below is the code for the OrganizationService DomainService we use in our canonical RIA Services walkthrough.

namespace HRApp.Web

{

    [EnableClientAccess()]

    public class OrganizationService : 

        LinqToEntitiesDomainService<AdventureWorks_DataEntities>

    {

        #region CRUD    

        public IQueryable<Employee> GetEmployee(){…}        

        public void InsertEmployee(Employee employee) {…}        

        public void UpdateEmployee(Employee currentEmployee) {…}        

        public void DeleteEmployee(Employee employee) {…}

        public IQueryable<Employee> GetSalariedEmployee(){…}

        [RequiresAuthentication()]

        public void ApproveSabbatical(Employee current) {…}   

        #endregion

       #region ServiceOperations

        public string Echo(string msg) {…}

        public DateTime GetServerDateTime(){…}

       #endregion

    }

}

3. WCF Channel on Client

The RIA Services Framework on the Client contains a WebDomainClient:DomainClient whose purpose is to help the SL client communicate with a WCF service represention of the Domain Service. The WebomainClient uses a WCF Client Chanel for this cummunication.

The Channel is created by using WCF’s ChannelFactory and by passing to it a WCF Service Contract that was generated from the Domain Service (more on the contract creation later). The ChanelFactory creates a WCF client proxy based on the supplied contract. The generated proxy takes care of communication/(de)serialization between Client and Server.

The RIA Services DomainContext utilizes the WebDomainClient for Client-Server communication and the context itself is WCF agnostic.

4. Dynamic .SVC generation

By default DomainServices do not have a physical .SVC file generated for them at Design Time.

However each DomainService has a virtual .SVC associated with it. The .SVC represents the WCF Service that services requests for that particular DomainService. For a given DomainService the path to its .SVC can be determined using the following convention:

[SilverlightApplicationBaseURI] + [DomainServiceFullName].svc (With all “.” replaced by “-“)

So HRApp.Web.OrganizationService is exposed as – http://[ApplicationBaseURI]/HRApp-Web-OrganizationService.svc

At RunTime when the first request (within a particular Application Domain) is made for a DomainService's .SVC file , the registered httpModules intercept the call and RIA Services writes out an in memory .SVC file on the fly.

Below is what the dynamically generated svc file looks like for the OrganizationService defined above -

<%@ ServiceHost Service=”HRApp.Web.OrganizationService” 

Factory=”System.Web.Ria.DomainServiceHostFactory”

%>

The .SVC refers to the DomainService Type and a ServiceHostFactory. The default RIA Services  HostFactory instantiates the default RIA Services ServiceHost, which in turn is responsible for extracting the WCF Service Contract from the DomainService (See the ‘Generating a WCF Contract’ paragraph below for more details) and also for hosting the service.

A request for the DomainService .SVC in any folder under the Web Application root is redirected to [WebAppRoot]/Services/[DomainService].svc using ASP.net URL rewriting. The service is thus accessible under any folder in the WebApp. Hence even if a .XAP is moved around under the hosting Web App Root, the Silverlight App's relative reference to the DomainService is not broken. 

NOTE - If a physical .svc file with the right file name (as per convention) is present in the ~/Services folder, that is used to define the Service Contract and no virtual .SVC file is generated.

5. Generating the WCF Contract:

Each WCF service needs to have a ServiceDescription and one or more ContractDescriptions for it.

ServiceHosts are responsible for extracting descriptions from a service and hosting the service. The standard ServiceHost in WCF produces descriptions based on WCF attributes such as [ServiceContract] and [OperationContract]. In RIA Services we provide a custom ServiceHost which does this based on a RIA Service Attributes and Conventions.

Here is how DomainService operations are mapped to the WCF Contract:

Query operations –

Each Query operation shows up as a ServiceOperation in the WCF Contract, but with its signature modified.

The ServiceHost creates an operation description for each query operation. The return type is changed to QueryResult<T> such that it can return additional information such as count. It also adds a QueryOperationBehavior which through a custom operation Invoker takes care of applying cache policies, validating parameters and composing queries.

