detecting activex security settings "script activex controls marked safe for scripting"

I need to detec if "script activex controls marked safe for scripting" is enabled or not.

I found this but it does not test specifically enough becuase I assume shell is not marked safe for scripting :) I am assuming that if I run the same code but trying to instantiate an object marked safe for scripting then I'll have what I am looking for.  The solution is an IE only solution so does anyone know:

a) a better way to test for this?
b) an object marked safe for scripting that should be installed on all/most Windoze installs

on error resume next
set oShell = CreateObject("Shell.Application")
set oFolder = oShell.NameSpace("NUL:\")
if err.number <> 0 then
    document.write "Unable to use CreateObject"
else
    document.write "Able to use CreateObject"
end if


Thanks
LVL 7
chisholmdAsked:
Who is Participating?
 
PashaModCommented:
PAQed, with points refunded (250)

PashaMod
Community Support Moderator
0
 
sajuksCommented:
Security reasons dont allow you to check for such properties.
0
 
sajuksCommented:
// An alernative ethat you can provide to the user...try...catch

<script>
function detectSetting() {
objNet = new ActiveXObject("WScript.Network")
return objNet.ComputerName + " - " + objNet.UserName
}
try {
 document.write(detectSetting())
}
catch(e) {
 if (confirm("Please DO say yes, try again?")) location.reload()
}
</script>
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
xp_commanderCommented:
I don't quiet agree to that. When you developing user friendly apps , at times it makes more sense to know clients environment setting, at times just for trouble shooting related purpose, etc.  As long as you not violating the user's security or writing a malicious code, its nothing wrong detecting browser settings.

You need to write an applet , or just buy a ready made product. Check this out , if it interests you :-
http://www.cyscape.com/showbrow.asp?bhcp=1
0
 
chisholmdAuthor Commented:
Thanks sajuks, I'll try that. Although I am not sure if WScript.Network is considered "safe for scripting"

The snippet I posted references something that is not marked safe for scripting, so if they allow "safe" but disallow "unsafe" it will just show me "can't create object" even if safe is turned on.   Hopefully Wscript is marked safe because then I'll be able to dicern the difference.

As a note to the pupose; this is part of a subscription app that uses an HTML editing control. If they want to use the app they have to allow "safe for scripting objects"   Right now if they don't allow safe objects they get an ugly error. I want to detect first and provide them a message with how to enable it.

Windows update requires safe activex to be enabled, as does embedded media players etc etc, so I don't think I am asking for unsafe settings so much.

I'll try it now

0
 
chisholmdAuthor Commented:
Ya as I though wscript is definitly not marked safe for scripting.

ya see I have an extensive list of detection scripts for my app to detect the presense of various media players, shockwav, etc.   But in those cases I am testing to see if they have one of them installed or not.

In this case I need to test for an object that i am very confident is already installed. wscript is a good candidate in that regard. However I need one that is marked safe for scripting, wscript is definitly not marked safe.

Unfortunetly I don't have the source code license to the 3rd party js I am useing "ActiveEdit" from cfdev.com.  On the server side it creates their object, which has a method that writes the js, so I can't go and add a try around that portion of their code which would be the easiest.

<time passes>

Well I found my answer, If most windows machines have the ado library installed then using the adodb.connnection object works fine. It is marked safe for scripting, so when I try and create it, it will suceed if safe is enabled and fail if it isn't.

Cheers
dave
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.