XBAP Warning (#1782)

* Test include link

* Test include link

* Test include link

* Helps if you add the include. HA!

* Add links xbap warning

* update note

dotnet-desktop-guide/framework/wpf/advanced/application-startup-time.md

@@ -127,7 +127,9 @@ The amount of time that is required for a WPF application to start can vary grea
  If your application uses ClickOnce, avoid network access on startup by configuring ClickOnce to check the deployment site for updates after the application starts.  
 
  If you use the XAML browser application (XBAP) model, keep in mind that ClickOnce checks the deployment site for updates even if the XBAP is already in the ClickOnce cache. For more information, see [ClickOnce Security and Deployment](/visualstudio/deployment/clickonce-security-and-deployment).  
-
+
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 ## Configure the PresentationFontCache Service to Start Automatically  
 
  The first WPF application to run after a reboot is the PresentationFontCache service. The service caches the system fonts, improves font access, and improves overall performance. There is an overhead in starting the service, and in some controlled environments, consider configuring the service to start automatically when the system reboots.  

dotnet-desktop-guide/framework/wpf/advanced/xaml-overview.md

@@ -320,6 +320,8 @@ XAML is a markup language that directly represents object instantiation and exec
 
 WPF for .NET Framework supports Code Access Security (CAS). This means that WPF content running in the internet zone has reduced execution permissions. "Loose XAML" (pages of noncompiled XAML interpreted at load time by a XAML viewer) and XBAP are usually run in this internet zone and use the same permission set. However, XAML loaded in to a fully trusted application has the same access to the system resources as the hosting application does. For more information, see [WPF Partial Trust Security](../wpf-partial-trust-security.md).
 
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 ## Loading XAML from code
 
 XAML can be used to define all of the UI, but it is sometimes also appropriate to define just a piece of the UI in XAML. This capability could be used to enable partial customization, local storage of information, using XAML to provide a business object, or a variety of possible scenarios. The key to these scenarios is the <xref:System.Windows.Markup.XamlReader> class and its <xref:System.Windows.Markup.XamlReader.Load%2A> method. The input is a XAML file, and the output is an object that represents all of the run-time tree of objects that was created from that markup. You then can insert the object to be a property of another object that already exists in the app. So long as the property is an appropriate property in the content model that has eventual display capabilities and that will notify the execution engine that new content has been added into the app, you can modify a running app's contents easily by loading in XAML. For .NET Framework, this capability is generally only available in full-trust applications, because of the obvious security implications of loading files into applications as they run.

dotnet-desktop-guide/framework/wpf/app-development/application-management-overview.md

@@ -85,6 +85,8 @@ This code is the minimum that is required to implement an application definition
 
 Standalone applications and XAML browser applications (XBAPs) require the implementation of a certain level of infrastructure before they can run. The most important part of this infrastructure is the entry point. When an application is launched by a user, the operating system calls the entry point, which is a well-known function for starting applications.
 
