Avatar of sahnias
sahnias
 asked on

how to trust javascript?

nope this is not a relationship question.. :)

I hv a simple html page with a text box. To check spelling of the text written within the text box I am accessing WinWord.exe spell checker. So I create an instance of WinWord. This does work fine, except for giving me the error sayign that this control is not Trusted.

How can I make this trusted by IE, is there a way I can sign this so that IE thinks that this control is trusted and runs automatically without user intervention?

any ideas or help would be much appreciated

changing the IE internet security settings to run all activeX controls trusted or not is not an option.

thx
JavaScript

Avatar of undefined
Last Comment
alkisg

8/22/2022 - Mon
alkisg

I'm not 100% sure about this, but I think that

* one can issue a certificate that's valid for his *computer* with an office utility called
C:\Program Files\Microsoft Office\OFFICE11\SELFCERT.EXE,
* another utility exists for *domain*-wide certificates,
* and to create a *world*-wide trusted certificate you'll have to buy it from VeriSign etc.

The certificate is then put inside the ActiveX code, not the javascript code.

Are you the author of the ActiveX control, or you're just using it?
sahnias

ASKER
I am the author of the control, if u can call it a control

i just basically create an ActiveXObject(Word.Application)

I checked and for some reason I do not see the SelfCert.exe in my Office installation

Could you provide me with more information on that and on what utility to use for "domain" wide certificates.

the scope of this control is only domain wide at max ...so no need for a "world" certificate

thanks for your help
alkisg

No, you cannot sign the activexobject, because Word.Application is already signed from microsoft as "not safe for scripting".

So you either need to put your server to the "Trusted sites" on every client, or you may save your html page with an .hta extension, and navigate to it not with Internet Explorer, but with mshta.exe.

Try the following demo:
Start->Run->
mshta http://www.alkisg.com/experts/spell.hta

Select something and then press "Spell"
Your help has saved me hundreds of hours of internet surfing.
fblack61
sahnias

ASKER
for some odd reason..when i click on "spell" nothing happens..

but despite that i can not have it like that..this control has to be within a html page..

isn't there a way to make Word.Application a safe object?
alkisg

I don't think so... But it is possible to write another activex control that encaptulates Word.Application, and sign it to be trusted by the domain computers... I don't know if anyone has done such a control, try to google it.

> this control has to be within a html page..

Try mshta https://www.experts-exchange.com
Mshta just overrides security settings. You don't have to change anything in your html pages...
sahnias

ASKER
while searching for a solution I found this http://msdn.microsoft.com/library/default.asp?url=/workshop/components/activex/safety.asp

so would implementing IObjectSafety work? if so do you know how i can do this in my html page ?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER CERTIFIED SOLUTION
alkisg

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
alkisg

> so would implementing IObjectSafety work? if so do you know how i can do this in my html page ?

Just to make this perfectly clear: IObjectSafe can be implement in C++, Delphi etc, but NOT Javascript. Making activeX controls is windows programming, not web-page programming...
sahnias

ASKER
thanks for your help

while i'm trying to search for a wrapper..

going back to your initial idea of using a hta app instead of html , could you give me a simple example of how can I incorporate this spell checking hta into a html page ?

alkisg

You've already done that, haven't you? You just need to open your existing .htm with mshta, no modifications needed.

If your .htm is not working properly, you may look at this sample code:
http://www.codingforums.com/showthread.php?t=17803
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
sahnias

ASKER
i tried doing this

<HTML>
<BODY>
<IFRAME SRC="F:\spell2.hta" APPLICATION="yes">
</BODY>
</HTML>

but the user now has to allow to download the application and then allow to run it. Now its a two step process.

PS: still hvn't found a wrapper
alkisg

You can't put .hta files inside a web page.

HTML applications can only be opened with mshta.exe.

==>So the users WON'T be using their browser to see your web page, you'll have to instruct them to use
mshta http://mylocalserver/mypage.htm

sahnias

ASKER
no we can't have that

can't find a wrapper either yet

I'll try to propose perhaps..having the website as a Trusted site, with ActiveX enabled.

...meanwhile i'll still try to find a wrapper

thx for all ur help so far
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
alkisg

I think now you're on the right directions... Cheers.