We're developing a site that will only run on the intranet, and computers with access to this intranet will have this executable installed. We can't have any "Would you like to open [filename].exe?" prompts. Click a link and the program begins running.
I realize that giving websites the ability to run executables on the client machine is very, very bad, but management refuses to budge on this.
Machines will have Windows (XP or up) with Firefox 3.
The only way I could possibly imagine this working is through some sort of ActiveX control which would run your executable, but I don't know how feasible that is with Firefox.
This should be one of those things where -you- should be refusing to budge on it, not management.
I don't even know if that is possible. As mentioned above maybe using an ActiveX control, but then you are going to have problems with browser support and people's security settings. Not to mention the moral implications of you hijacking someone's PC.
I recommend you take a look at Adobe Flex / Air, it is designed with this model in mind and the inherent security barn door that it opens.
Reminds me of the "when people ask for security holes as features" series Raymond Chen wrote about.
An active X control is the easiest way. There is a plugin for firefox that allows you to host active X controls. Or you could just write an NS Plugin to handle this.
This is an old article about web deployment of executables. I know this is possible using Internet Explorer (because of our fragmented development team we still have to support some of this). I don't know about the firefox implications.
Try this java script
function executeCommands(inputparms) { // Instantiate the Shell object and invoke its execute method.
var oShell = new ActiveXObject("Shell.Application");
var commandtoRun = "c:\windows\Notepad.exe";
// Invoke the execute method. oShell.ShellExecute(commandtoRun, commandParms, "", "open", "1"); }
you will have to set the browser security settings accordingly and this would work only in IE.
We're developing a site that will only run on the intranet, and computers with access to this intranet will have this executable installed.
Does this mean the EXE is already installed on the desktop? You just want to launch it from the website?
If so, you can associate the EXE with a MIME Content Type and when the user clicks it, it will launch.
Pick a Content Type and a file extension, for your EXE name, for instance:
CauseChaos.exe Associated with .chaos file extenstion Content Type will be: application/chaos
Associate the file extension with your EXE via the EXE install. I show it here, using InnoSetup
[Registry]
Root: HKCR; Subkey: .chaos; ValueType: string; ValueData: CauseChaos; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos; ValueType: string; ValueData: CauseChaos Tool; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos\DefaultIcon; ValueType: string; ValueData: {app}\CauseChaos.exe,0; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos\shell\open\command; ValueType: string; ValueData: "{app}\CauseChaos.exe ""%1"""; Flags: uninsdeletekeyAssociate the MIME content type with the file extension, through the EXE install.
[Registry] (continued...)
Root: HKCR; Subkey: HKCR\Mime\Database\Content Type\application/chaos; ValueType: string; ValueName: Extension; ValueData: .chaos; Flags: uninsdeletevalueUsing a "file:///c:/Program Files/myprogs/myprog.exe" URL in the link used to work for IE. But, I have not tried this in a long time.
I would recommend the MIME type method above or adding a special URI prefix "chaos://myparams" that is handled by that executable.
Been there done that. MIME types (accepted answer at the moment I add this) requires a lot of configuring on client and server.This is quite a bit of work, and you end up with temporary files etc.
Our solution was to add our own "Custom URL Protocol Handler". Basically, add URL type x-our-intranet and make your corporate app the URL handler for it. Now any link will start your corporate app, passing "x-our-intrenet:foo" as a command-line argument. All it takes is a client-side registry entry, similar to the MIME types.
I understand completely what you are wanting. All I read on the internet is people mentioning this is a big security breach etc... However, I dont guess they understand why you would want this implemented and I will explain why I need this and am working on a solution to this problem and am getting very close.
I have many different user applications, ex. Call Center, etc... I am currently working on a lockdown desktop that runs in Kiosk mode. All the user will see is a blue screen with some computer information and an IE icon. My goal is to run the Microsoft Office, and some internal Client/Server apps from this page. It works perfectly fine as everything is still there just my users cannot see it. However, I'm having the same issues as you. My network is very secure utilizing MPLS, internal and external managed Routers, Firewalls/ASA's, and plenty of security professionals. Plus, this is strictly INTERNAL only. So, in my opinion its perfectly ok. So, if I come up with some sort of workaround solution for this I will post it.