Mark an ActiveX control as "safe for initialization" & "safe for scripting"
631 views
Skip to first unread message
Stormtrooper42
Jul 9, 2010, 4:43:39 AM7/9/10
to firebreath-dev
Hello,
I'd like to know if there's a simple way to mark an ActiveX control as
"safe for initialization" & "safe for scripting" with Firebreath.
I can see in src/ActiveXPlugin/FBControl.h:
public IObjectSafetyImpl<CFBControl,
INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA/
* | INTERFACE_USES_DISPEX*/ >
So, I thought the ActiveX would be marked as safe, but IE displays its
annoying yellow bar (it's set to medium-high security level, which is
the default).
I'd like to know if there's a simple way to mark an ActiveX control as
"safe for initialization" & "safe for scripting" with Firebreath.
I can see in src/ActiveXPlugin/FBControl.h:
public IObjectSafetyImpl<CFBControl,
INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA/
* | INTERFACE_USES_DISPEX*/ >
So, I thought the ActiveX would be marked as safe, but IE displays its
annoying yellow bar (it's set to medium-high security level, which is
the default).
Richard Bateman
Jul 9, 2010, 9:20:12 AM7/9/10
to firebre...@googlegroups.com
The activeX control *is* marked as safe for init and safe for scripting, however they have added new security things. Which bar is it? If you're running the page on localhost, that will display a yellow bar before displaying any activex content. On other pages, some versions of IE and Windows still require you to "okay" an activex control for a given website.
So if you can give us more info on what you're trying to do, maybe we can help you resolve the problem.
Richard
Stormtrooper42
Jul 9, 2010, 10:31:16 AM7/9/10
to firebreath-dev
Thanks for your answer.
I was indeed running the page from file://C:\Users\...
The yellow bar was displaying "To help protect your security Internet
explorer has restricted this webpage from running scripts or ActiveX
controls that could access your computer. Click here for options..."
This message is displayed every time I run this page.
Now, if I use a webserver (such as wamp) it asks me to allow the
control, but remembers this choice. (IE8 on Windows 7)
"To help protect your security, Internet Explorer has restricted this
site from showing certain content. Click here for options."
This message appears only the first time I visit the page.
So, I guess it isn't too much of a problem.
> smime.p7s
> 5KViewDownload
I was indeed running the page from file://C:\Users\...
The yellow bar was displaying "To help protect your security Internet
explorer has restricted this webpage from running scripts or ActiveX
controls that could access your computer. Click here for options..."
This message is displayed every time I run this page.
Now, if I use a webserver (such as wamp) it asks me to allow the
control, but remembers this choice. (IE8 on Windows 7)
"To help protect your security, Internet Explorer has restricted this
site from showing certain content. Click here for options."
This message appears only the first time I visit the page.
So, I guess it isn't too much of a problem.
> 5KViewDownload
Richard Bateman
Jul 9, 2010, 12:30:48 PM7/9/10
to firebre...@googlegroups.com
as an FYI, you can make IE treat that page as if it were on a remote server even though it's local by adding:
<!-- saved from url=(0013)about:internet -->
as the first line of the page. The reason that I don't do that is because having that message appear gives me a chance to attach the debugger in IE8 to the correct process before the plugin loads.
Richard
Reply all
Reply to author
Forward
0 new messages