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 Traditionally, developers have needed to write some or all of this code for themselves, depending on the technology. However, WPF generates this code for you when the markup file of your application definition is configured as an MSBuild `ApplicationDefinition` item, as shown in the following MSBuild project file:
 
 ```xml

dotnet-desktop-guide/framework/wpf/app-development/configure-vs-to-debug-a-xaml-browser-to-call-a-web-service.md

@@ -14,6 +14,8 @@ description: Learn how to configure Visual Studio to debug an XAML browser appli
 
 XAML browser applications (XBAPs) run within a partial-trust security sandbox that is restricted to the Internet zone set of permissions. This permission set restricts Web service calls to only Web services that are located at the XBAP application's site of origin. When an XBAP is debugged from Visual Studio 2005, though, it is not considered to have the same site of origin as the Web service it references. This causes security exceptions to be raised when the XBAP attempts to call the Web service. However, a Visual Studio 2005 XAML Browser Application (WPF) project can be configured to simulate having the same site of origin as the Web service it calls while debugging. This allows the XBAP to safely call the Web service without causing security exceptions.
 
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 ## Configuring Visual Studio
 
  To configure Visual Studio 2005 to debug an XBAP that calls a Web service:

dotnet-desktop-guide/framework/wpf/app-development/deploying-a-wpf-application-wpf.md

@@ -100,6 +100,8 @@ After Windows Presentation Foundation (WPF) applications are built, they need to
 
 ### Deploying XAML Browser Applications  
 
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
  XBAPs are compiled applications that require the following three files to be deployed:  
 
 - *ApplicationName*.exe: The executable assembly application file.  

dotnet-desktop-guide/framework/wpf/app-development/firefox-add-ons-to-support-net-application-deployment.md

@@ -13,6 +13,8 @@ description: Learn how the WPF plug-in for Firefox enables XBAPs and loose XAML
 
 The Windows Presentation Foundation (WPF) plug-in for Firefox and the .NET Framework Assistant for Firefox enable XAML browser applications (XBAPs), loose XAML, and ClickOnce applications to work with the Mozilla Firefox browser.  
 
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 ## WPF Plug-in for Firefox  
 
  The WPF plug-in for Firefox enables XBAPs and loose XAML files to be navigated to and run at the top-level or in an HTML IFRAME in the Firefox browser. An XBAP is a WPF application that can be published to a Web server and launched within supported browsers. Loose XAML is a XAML-only file that can be navigated to and displayed in supported browsers, much like an XML file.  

dotnet-desktop-guide/framework/wpf/app-development/hosting-wpf-applications.md

@@ -13,7 +13,9 @@ description: Learn how an XBAP can be hosted in other browsers or stand-alone ap
 # Hosting WPF Applications
 
 WPF XAML Browser Applications (XBAPs) are rich-client applications that can be deployed to a Web server and started in a browser. The WPF Host (PresentationHost.exe) is registered as the shell and MIME handler for XBAP and XAML files. Therefore, Internet Explorer knows to start the WPF Host when an XBAP is launched. Firefox users can install Firefox add-ons that enable Firefox to host XBAPs as well. An XBAP can be hosted in other browsers or stand-alone applications by using the native browser hosting APIs provided by WPF.  
-
+
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 ## In This Section  
 
  [WPF XAML Browser Applications Overview](wpf-xaml-browser-applications-overview.md)  

dotnet-desktop-guide/framework/wpf/app-development/how-to-detect-whether-the-wpf-plug-in-for-firefox-is-installed.md

@@ -16,6 +16,8 @@ ms.assetid: 5f839373-e3fb-44f1-88ad-4a0761f02189
 
 The Windows Presentation Foundation (WPF) plug-in for Firefox enables XAML browser applications (XBAPs) and loose XAML files to run in the Mozilla Firefox browser. This topic provides a script written in HTML and JavaScript that administrators can use to determine whether the WPF plug-in for Firefox is installed.
 
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 > [!NOTE]
 > For more information about installing, deploying, and detecting the .NET Framework, see [Install the .NET Framework for developers](/dotnet/framework/install/guide-for-developers).
 

dotnet-desktop-guide/framework/wpf/app-development/how-to-determine-if-a-page-is-browser-hosted.md

@@ -13,7 +13,9 @@ ms.assetid: 737e0f26-8371-49b4-9579-70879e51e1aa
