views:

141

answers:

2

We have a .Net application that is used for editing/rendering customized HTML documents. It is hosted in IE using the AxSHDocVw.AxWebBrowser controls. We proceed with navigating to "about:blank" page initially then we change the Document by writing our custom values into it. The problem we are facing is the call to IHTMLTxtRange.execCommand("Copy",false,null) is failing if we don't enable the IE Security Settings in the Internet Security zone (Scripting->Allow Programmatic Access to Clipboard ).

In order to bypass the security setting ,I tried to point to a local html file initially while navigating. But this fails as soon as I modify the Document.

I want to use the IHTMLTxtRange.execCommand("Copy",false,null) command so that I can customize our Copy/Paste operations. Is there any other way I can do this. Please share your ideas inorder to overcome this situation. Thanks. Sriram

A: 

As far as I know, there is no way to do that without user permission. Its a security/privacy loophole to allow access to clipboard, and its natural that browsers are protective about it.

  1. You have already tried out ActiveX, and it doesn't work
  2. With Flash, you can interact with system clipboard - but only if its a part of an event handler. See Flash Player 10 Security.
  3. Javascript doesn't expose a way to access the clipboard.
  4. Not sure about silverlight, but I am guessing it would also restrict access to clipboard.

In short, the user has to explicitly give your application/website permission to access clipboard.

sri
A: 

Try implement IInternetSecurityManager on your webbrowser control host, handle URLACTION_SCRIPT_PASTE in ProcessUrlAction. Note there is a bug in earlier versions of IE that causes the webbrowser to ignore host's URLACTION_SCRIPT_PASTE handling.

Sheng Jiang 蒋晟
Thanks for you suggestion. I tried this approach. Implemented IInternetSecurityManager,and IOleClientSite interfaces to my Test Form.But my ProcessUrlAction is not getting Hit when I run my test form. I am not sure whether I am missing some steps.I followed another approach.ie to change the Security Zone of the about:blank to Local Computer using the SetZoneMapping from IInternetSecurityManager...It worked.!!My plan is to set the zone to local when the application is running and reset it when the application exits..Do you see this is a right approach..ThanksSriram
From the article linked above: MSHTML calls the QueryInterface method on the IOleClientSite interface to get the IServiceProvider interface. IServiceProvider::QueryService is called to get an IInternetSecurityManager interface.
Sheng Jiang 蒋晟