tags:

views:

251

answers:

3
+2  Q: 

ActiveXObject issue in javaScript

hi..

I wrote a javascript function in my html page to execute an .exe file. for this i used ActiveXObject. my function is:

//~~~~~~~~~~~~~~~~~~~~~~~~~~~JavaScript~~~~~~~~~~~~~~~~

function openWin(url)
 {

  if (!document.all) {
         alert ("Available only with Internet Explorer.");
     return;
   }


var ws = new ActiveXObject("WScript.Shell");
ws.Exec(url);
}

//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

It works fine but there is a alert "An ActiveX control might be unsafe to interact with other parts of the page. Do you want to allow this interaction?" comes up to confirm. If i say YES only it will get loaded.

Pls anyone help me on this how to avoid this pop-up coming every time when i reload my html page.

A: 

You should enable activeX in Internet explorer security settings.

http://www.nrc.gov/reading-rm/adams/install/enabling-active-x.html

If you want your users to not seeing this message, then they should enable it. But you can't force them to do it because of security issues.

uthark  2010-02-04 12:40:18
thank you for your reply. But already my IE browser setting are the same. :-(
shan.swf  2010-02-04 13:09:26
+2  A: 

You can't. Your users can, by giving your page trusted access to their computer (e.g., by adding the URL to the "Trusted Sites" zone).

T.J. Crowder  2010-02-04 12:40:29
+1. The only reason I can think you would want to `Exec` a url is to have it open in the default browser which might not necessarily be the one in use.
Andy E  2010-02-04 12:45:26
Am trying to load a flash exe file from my html page. Exe is located in a remote path.
shan.swf  2010-02-04 12:48:36
exe will load separately not inside the browser or any new window. it will load independently.
shan.swf  2010-02-04 12:51:41
@shan: executing a url is the same as typing a url in your default browser. The same effect would be given by just providing a direct link to the file. Even a flash exe would not execute automatically, the user would be presented with a file download box instead. Your only options are to either embed the flash movie into a web page or ask your users to download and open the file.
Andy E  2010-02-04 12:52:56
i tested this in my local machine by giving the path of an exe file which is in my local system. same pop-up appearing.
shan.swf  2010-02-04 13:36:01
@shan: You'll need to adjust the security settings for the zone your browser thinks your page is in (hopefully Trusted Sites or Intranet) to allow ActiveX without warnings.
T.J. Crowder  2010-02-04 14:12:00
A: 

Is there anyway to do this without altering the client's settings? By some certificate for instance?

PCastro  2010-03-11 17:19:12

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security