Insert, Update, Delete operations –

For all CUD operations the ServiceHost generates one top-level SubmitChanges operation description. Again, it adds a custom behavior which injects a custom operation invoker. The signature of SubmitChanges is ChangeSet SubmitChanges(ChangeSet changeSet). The returned ChangeSet contains auto-generated values from the server.

Invoke Operations –

Invoke Operations are the RIA Services equivalent of WCF ServiceOperations. All Invoke Operations show up in the WCF Contract as Service Operations.

For the OrganizationService Domain Service we had defined earlier, below is what the WCF Contract looks like to the “Add Service Reference” dialog -

Attached to this post is also the full generated WCF Contract for the OrganizationService (the file was produced by doing an Add Service Reference to the Domain Service's WCF endpoint)

6. Default Endpoints:

The RIA Services ServiceHost creates the following endpoints by default - 

a) For Silverlight Client: SOAP w/binary endpoint. Address = “binary”, Binding = CustomBinding consisting of HttpTransportBindingElement and BinaryMessageEncodingBindingElement.

b) For AJAX Client: JSON REST endpoint. Address = “”, Binding = WebHttpBinding w/JSON as the format.

c) For other clients : SOAP w/XML endpoint. Address = “soap”, Binding = BasicHttpBinding consisting of HttpTransportBindingElement and TextMessageEncodingBindingElement.

The blog post here describes how one can consume the SOAP XML endpoint in a WindowsForms application. Here is a Sample of the same endpoint being consumed in a WPF application.

Summary

Above we discussed in some detail how RIA Services uses WCF under the covers. Hopefully this helps folks better understand the RIA Services alignment with WCF.

In a future post I  plan to discuss how WCF extensibility (e.g. custom behaviors) can be applied to Domain Services. In the meanwhile here is a Sample that demos this.

Over the last year I have been working on .NET RIA Services, a preview of which just went public at MIX.

Brad Abrams does a great job on his blog of answering the obvious question you might have - What is .NET RIA Services?. Also be sure to check out his session at MIX on the same topic.

Nikhil Kothari presented a great session on .NET RIA Services at MIX as well.

A good resource for getting started with RIA Services is this wakthrough that guides you through building your first Silverlight RIA Services Application. Once you are ready to dig deeper into individual feature areas, this doc should help with that. If like me you learn by stepping through working code, you will find the sample applications here helpful.

As with any preview release feedback is welcome and greatly appreciated.

I wrote the blog post below about 6 months back and just realised that I never actually got around to posting it. I the spirit of 'better late than never' here it is ... 

 .NET Framework 3.5 - Client Application Services

In .NET Framework 3.5, ASP.NET provides built in Web Application Services that provide access to features such as forms authentication, roles, and profile properties. These services provide building blocks to enable super-common scenarios and as a result can provide significant productivity wins and time-savings for developers.

The Client Application Services feature enables the Client developers to seamlessly leverage these Web Application Services from within their Client Applications. The feature also supports Occasionally Connect scenarios, enabling connected client applications to continue working even on loss of connectivity.

Consider the following scenario facilitated by this feature …

An enterprise leverages .NET 3.5 and exposes Authentication, Roles and Profile Application Services from their existing web servers. The enterprise has a mixture of Ajax, Silverlight and Rich Client applications, all of which are used by a typical employee on daily basis. The employee can now use one set of credentials to logon to all these applications and any preferences/settings modified at one location are reflects for all applications.  When the employee is away from the corporate network, say on a flight, she can still continues to use her Client Application by logging on in the offline mode using the same credentials. Also, say an employee gets promoted to be a manager, all the enterprise needs to do is add her to the manager role on the server and now managerial data is available to her across all her web and client applications.

The heavy lifting involved in enabling the scenario above today lies in the underlying plumbing code; With Client Application Services in .NET 3.5 this plumbing is now taken care of by the framework itself, significantly boosting developer productivity.

