Solved

detecting activex security settings "script activex controls marked safe for scripting"

Posted on 2004-03-23
7
509 Views
Last Modified: 2007-12-19
I need to detec if "script activex controls marked safe for scripting" is enabled or not.

I found this but it does not test specifically enough becuase I assume shell is not marked safe for scripting :) I am assuming that if I run the same code but trying to instantiate an object marked safe for scripting then I'll have what I am looking for.  The solution is an IE only solution so does anyone know:

a) a better way to test for this?
b) an object marked safe for scripting that should be installed on all/most Windoze installs

on error resume next
set oShell = CreateObject("Shell.Application")
set oFolder = oShell.NameSpace("NUL:\")
if err.number <> 0 then
    document.write "Unable to use CreateObject"
else
    document.write "Able to use CreateObject"
end if


Thanks
0
Comment
Question by:chisholmd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 33

Expert Comment

by:sajuks
ID: 10664471
Security reasons dont allow you to check for such properties.
0
 
LVL 33

Expert Comment

by:sajuks
ID: 10664577
// An alernative ethat you can provide to the user...try...catch

<script>
function detectSetting() {
objNet = new ActiveXObject("WScript.Network")
return objNet.ComputerName + " - " + objNet.UserName
}
try {
 document.write(detectSetting())
}
catch(e) {
 if (confirm("Please DO say yes, try again?")) location.reload()
}
</script>
0
 
LVL 3

Expert Comment

by:xp_commander
ID: 10664588
I don't quiet agree to that. When you developing user friendly apps , at times it makes more sense to know clients environment setting, at times just for trouble shooting related purpose, etc.  As long as you not violating the user's security or writing a malicious code, its nothing wrong detecting browser settings.

You need to write an applet , or just buy a ready made product. Check this out , if it interests you :-
http://www.cyscape.com/showbrow.asp?bhcp=1
0
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

 
LVL 7

Author Comment

by:chisholmd
ID: 10664655
Thanks sajuks, I'll try that. Although I am not sure if WScript.Network is considered "safe for scripting"

The snippet I posted references something that is not marked safe for scripting, so if they allow "safe" but disallow "unsafe" it will just show me "can't create object" even if safe is turned on.   Hopefully Wscript is marked safe because then I'll be able to dicern the difference.

As a note to the pupose; this is part of a subscription app that uses an HTML editing control. If they want to use the app they have to allow "safe for scripting objects"   Right now if they don't allow safe objects they get an ugly error. I want to detect first and provide them a message with how to enable it.

Windows update requires safe activex to be enabled, as does embedded media players etc etc, so I don't think I am asking for unsafe settings so much.

I'll try it now

0
 
LVL 7

Author Comment

by:chisholmd
ID: 10664747
Ya as I though wscript is definitly not marked safe for scripting.

ya see I have an extensive list of detection scripts for my app to detect the presense of various media players, shockwav, etc.   But in those cases I am testing to see if they have one of them installed or not.

In this case I need to test for an object that i am very confident is already installed. wscript is a good candidate in that regard. However I need one that is marked safe for scripting, wscript is definitly not marked safe.

Unfortunetly I don't have the source code license to the 3rd party js I am useing "ActiveEdit" from cfdev.com.  On the server side it creates their object, which has a method that writes the js, so I can't go and add a try around that portion of their code which would be the easiest.

<time passes>

Well I found my answer, If most windows machines have the ado library installed then using the adodb.connnection object works fine. It is marked safe for scripting, so when I try and create it, it will suceed if safe is enabled and fail if it isn't.

Cheers
dave
0
 

Accepted Solution

by:
PashaMod earned 0 total points
ID: 11007184
PAQed, with points refunded (250)

PashaMod
Community Support Moderator
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The task A number given should be formatted for easy reading by separating digits into triads. Format must be made inline via JavaScript, i.e., frameworks / functions are not welcome. So let’s take a number like this “12345678.91¿ and format i…
Having worked on larger scale sites, we found out that you are bound to look at more scalable solutions to integrating widgets, code snippets or complete applications and mesh them into functional sites, in any given composition. To share some of…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question