 # How to: Determine If a Page is Browser Hosted
 
 This example demonstrates how to determine if a <xref:System.Windows.Controls.Page> is hosted in a browser.  
-
+
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 ## Example  
 
  A <xref:System.Windows.Controls.Page> can be host agnostic and, consequently, can be loaded into several different types of hosts, including a <xref:System.Windows.Controls.Frame>, a <xref:System.Windows.Navigation.NavigationWindow>, or a browser. This can happen when you have a library assembly that contains one or more pages, and which is referenced by multiple standalone and browsable (XAML browser application (XBAP)) host applications.  

dotnet-desktop-guide/framework/wpf/app-development/iwpfhostsupport.md

@@ -9,7 +9,9 @@ ms.assetid: cc5a0281-de81-4cc1-87e4-0e46b1a811e9
 # IWpfHostSupport
 
 Applications that host Windows Presentation Foundation (WPF) content via PresentationHost.exe implement this interface to provide a point of integration between the host and PresentationHost.exe.  
-
+
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 ## Remarks  
 
  Win32 applications such as Web browsers can host WPF content, including XAML browser applications (XBAPs) and loose XAML. To host WPF content, Win32 applications create an instance of the [WebBrowser control](/previous-versions/windows/internet-explorer/ie-developer/platform-apis/aa752040(v=vs.85)). To be hosted, WPF creates an instance of PresentationHost.exe, which provides the hosted WPF content to the host for display in the [WebBrowser control](/previous-versions/windows/internet-explorer/ie-developer/platform-apis/aa752040(v=vs.85)).  

dotnet-desktop-guide/framework/wpf/app-development/native-wpf-browser-hosting-support-apis.md

@@ -12,7 +12,9 @@ ms.assetid: 82c133a8-d760-45fb-a2b9-3a997537f1d4
 # Native WPF Browser Hosting Support APIs
 
 Hosting of WPF applications in Web browsers is facilitated by an Active Document server (also known as a DocObject) registered out of the WPF Host. Internet Explorer can directly activate and integrate with an Active Document. For hosting of XBAPs and loose XAML documents in Mozilla browsers, WPF provides an NPAPI plugin, which provides a similar hosting environment to the WPF Active Document server as Internet Explorer does. However, the easiest practical way to host XBAPs and XAML documents in other browsers and standalone applications is via the Internet Explorer Web Browser control. The Web Browser control provides the complex Active Document server hosting environment, yet it enables its own host to customize and extend that environment and communicate directly with the current Active Document object.  
-
+
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
  The WPF Active Document server implements several common hosting interfaces, including [IOleObject](/windows/win32/api/oleidl/nn-oleidl-ioleobject), [IOleDocument](/windows/win32/api/docobj/nn-docobj-ioledocument), [IOleInPlaceActiveObject](/windows/win32/api/oleidl/nn-oleidl-ioleinplaceactiveobject), [IPersistMoniker](/previous-versions/windows/internet-explorer/ie-developer/platform-apis/ms775042(v=vs.85)), [IOleCommandTarget](/windows/win32/api/docobj/nn-docobj-iolecommandtarget). When hosted in the Web Browser control, these interfaces can be queries from the object returned by the [IWebBrowser2::Document](/previous-versions/aa752116(v=vs.85)) property.  
 
 ## IOleCommandTarget  

dotnet-desktop-guide/framework/wpf/app-development/wpf-host-presentationhost-exe.md

@@ -10,6 +10,8 @@ ms.assetid: 3215bfa1-722c-4ac8-a7c5-bdd02d30afbd
 ---
 # WPF Host (PresentationHost.exe)
 
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 Windows Presentation Foundation (WPF) Host (PresentationHost.exe) is the application that enables WPF applications to be hosted in compatible browsers (including Microsoft Internet Explorer 6 and later). By default, Windows Presentation Foundation (WPF) Host is registered as the shell and MIME handler for browser-hosted WPF content, which includes:  
 
 - Loose (uncompiled) XAML files (.xaml).  

dotnet-desktop-guide/framework/wpf/app-development/wpf-xaml-browser-applications-overview.md

@@ -18,8 +18,7 @@ ms.assetid: 3a7a86a8-75d5-4898-96b9-73da151e5e16
 <a name="introduction"></a>
 XAML browser applications (XBAPs) combines features of both Web applications and rich-client applications. Like Web applications, XBAPs can be deployed to a Web server and started from Internet Explorer or Firefox on Windows. Like rich-client applications, XBAPs can take advantage of the capabilities of WPF. Developing XBAPs is also similar to rich-client development. This topic provides a simple, high-level introduction to XBAP development and describes where XBAP development differs from standard rich-client development.
 
->[!IMPORTANT]