Let’s walk through a scenario and see how easy it is to now add Web Settings support to your application - 

Part 1: Create the web site –

1. In Orcas Beta2, Create a new ASP.NET Web Application

2. Set the authentication mode to Windows Authentication

<authentication mode="windows"/>

3. Fill in the profile section of the web.config. 

<profile enabled="true">

<properties>

<add name="Text" type="string" readOnly="false" defaultValue="DefaultText" serializeAs="String" allowAnonymous="false"/>

<add name="Color" type="string" readOnly="false" defaultValue="white" serializeAs="String" allowAnonymous="false" />

</properties>

</profile>

4. Enable this property to be accessed via web services by adding this section to Web Config

<system.web.extensions>

<scripting>

                                <webServices>

<profileService enabled="true" readAccessProperties="Text, Color" writeAccessProperties="Text, Color"/>

Part 2: Create the Client Application –

1. Right click on the solution and add a new project (works the same for WPF or WinForms)

2. Right click on the new client project and select properties

3. In the Services tab, enable application services, select windows auth and fill in the services url for the Web Settings Service. For now it is the development server URL, in production this would be your ASP.NET web site.

4. In the settings tab, click on “Load Web Settings” ... this will pull down all the metadata for the profile properties defined on the server for the Windows User you are currently working as. ( If you were using Forms Authentication in your Application you would be prompted by the designer to enter you Forms Credentials before being able to download the settings meta data)

We are now ready to go!  We can have strongly typed, async read-write access to your Web settings.  These settings will stay in sync no matter where you change them (WinForms/WPF/Asp.Net/AJAX/Silverlight Application), they are reflected everywhere!

Examples:

Windows Forms code –

private void Form1_Load(object sender, EventArgs e)

        {

            BackColor = Color.FromName(Properties.Settings.Default.Color);

        }

        private void button1_Click(object sender, EventArgs e)

        {

            Properties.Settings.Default.Color = this.textBox1.Text;  

            BackColor = Color.FromName(Properties.Settings.Default.Color);

            Properties.Settings.Default.Save();

        }

ASP.NET Server side code –

function loadColor()

                {                             

                                Sys.Services.ProfileService.load(["Color"], loadCompleteCallback, loadSaveFailed, "");                                  

                }

                function btnSaveColor()

                {

                                Sys.Services.ProfileService.properties["Color"] = document.form1.theColor.value;

                                Sys.Services.ProfileService.save(null, saveCompleteCallback, loadSaveFailed, "");

                }

Source Code:

The attached sample code contains the above Client scenario enabled with additional Forms Authentication (Login/Logout), Roles and Offline support.

It also contains a Web Site with using the same Authentication and Profile service.

Additional Resources:

Web Application Services Overview …

http://msdn2.microsoft.com/en-us/library/bb547119(VS.90).aspx#Examples

Client Application Services Overview …

http://msdn2.microsoft.com/en-us/library/bb384339(VS.90).aspx

Client Application Services end to end walkthrough …

http://blogs.msdn.com/winformsue/archive/2007/05/20/client-application-services-in-windows-forms-end-to-end-walkthrough-available.aspx

Later today, I present @ VS Live the following talk ...

Building Rich Internet Application using Microsoft Silverlight 2.0
In this session, we will build a Video Search Web Site using Silverlight 2.0. The session will demo – how to use Visual Studio to create a Sliverlight applications, how to create UI using XAML markup and code, how to retrieve data from a web service, how to manipulate  data with XML and LINQ, how to persist user settings using local storage, how to interact with browser using HTML DOM, how to use the SL OpenFile dialog etc …

Attached are the Source code/Presentaion/DemoScript for the talk .

Guthrie’s Silverlight Tips, Tricks, Tutorials and Links Page are available here. 

The MIX sessions I referred to are available online here.  

In particular, the talk above was modeled after Joe Stegman and Mike Harsh's MIX 08 session of the same name, the code for which is availabe here.

The UX Skin that I demoed was created by Corrina and she has bloged about it here.

The page demoing the Silverlight 2 Beta 1 controls is available here

Enjoy !!!

I am presenting at the Avanade Tech Summit in Seattle today on "Building a Rich Internet Application using Silverlight 2.0". Slides for the presentaion are attached to this post ...

The App I plan to build on stage is the same one Joe Stegman and Mike Harsh built during their MIX 08 session of the same name, and the code for which is availabe here.

