Solved

Disable security warnings in an ActiveX WebBrowser control

Posted on 2004-08-25
12
1,907 Views
Last Modified: 2013-12-03
I'm using a WebBrowser ActiveX control with C++ (and MFC). I'm calling the control's methods through an IWebBrowser2 COM interface.
The point is: I want to be able to have links in the contained HTML code that launch applications. To achieve this, I have the following HTML + VBScript code, which works fine:

<html>
<head>
<script language=VBScript>

sub execute(what)
set objShell=CreateObject("Wscript.Shell")
objShell.Run(what)
end sub

</script>
</head>
<body>
<input type="button" value="notepad" onclick=execute("notepad")>
</body>
</html>

But I get a warning dialog bos telling me that executing that code could not be secure, and asking if I want to continue. I want to configure the WebBrowser control in a way that the warning is not showed.
0
Comment
Question by:pulupul
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
12 Comments
 
LVL 16

Accepted Solution

by:
nonubik earned 250 total points
ID: 11902231
For this you can just set some registry keys values for IE
They are to be found in
     HKCU\software\microsoft\windows\currentversion\internet settings\zones\
There you have like 5 zones, from minmum level to maximum. They are the settings from IE->Tools->Internet options -> Security tab -> Custom level
You'll just need to find out which one of them (as they are numbers like '1001') need to be reset.

In your case I suspect it's an option that has the radio button set to 'prompt'
0
 
LVL 16

Expert Comment

by:nonubik
ID: 11902253
Is 'Run ActiveX controls and plugins' set to 'prompt' ? Or is something about scripting?
0
 
LVL 16

Expert Comment

by:nonubik
ID: 11904260
If you cnat tell exactly what option has to be changed, maybe I can help more.
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 
LVL 3

Author Comment

by:pulupul
ID: 11904397
But that would change that setting for the whole system, which is a considerable security risk. I need to disable the warning dialog only in my instance of the WebBrowser control.
0
 
LVL 16

Expert Comment

by:nonubik
ID: 11904418
Of course. You'll just write a function inside your app that does the following:

retain the old value of that regkey
set it (yep, for the whole system) for your control
put the old value back after finishing.
0
 
LVL 3

Author Comment

by:pulupul
ID: 11904545
I can't do that, because I have no code that handles the event, everything happens "inside" the WebBrowser control. The other option would be to change the registry key in WebControl creation, and restore it in destruction, but this is not feasible since the control exists during long time periods, and the system would be exposed to attacks in that time.
0
 
LVL 1

Assisted Solution

by:meski
meski earned 250 total points
ID: 11909012
Are you implementing IObjectSafety inside your ActiveX object?  There's some info on it here.
http://msdn.microsoft.com/workshop/components/activex/safety.asp
0
 
LVL 3

Author Comment

by:pulupul
ID: 11915844
What is IObjectSafety and what is it for?, I have read the URL but I can't get to understand what is it about. I don't know much about ActiveX.
0
 
LVL 16

Expert Comment

by:nonubik
ID: 11921154
If Internet Explorer determines that your control supports IObjectSafety, it calls the IObjectSafety::SetInterfaceSafetyOptions method prior to loading your control in order to determine whether your control is safe for initialization.
0
 
LVL 16

Expert Comment

by:nonubik
ID: 11921163
A second way to mark your ActiveX as safe is using the Component Categories Manager, registering some keys. There's a whole example on that link.
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show how to use the Ribbon IDs Tool Window to assign the built-in Office icons to a ribbon button.  This tool will help us to find the OfficeImageId that corresponds to our desired built-in Office icon. The tool is part of…
For a while now I'v been searching for a circular progress control, much like the one you get when first starting your Silverlight application. I found a couple that were written in WPF and there were a few written in Silverlight, but all appeared o…
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question