Mark,
Yes that warning is intentional.
1.) What's the best thing to do for your internal users...
If your implementation is internal then you are the one that has
to determine if it is acceptable to fall back to the Office 2000 or
Office XP
security model in this regard. In other words if this is acceptable
for your entire organization, or the user community affected by such
a decision, then by all means have your installation program
add the registry entries.
2.) What's the best thing to do for your external users...
Here you get into a situation where you have to let your customers
know
that you're changing the security behavior of the Office product. As
this is your
implementation you have to be up front with the customer so they can
make
an informed decision.
3.) If you're looking to automate turning this functionality on and off,
then you'll
need to add the registry key, and be able to toggle it on and off
programmatically.
That's just setting it to zero or one respectively. I don't believe
this is a pretty solution,
and prefer to set an option such as this once and only once. This
brings us back to
Item #2 above.
4.) Do we plan on putting a facility in the UI or address this in a service
pack?
I don't know if this is planned to be addressed in a service pack or
in a future
release. But I can recommend that you send a message to
(e-mail address removed)
This address is use by customers to request functionality they want
added to the product line.
You won't get a reply from this address. I do know that mail sent to
this address is
forwarded by product line to the appropriate development team, where
it is addressed.
5.) A KB Article is in the works, which documents this registry key entry.
When this article is
posted everyone will have access to it through the normal KB Article
searches.
Thanks
Stephen Culhane
(e-mail address removed)
Microsoft Developer Support
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Mark Rubin" <
[email protected]>
| References: <
[email protected]>
<
[email protected]>
<
[email protected]>
<
[email protected]>
| Subject: Re: Following a custom protocol hyperlink causes a warning in
Excel (Office) 2003
| Date: Wed, 1 Oct 2003 14:26:31 -0700
| Lines: 150
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
| Message-ID: <#
[email protected]>
| Newsgroups: microsoft.public.excel.programming
| NNTP-Posting-Host: 63.120.254.163
| Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.excel.programming:420448
| X-Tomcat-NG: microsoft.public.excel.programming
|
| Hi, Steve,
|
| That does the trick all right. Thanks for finding that out. So my
| questions now have to do with what's the best thing to do for our users.
| I'm assuming that the warning generation is intentional--that you guys
| wanted to issue that warning--and it's not appropriate for our install
| program simply to turn off (IT staffs might get pretty upset with us if we
| did that) by default. Given that there's a registry key that controls
| whether the warning is issued or not, can I assume that MS intended to
| provide a facility from the UI to toggle this on or off (e.g. a check
box)?
| Will a service pack or something like that add the ability for the user to
| control this functionality?
|
| Otherwise, we can cook up our own solution which involves prompting the
user
| to have us turn off the warning for them, if they want when our custom URL
| link gets inserted.
|
| Thanks,
| Mark
|
| | > Mark,
| > In researching this item, I found that this was reported as a bug, and
| that
| > there is a KB Article in the works that provides a workaround. To fall
| > back and use Office 9 or 10 behavior all you have to do is add an entry
to
| > the registry.
| >
| > The location for the entry is
| > HKEY_CURRENT_USER\Sortware\Microsoft\Office\11.0\Common
| >
| > - From here add a new key called Security
| > - Under this key add a DWORD Value called DisableHyperlinkWarning
| > - Set the DisableHyperlinkWarning value to 1
| >
| > Setting the DisableHyperlinkWarning value to 1 overrides Office11
| hyperlink
| > warnings. If the value is set to 0 then the warnings are enabled again.
| >
| > I tested it and it looks like this solves the problem.
| >
| > Thank you.
| >
| > Stephen Culhane
| > (e-mail address removed)
| > Microsoft Developer Support
| >
| > This posting is provided "AS IS" with no warranties, and confers no
| rights.
| >
| >
| > --------------------
| > | X-Tomcat-ID: 345854875
| > | References: <
[email protected]>
| > <
[email protected]>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain
| > | Content-Transfer-Encoding: 7bit
| > | From: (e-mail address removed) (Peter Huang [MSFT])
| > | Organization: Microsoft
| > | Date: Mon, 29 Sep 2003 09:55:56 GMT
| > | Subject: Re: Following a custom protocol hyperlink causes a warning in
| > Excel (Office) 2003
| > | X-Tomcat-NG: microsoft.public.excel.programming
| > | Message-ID: <
[email protected]>
| > | Newsgroups: microsoft.public.excel.programming
| > | Lines: 58
| > | Path: cpmsftngxa06.phx.gbl
| > | Xref: cpmsftngxa06.phx.gbl microsoft.public.excel.programming:419660
| > | NNTP-Posting-Host: TOMCATIMPORT2 10.201.218.182
| > |
| > | Hi Mark,
| > |
| > | I am researching the issue and will update you with new information
| ASAP.
| > | Have a nice day.
| > |
| > | Regards,
| > | Peter Huang
| > | Microsoft Online Partner Support
| > | Get Secure!
www.microsoft.com/security
| > | This posting is provided "as is" with no warranties and confers no
| > rights.
| > |
| > | --------------------
| > | >From: "Mark Rubin" <
[email protected]>
| > | >References: <
[email protected]>
| > | >Subject: Re: Following a custom protocol hyperlink causes a warning
in
| > | Excel (Office) 2003
| > | >Date: Fri, 26 Sep 2003 07:47:58 -0700
| > | >Lines: 31
| > | >X-Priority: 3
| > | >X-MSMail-Priority: Normal
| > | >X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
| > | >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
| > | >Message-ID: <
[email protected]>
| > | >Newsgroups: microsoft.public.excel.programming
| > | >NNTP-Posting-Host: adsl-66-218-52-192.dslextreme.com 66.218.52.192
| > | >Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
| > | >Xref: cpmsftngxa06.phx.gbl microsoft.public.excel.programming:419145
| > | >X-Tomcat-NG: microsoft.public.excel.programming
| > | >
| > | >I should have noted in the post (as I did in the subject) that the
| > warning
| > | >only occurs with Excel 2003. Also, I just realized that the same is
| true
| > | >for the other Office apps I've played with--no warning before 2003,
but
| a
| > | >warning with 2003.
| > | >
| > | >-- Mark
| > | >
| > | >| > | >> If you insert a hyperlink with a custom protocol or even, say, the
| > file:
| > | >> protocol, Excel will generate a warning message:
| > | >> "Hyperlinks can be harmful to your computer and data. To protect
| your
| > | >> computer, click only those hyperlinks from trusted sources. Do you
| > want
| > | >to
| > | >> continue?"
| > | >> If you say you do want to continue, things proceed as expected.
| > | >>
| > | >> I've got a program that inserts hyperlinks using a custom URL
| protocol
| > | >into
| > | >> cells. In 97-XP, users can click on the hyperlink, and my custom
URL
| > | >> protocol handler will get called and do what I like. Now users
have
| > to
| > | go
| > | >> through an extra step of clicking through this warning. Although I
| > | >> understand MS's concerns here, does anyone know how a user can
elect
| to
| > | >> trust my protocol handler and avoid this message?
| > | >>
| > | >> Thanks,
| > | >> Mark
| > | >>
| > | >>
| > | >
| > | >
| > | >
| > |
| > |
| >
|
|
|