Am presenting the following talk at DevConnections today -

VMS311: Smart Clients: What's New in Visual Studio "Orcas"?
Saurabh Pant
Visual Studio "Orcas" is about making the rapid application development experience even easier. In this overview we will introduce new features that allow Smart Clients to go where they never have before: including Occasionally Connected Systems, SQL Server Compact Edition, Client App Services, N-Tier Data, ClickOnce Deployment enhancements, as well as out-of-the-box ways to future proof your existing applications: including Windows Forms / WPF Integration, and Vista enhancements. Add to that the designer productivity enhancements and see an exciting new wave of smart client development.  

If you were at the session the side deck is attached to this post as promised.

As always feedback/thoughts are welcome. Feel free to contact me through this blog is you would like additional information on any of the technologies discussed. 

[Update] 

My introductory post to Client Application Services is available here http://blogs.msdn.com/saurabh/archive/2008/05/16/net-framework-3-5-client-application-services.aspx 

[Original Post] 

Continuing further along in with our "Live from Redmond" series I shall be presenting the following talk on Nov 27th ...

Have attached the slide deck from the talk. The actual presentation can be viewed online at any time through the registration link below.

Live From Redmond: Client Application Services in Orcas   

27th Nov 2006 [Click here to register] 

An Overview of Windows Forms in Microsoft Visual Studio 2005

For all the folks that logged into my MSDN talk today morning here is the slide deck from the talk. The talk being demo intensive the deck might not be super helpful but it does have the resources slide which will direct you to where you can get the samples I displayed during the talk.

I'll also update this post as soon as we have the talk posted online ...

As part of the Live From Redmond Series of talks I shall be presenting a talk on Aug 23rd -

"An Overview of Windows Forms in Microsoft Visual Studio 2005".

Windows Forms application development takes a giant step forward in Visual Studio 2005. This session provides an overview of the new Windows Forms feature set, as well as explores the RAD development environment. See how ClickOnce deployment technology brings the ease of Web deployment to Windows Forms applications. See demonstrations of how Windows Forms and Visual Studio 2005 make it easy to build professional looking applications. Walk through improvements to the Windows Forms designers, including demonstrations of snap lines and smart tags. This session also give a quick high level demonstration of how easy it is to build Office applications that use Windows Forms components.

For client developers here is a list of all upcoming webcasts (see left pane of the Windows Forms website here for the more detailed list):

[Update]
Have attached the TechEd Slide Deck. The resources section for the deck will alos direct you to the sample code that I demoed during the presentation.

[Original Post]
Am in Boston this week for TechEd ... and just got done with my talk titled "Windows Forms in Visual Studio 2005: An Overview".
I had planned to post the slide deck, demos, resources from the talk posted on my blog but have been having connectivity issues getting to WindowsForms.net server that hosts by blog files. Will have them uploaded by end of week at the latest ...

Also I will be at the Technical Learning Centre - Dev Discussion Area on Wednesday 12:00-3:00 and Friday 9:00-4:00. If you happen to be at TechEd and have WindowsForms/ClickOnce questions feel free to stop by.

Jay Allen of the Windows Forms User Education team has some good coverage of ClickOnce issues on their team blog. Definately worth checking out ...

http://blogs.msdn.com/winformsue/archive/category/11821.aspx

Firstly sorry for the delay in this messaging from ClickOnce. Judging by the passionate opinions I have heard around the community on this issue, this is a blog we should have posted a while back.

[Hanselman's Blog - http://www.hanselman.com/blog/PermaLink.aspx?guid=7ce42ccd-e531-4d43-a93f-73483c0afd3d]
[Sven Groot's Blog - http://channel9.msdn.com/ShowPost.aspx?PostID=138273]

[Lady bug - http://lab.msdn.microsoft.com/productfeedback/viewfeedback.aspx?feedbackid=5b309bf8-370d-4571-8ce2-aaebb525488b ]

Geting to business; In the V2.0 release of the Framework, ClickOnce does not have support for FireFox. 
-    I do discuss later in this post how application publishers can use the ClickOnce shortcut files to allow FireFox users to install Clickonce applications.

