Attributes are used for many different things in .NET: unit testing, serialization, language interoperability, etc.
.NET also provides the ability to create custom attributes. These can be used to build our own object mapping (ORM), custom serialization mechanisms, or other distinguishing objects for a specific purpose.
Protecting .NET applications that use custom attributes is a seamless process with Dotfuscator. Dotfuscator cloaks attribute definitions and automatically updates references throughout the application, so the name remains hidden. If the attribute is defined in an external library (not included in obfuscation), Dotfuscator automatically preserves the attribute usage within its inputs.
This default behavior handles most scenarios involving attributes. But there are times when a custom configuration is necessary. Fortunately, Dotfuscator’s rules engine gives us the flexibility to handle any unique scenario involving custom attributes.
Please consider the following example app:
A custom PermissionRequiredAttribute has been created to distinguish features requiring special permission:
After protecting with Dotfuscator, the PermissionRequiredAttribute, along with all references, are hidden:
Equally as important, the app runtime behavior works properly after protection:
The above scenario works great. But, sometimes, Dotfuscator configuration is required. For example, if PermissionRequiredAttribute is loaded by an external reference not included in obfuscation, we would need a rule to preserve it from Renaming.
In another example, types decorated by PermissionRequiredAttribute are serialized, but the deserialization mechanism is not obfuscated. In this case, rather than excluding the custom attribute itself, we would create a rule to exclude any type (or member) decorated by PermissionsRequiredAttribute:
Custom attributes are yet another powerful component of the .NET platform. When used effectively, they save time and lines of code. Protecting apps that use custom attributes is simple when we follow the guidelines above.
If you have feedback on this topic or other topics you would like us to discuss in the Support Corner, please contact our Support Department.