How to invoke IE ...

  • Thread starter Thread starter pamelafluente
  • Start date Start date
P

pamelafluente

To open a local file with IE I use:

System.Diagnostics.Process.Start("IExplore.exe", LocalFileName)

this works. My problem is that the "LocalFileName" has some script
inside that get blocked when the file is on the local machine. IE
prompts the user wheter he want to execute it.

My Question:
How do I modify the above invocation (i.e. what parameters are needed)
to avoid that IE block the script execution and prompt the user? I want
that IE execute the "LocalFileName" without prompting the user.

Thank you very much in advance,

-Pamela
 
The block script setting is in IE, Internet Options, Advanced & is held in
the registry. I suppose you can enable scripts & bypass IE security that
way.

Crouchie1998
BA (HONS) MCP MCSE
 
Ahhh, Thank you very much Crouchie1998 , I was naively hoping that
Microsoft's programmers had considered the possibility to disable
script blocking by a simple command line parameter.

So, this issue seems to be more complicate than I expected (note that
in my case it is perfectly safe to run the script because the HTML is
generate on the fly and I know what it does).

Would I ask too much if I could get a snippet on how to
programmatically (VB.NET) disable script execution when running:
System.Diagnostics.Process.Start("IExplore.exe", LocalFileName) ?

Possibly (or optionally) I would like to disable it only for
"LocalFileName".

I would not know where to start, to put my hand on the registry and I
do need to load that page without blocker :-(

Thank you very much in advance for any help,

-Pamela
 
Pamela

If that is the correct key to manipulate then here are two different ways of
going about what you need:

1) Just disable script debugging
2) Check to see if its disabled already. If not disable it. Finally change
the setting back to the original setting the user had

' Imports

Imports System.Security.permissions
Imports Microsoft.Win32
Imports System.Diagnostics

' Variables

' Variable used for location of script debugger
Dim strKey As String = "Software\Microsoft\Internet Explorer\Main"
' Variable used for registry key
Dim reg As RegistryKey

1) First way:

' Create new registry permissions
Dim rp As New RegistryPermission(RegistryPermissionAccess.Write,
"HKEY_CURRENT_USER\" & strKey)
' Demand access to 'HKEY_CURRENT_USER\Software\Microsoft\Internet
Explorer\Main
rp.Demand()
' Open the registry key for write access
reg = Registry.CurrentUser.OpenSubKey(strKey, True)
' Check to see if key exists
If Not (reg Is Nothing) Then
' Disable script debugging
reg.SetValue("Disable Script Debugger", "no")
End If
' -------------------------------------
' Your code here for openning your page
'Process.Start("IExplore.exe", "")
' -------------------------------------
' Check again to see if key exists
If Not (reg Is Nothing) Then
' Set back to disabling script debugging
reg.SetValue("Disable Script Debugger", "yes")
End If
' Close the registry key
If Not reg Is Nothing Then reg.Close()
' Destroy the object
If Not reg Is Nothing Then reg = Nothing
' Destroy the registry permissions
rp = Nothing

2) Second Way

' Variable used to store the return value
Dim strRetVal As String
' Create new registry permissions
Dim rp As New RegistryPermission(RegistryPermissionAccess.Write,
"HKEY_CURRENT_USER\" & strKey)
' Demand access to 'HKEY_CURRENT_USER\Software\Microsoft\Internet
Explorer\Main
rp.Demand()
' Open the registry key for write access
reg = Registry.CurrentUser.OpenSubKey(strKey, True)
' See if script debugging is already disabled
strRetVal = CType(reg.GetValue("Disable Script Debugger", "yes"),
String)
' Check to see if return value is set
If Not (strRetVal = Nothing) Then
' Is script debugging enabled?
If Not (strRetVal.ToLower = "no") Then
' if script debugging is enabled, disable it
reg.SetValue("Disable Script Debugger", "no")
End If
End If
' -------------------------------------
' Your code here for openning your page
'Process.Start("IExplore.exe", "")
' -------------------------------------
' Was script debugging disabled?
If (strRetVal.ToLower = "yes") Then
' Set back to disabling script debugging
reg.SetValue("Disable Script Debugger", "yes")
End If
' Close the registry key
If Not reg Is Nothing Then reg.Close()
' Destroy the object
If Not reg Is Nothing Then reg = Nothing
' Destroy the registry permissions
rp = Nothing


As I mentioned above: If this doesn't work for you then paste in your code &
I will help you with a way around what you need, but I need the HTML page
too, remember?