ClickOnce does work on machines where FireFox is the default browser, if the user clicks on the deployment manifest in IE.
-    There is an issues users hit here if their application carries a bootstrapper package, again a workaround is mentioned later in the post.
 
And yes we are actively looking into remedying this in the next release of the Framework.

What happens when I click on a ClickOnce deployment in FireFox?

ClickOnce provides an implemention of the IE mime handler interface for the mime type application/x-ms-application which is associated with .application files on servers hosting ClickOnce application. Hence when a user clicks on a .application in IE our mime handler is invoked which downlods the .application file and fires up the ClickOnce install.

When a user clicks on a .application in FireFox the FireFox equivalent of the Open/Save dialog comes up. Once the .application file is downloaded to the local macine (to the FireFox cache on Open and to a user specified location on Save) it is run form there firing up ClickOnce. ClickOnce now parses the locally downloaded .application and tries to download the actual application manifest it refers to. If the .application contains a relative path to the application manifest ClickOnce will try to find it relative to the .application in the FireFox temp folder and fail. If it is a full Url to the application manifest ClickOnce fails anyway, this time due to a security check we have that does not allow the .application and the corresponding application bits to be in different security zones.

There have been Plugins written by the FireFox community
[e.g. http://www.softwarepunk.com/cohelper/] where they parse the application after it has been downloaded and read the deploymentProvider Url from it. They then use the undocumented Apis for invoking ClickOnce with the URL as a parameter [rundll32 dfshim.dll,ShOpenVerbApplication URL ]. I have never tried the approach above, but would believe it works.
 
From the ClickOnce teams perspective we would advise users against parsing the ClickOnce manifest and relying on its format for we could inadvertently break you in future manifest updates. Also since the <deploymentProvider> tag is only needed in Shell Visible installed ClickOnce applications this solution does not work for Online ClickOnce Apps.

For out next release we are looking into what we can do to provide a simple public way for the FireFox community to build plugins for ClickOnce support. Stay tuned ...
 

How do ClickOnce Shortcuts help me get ClickOnce support on FireFox?

Anytime a shell visible installed ClickOnce App is downloaded to a machine, we create a ClickOnce shortcut (.AppRef-MS) for the application under Progrmas->Publisher->Product.AppRef-MS.
The contents of this shortcut file look something like this -http://Foo/Bar/Dummy.Application#Dummy.app, Culture=neutral, PublicKeyToken=XXXXXXXXXXXX, processorArchitecture=msil
As you can see it contains the Url to the .application and the identity of the deployment manifest modulo version.

These ClickOnce shortcuts are designed so that they can be emailed to people and when ckicked on, on a machine which does not have the corrsponding application already installed they cause the application to be installed and launched.

Now asuming you have an ClickOnce application (Shell Visible Installed App - Not an Online App) you want to publish to your clients who use FireFox, all you need to do is generate the shortcut file and publish it on your server (If you have both IE and FireFox users you could have a seperate link saying "FireFox users click here" so that IE users still get the default behavior). Once the user click on an .appref-MS in FireFox the Open/Save dialog comes up. Once the .appref-MS has been downloaded to the local machine and run it will invoke ClickOnce, which in turn will download the .application from the URL specified in the shortcut and install the App.

This solution works with out any FireFox changes. Remember though that .appref-MS files can only be generated for Shell Visible Installed ClickOnce Apps.

What about client machines where FireFox is the default browser but the user clicks on the .application in IE?

This scenario just works.

There is one caveat though. If your Application carries a bootstrapper along with it to install prerequisites before the actual ClickOnce install, then your scenario might be broken. The bootstrapper after it has installed the prerequisites starts the actual ClickOnce install by launching the .application URL in the default browser (in this case FireFox) even if the user had originally clicked on an IE session to launch the bootstrapper.

There however is a easy workaround for this [http://channel9.msdn.com/ShowPost.aspx?PostID=138879] which I have recommended to users earlier with good success.

Again in closing let me reitterate, we are actively working on having a better XBrowser story for our next release.

Comments are welcome as usual.

The Decision - 
With the .Net Framework V2.0 release of ClickOnce, any ClickOnce App deployed from the internet zone can prompt the user for permission elevation.