-> XBAPs require legacy browsers to operate, such as Internet Explorer and Firefox. These older browser versions are usually unsupported on Windows 10 and Windows 11.
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
 
  This topic contains the following sections:
 

dotnet-desktop-guide/framework/wpf/includes/xbap-unsupported.md

@@ -0,0 +1,9 @@
+---
+author: adegeo
+ms.author: adegeo
+ms.date: 03/11/2024
+ms.topic: include
+---
+
+>[!WARNING]
+> XBAPs require legacy browsers to operate, such as Internet Explorer and Firefox. These older browser versions are usually unsupported on Windows 10 and Windows 11. Modern browsers no longer support the technology required for XBAP apps due to security risks. Plugins that enable XBAPs are no longer supported.

dotnet-desktop-guide/framework/wpf/security-wpf.md

@@ -20,6 +20,8 @@ ms.assetid: ee1baea0-3611-4e36-9ad6-fcd5205376fb
 <a name="introduction"></a> When developing Windows Presentation Foundation (WPF) standalone and browser-hosted applications, you must consider the security model. WPF standalone applications execute with unrestricted permissions ( CAS**FullTrust** permission set), whether deployed using Windows Installer (.msi), XCopy, or ClickOnce. Deploying partial-trust, standalone WPF applications with ClickOnce is unsupported. However, a full-trust host application can create a partial-trust <xref:System.AppDomain> using the .NET Framework Add-in model. For more information, see [WPF Add-Ins Overview](./app-development/wpf-add-ins-overview.md).  
 
  WPF browser-hosted applications are hosted by Windows Internet Explorer or Firefox, and can be either XAML browser applications (XBAPs) or loose Extensible Application Markup Language (XAML) documents For more information, see [WPF XAML Browser Applications Overview](./app-development/wpf-xaml-browser-applications-overview.md).  
+
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
 
  WPF browser-hosted applications execute within a partial trust security sandbox, by default, which is limited to the default CAS**Internet** zone permission set. This effectively isolates WPF browser-hosted applications from the client computer in the same way that you would expect typical Web applications to be isolated. An XBAP can elevate privileges, up to Full Trust, depending on the security zone of the deployment URL and the client's security configuration. For more information, see [WPF Partial Trust Security](wpf-partial-trust-security.md).  
 

dotnet-desktop-guide/framework/wpf/wpf-partial-trust-security.md

@@ -80,6 +80,8 @@ ms.assetid: ef2c0810-1dbf-4511-babd-1fab95b523b5
 
  For XBAP applications, code that exceeds the default permission set will have different behavior depending on the security zone. In some cases, the user will receive a warning when they attempt to install it. The user can choose to continue or cancel the installation. The following table describes the behavior of the application for each security zone and what you have to do for the application to receive full trust.  
 
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 |Security Zone|Behavior|Getting Full Trust|  
 |-------------------|--------------|------------------------|  
 |Local computer|Automatic full trust|No action is needed.|  
@@ -124,7 +126,9 @@ ms.assetid: ef2c0810-1dbf-4511-babd-1fab95b523b5
 ### Browser Host Detection  
 
  Using CAS to check for permissions is a suitable technique when you need to check on a per-permission basis. Although, this technique depends on catching exceptions as a part of normal processing, which is not recommended in general and can have performance issues. Instead, if your XAML browser application (XBAP) only runs within the Internet zone sandbox, you can use the <xref:System.Windows.Interop.BrowserInteropHelper.IsBrowserHosted%2A?displayProperty=nameWithType> property, which returns true for XAML browser applications (XBAPs).  
-
+
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
 > [!NOTE]
 > <xref:System.Windows.Interop.BrowserInteropHelper.IsBrowserHosted%2A> only distinguishes whether an application is running in a browser, not which set of permissions an application is running with.  
   
@@ -133,7 +137,9 @@ ms.assetid: ef2c0810-1dbf-4511-babd-1fab95b523b5
 ## Managing Permissions  
 
  By default, XBAPs run with partial trust (default Internet zone permission set). However, depending on the requirements of the application, it is possible to change the set of permissions from the default. For example, if an XBAPs is launched from a local intranet, it can take advantage of an increased permission set, which is shown in the following table.  
-
+
+[!INCLUDE [xbap-unsupported](~/framework/wpf/includes/xbap-unsupported.md)]
+
  Table 3: LocalIntranet and Internet Permissions  
 
 |Permission|Attribute|LocalIntranet|Internet|