I hope this helps,

Crouchie1998
BA (HONS) MCP MCSE
 
I think (could be wrong) that this is a security feature of "Internet
Explorer," the GUI, rather than Internet Explorer "the object.' You can
create your own browser by simply dropping the IE WebBrowser control on a
form. This is what MSDN Library does, for instance. Just an idea.
 
msnews.microsoft.com ha scritto:
Crouchie1998
BA (HONS) MCP MCSE
Click to expand...

Dear Crouchie1998, I have tried both methods several times. I have also
tried by removing the second part (in case asyncronous execution could
be an issue. Can it? The page can be very large!). I have tried
changing "yes" to "no" and viceversa. The code executes fine without
errors but the script of the component get *always* blocked.

My html page is simple: there is only one call to an external file:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>My Sample Page</title>
<style type="text/css" media="screen">
... some style here and the call follows .............. [remove
this line]
img {behavior:url("pngbehavior.htc");}
</style>
</head>
<body>
... some html, css and images here.............. [remove this line]
</body>
</html>


and this is the content of the external file "pngbehavior.htc":


<public:component>
<public:attach event="onpropertychange" onevent="propertyChanged()"/>
<script>

var supported = /MSIE (5\.5)|[6789]/.test(navigator.userAgent) &&
navigator.platform == "Win32";
var realSrc;
var blankSrc = "blank.gif";

if (supported) fixImage();

function propertyChanged() {
if (!supported) return;

var pName = event.propertyName;
if (pName != "src") return;
// if not set to blank
if ( ! new RegExp(blankSrc).test(src))
fixImage();
};

function fixImage() {
// get src
var src = element.src;

// check for real change
if (src == realSrc) {
element.src = blankSrc;
return;
}

if ( ! new RegExp(blankSrc).test(src)) {
// backup old src
realSrc = src;
}

// test for png
if ( /\.png$/.test( realSrc.toLowerCase() ) ) {
// set blank image
element.src = blankSrc;
// set filter
element.runtimeStyle.filter =
"progid:DXImageTransform.Microsoft.AlphaImageLoader(src='" +
src + "',sizingMethod='scale')";
}
else {
// remove filter
element.runtimeStyle.filter = "";
}
}

</script>
</public:component>



The rest are just plain html, css, and images.

Thank you VERY VERY much for you kind help!!!

-Pam
 
Thank you for your idea. In my case I would prefer to invoke the
external browser, so the the user can use his preferred browser (for
instance Firefox or whatever) ...

btw: are you positive that in this case there would not be blocking?

CMM ha scritto:
 
Thank you for your idea. In my case I would prefer to invoke the
external browser, so the the user can use his preferred browser (for
instance Firefox or whatever) ...

btw: are you positive that in this case there would not be blocking?
Click to expand...

As I said, No. But, it couldn't be easier for you to test. It's like a 5
minute thing to drop the WebBrowser control on a form and do .NavigateUrl2
(or whatever the method is called) to the file to see.
 
Hello

A lot of programs of mine exist from HTML GUI`S ( HTML is generated from
values from a database , the webbrowser control then navigates to these
pages
( example of what i mean http://www.toolbase.nl/tbSite/pTbSiteShots.aspx
some screenshots , press the pictures to enlarge )
these pages are full of javascript and postings back to the webbrowser ,,,,
this does not raise anny security issue


regards

Michel Posseth [MCP]
 
It's very good to know that, Michel.Thanks!

Anyway it somehow inconvenient that Microsoft does not make easier to
control security settings from within the programming language, when IE
is invoked programmatically. Why are we forced to mess with the
register. And further, is it possible that programs such as SPYBOT or
alike, which we all have installed on pur pc's, will block the
attempts?

Actually forcing the user to use the IE component might not always be
very nice or polite. There are people who are very strict when talking
about web browsers, and they absolutely do not want to see some of
them. I had some experience when I posted some question on the
stylesheet group :-) To them IE it's like talking of the devil !

Also, another issue is transparency. For instance in my pages I have a
lot of transparent png's. The fact that we have to wait for IE7 to get
what other browsers have since several years (alpha-transparency) is
not nice at all. So if I use the IE component I will condemn all my
users to view transparency through a complicate filtering trick.

I think that sometimes Microsoft is not right thinking that world is
revolving around them. Should allow a little more space to others. I
still feel a lot of resistance when proposing .NET applications
(although I do believe this is the best developing environment
available) and perhaps this is a result of several small actions which
at the end of the day generate hostility from some persons. This does
not make me feel good, as we all know how much effort to develop takes.