For the earlier Beta2 release of ClickOnce, prompting had been explicitly disabled for internet applications that were not Authenticode signed. We consciously reversed this decision for the final release.

This decision of Microsoft has been questioned by a few in the ClickOnce/Security community. Though they do not agree with our decision, most of these blogs do try to be balanced and put forth both sides of the argument. However reading through a few community posts generated by these blogs, I  did get a sense that there was a perception that this was a change pushed into the release by Microsoft at the last minute due to pressure from a few large customers.

I plan to articulate out here more clearly our thinking behind this change and hopefully debunk this perception.

The Thinking Behind It -
Non authenticode signed Internet ClickOnce applications were prevented from elevating in Beta2 with the primary goal to get user feedback on this decision so we could make a more informed decision for the final release.

The Beta2 feedback helped us realize that it was important to have a consisitent IE security model for Managed and UnManaged exes, diverging in the model was confusing and muddled our security messaging. 

We also got a strong push to enable this scenario from hobbyist/non commercial/community/open source App developers who wanted to deploy their applications using ClickOnce but could not afford (both in terms of time and money) to get an Authenticode certificate. 

Let's consider the scenario below ...
Jen is a .Net entusiast and a golf fanatic. She writes a .Net Golf Handicap calculator that unfortuantely needs Intranet (Not Internet) zone permissions to run. Jen wants to share this App on her homepage with her golfing friends and would also like them to get updates as she adds new functionality to her program; ClickOnce is the ideal choice of deployment technology for her.

If ClickOnce forced Jen to have an Authenticode certificate before she could share her App she would soon be looking at other deployment options. She could decide to just write the App in native code and share the exe. The native exe (even a Managed exe for that matter) would now be downloaded and run with Fulltrust on local machine, not a big security win.

Today instead Jen can use ClickOnce to downloaded her App and run in the Intranet sandbox. She also gets to keep her app current with ClickOnce and potentially push down required updates for issues she wants patched immediately.
 
If we flipped the scenario around to where Jen was the author of a malicious Addware App and wanted to prompt the user from the internet zone she can very easily do it today. ClickOnce has not opened up a new security hole here. We just extent the current IE security model. There are no default scenarios where you can cause a user prompt to come up using ClickOnce where you couldn't for unmanaged Exes.

Also there have been comparisions of ClickOnce with ActiveX in the past and the fact that unsigned ActiveX controls from the internet zone are now blocked by IE has been used as an argument for pushing for similar behavior in Clickonce. ClickOnce and ActiveX are naturally two totally independent technologies, but if parallels have to be drawn we see ourselves closer to exes than ActiveX, and hence as discussed above have tried to maintain the same security expereince that currently exists for exes.

Configuring Prompting -
The current ClickOnce prompting model is highly configurable.
Enterprises can also specifically disable prompting for particular zones or they can use the trusted publisher list to whitelist their ClickOnce applications to run without prompting and disable all prompting.
[MSDN - http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwinforms/html/clickoncetrustpub.asp]

While upgrading from v1.0 to v2.0 of an ClickOnce application, files/assemblies that have remained unchanged (have the same hash) across the update are not redownloaded from the server. Instead they are just copied over locally in the Clickonce store from the v1.0 to v2.0 app folder. This is totally transparent to the user except for the Dowload Progress Bar moving much quicker due to the local copy.

Keep in mind file patching is only across two versions of the same application i.e. the Deployment Manifest of the two applications has to have the same identity, modulo version.
Also the patching is at file level not the binary level, hence if only a few bits in a dll have changed Clickonce will still download the entire dll.

File Patching also works for assemblies downloaded using the DownloadFileGroup() APIs.

File Patching does NOT work currently for Data files (writeableType="applicationData").

Know Issue -
Our FilePatching model for assemblies (even strong assemblies) is based entirely on file hash.
Projects when rebuilt in VS often cause the same assemblies (exacly same source) to have different hashes. Hence if you are rebuilding your entire v2.0 solution its possible that assemblies that have not changed in terms of functionality will still have a different hash and hence be redownloaded by ClickOnce instaed of being copied locally.