This was recently asked on SharePoint StackExchange and I believe it deserves a blog post.

If you ever had to develop anything more than a SharePoint Hello World Online App, you would definitely know what SPWeb.AllowUnsafeUpdates is used for. In case you don’t know, a couple of good reads to start from can be found here and here. If you want a more extensive explanation, this is a very good article.

Back to the original question now – is setting SPWeb.AllowUnsafeUpdates to true or false a resource expensive process? Plot twist – NO. On the other hand if you want to understand what happens when you set that property, read on.

From the first look it might seem like a property, but actually the setter of that property calls a method named SetAllowUnsafeUpdates(value) which has the following code:

private void SetAllowUnsafeUpdates(bool allowUnsafeUpdates)

SetIgnoreCanary sets to ignore Canary (Canary is something that refers to a method of buffer overflow protection ( and checks if permissions are properly propagated:

public void SetIgnoreCanary(bool bIgnoreCanary)

    [....] some code omitted

by calling EnsureRightsPropagated:

private void EnsureRightsPropagated()
  if (this.m_pa.Permissions == this.m_permsAdded)
  this.m_SPRequest.GrantAdditionalPermissions((ulong) this.m_pa.Permissions);
  this.m_permsAdded = this.m_pa.Permissions;

And the latter “assigns” additional permissions for the current SPRequest by calling GrantAdditionalPermissions:

public void GrantAdditionalPermissions(ulong mask)


Which apparently is an empty method :)

As it seems SPWeb.AllowUnsafeUpdates make a lot out of nothing..

Hope this helps!