By the way, while we wait to see if we can solve the original problem
(btw, Crouchie1998 couldn't be that for "components" we have to use
something different from ("Disable Script Debugger" ?), may I ask
whether anyone knows how do I test (vb.net or any other .net lang) if
IE is the current selected browser (instead of firefox, or alike) that
is:

Function CurrentSelectedBrowserIsIE() as Boolean
'...
end function


-Pamela

m.posseth ha scritto:
Hello

A lot of programs of mine exist from HTML GUI`S ( HTML is generated from
values from a database , the webbrowser control then navigates to these
pages
( example of what i mean http://www.toolbase.nl/tbSite/pTbSiteShots.aspx
some screenshots , press the pictures to enlarge )
these pages are full of javascript and postings back to the webbrowser ,,,,
this does not raise anny security issue


regards

Michel Posseth [MCP]




CMM said:
As I said, No. But, it couldn't be easier for you to test. It's like a 5
minute thing to drop the WebBrowser control on a form and do .NavigateUrl2
(or whatever the method is called) to the file to see.
Click to expand...
Click to expand...
 
Frankly I would be dismayed if IE allowed this setting to be turned off by
programmers such as yourself. It defeats the whole purpose of security and
essentially renders your program a TROJAN. I mean, what if your program
crashes before you get a chance to put the setting back? I hope that
registry setting is locked down with permissions in most installations. And,
contrary to your comments, I for one DO hope that programs antispyware
programs do block your attempts.

P.S. Considering you're loading a local page with local javascript I don't
see why a user would care what "Web" browser you're using to display it.
It's, after all, not on the web. You've already been told of an EASY
solution that does not rape the user and do things behind his or her back.
That you choose not accept it is totally up to you.
 
Yeah. You may be right as to the security. [Event though, I guess, that
people who want to make trojan are not stopped by messing with the
registry, while I can be :-) ]

Your suggestion is good, however, my biggest issue is with
transparency, as I have a lot of a-transparent stuff on pages and the
component, I guess, is not able to display alpha-transparency (as IE6)
....

-Pam

CMM ha scritto:
 
You can check to see if the user has FireFox installed... if they do launch
it directly using Process.Start.... I'm sure you can pass the path to your
file on the commandline. If not, use IE in your own WinForms shell.

--
-C. Moya
www.cmoya.com
Yeah. You may be right as to the security. [Event though, I guess, that
people who want to make trojan are not stopped by messing with the
registry, while I can be :-) ]

Your suggestion is good, however, my biggest issue is with
transparency, as I have a lot of a-transparent stuff on pages and the
component, I guess, is not able to display alpha-transparency (as IE6)
...

-Pam

CMM ha scritto:
Click to expand...
 
Well there are some solutions

http://koivi.com/ie-png-transparency/

but you can also wait until IE7 is out as this problem doesn`t exist in this
version

regards

Michel


Yeah. You may be right as to the security. [Event though, I guess, that
people who want to make trojan are not stopped by messing with the
registry, while I can be :-) ]

Your suggestion is good, however, my biggest issue is with
transparency, as I have a lot of a-transparent stuff on pages and the
component, I guess, is not able to display alpha-transparency (as IE6)
...

-Pam

CMM ha scritto:
Click to expand...
 
Yes! I am really anxious to see it... I wonder how long we have to wait
to have it as a component for VS ... maybe it will be .net component
(?) do you think it's possible?

m.posseth ha scritto:
Well there are some solutions

http://koivi.com/ie-png-transparency/

but you can also wait until IE7 is out as this problem doesn`t exist in this
version

regards

Michel


Yeah. You may be right as to the security. [Event though, I guess, that
people who want to make trojan are not stopped by messing with the
registry, while I can be :-) ]

Your suggestion is good, however, my biggest issue is with
transparency, as I have a lot of a-transparent stuff on pages and the
component, I guess, is not able to display alpha-transparency (as IE6)
...

-Pam

CMM ha scritto:
Frankly I would be dismayed if IE allowed this setting to be turned off
by
programmers such as yourself. It defeats the whole purpose of security
and
essentially renders your program a TROJAN. I mean, what if your program
crashes before you get a chance to put the setting back? I hope that
registry setting is locked down with permissions in most installations.
And,
contrary to your comments, I for one DO hope that programs antispyware
programs do block your attempts.

P.S. Considering you're loading a local page with local javascript I
don't
see why a user would care what "Web" browser you're using to display it.
It's, after all, not on the web. You've already been told of an EASY
solution that does not rape the user and do things behind his or her
back.
That you choose not accept it is totally up to you.
Click to expand...
Click to expand...
Click to expand...
 
Back
Top