AsynchPP and 'File Download' message box
Falko Niemz
I have created a APP that provides Files from a database to the IE
webbrowsercontrol. This works fine till Microsoft extends it's system
security by adding the 'confirm open after download' function.
Now every time the APP provides a File with this flag set the well
known dialog box ("Do you want to open or save this file") comes up
and the user must click [open] to show the file in the IE control.
But -
if I open a file with the <file://> protocol in IE, this dialog box
doesn't appear.
OK. Now my question. Is it possible to avoid this dialog box.
All hints are welcome
Thanks in advance
Falko
Igor Tandetnik
message news:e4I8cLn$GHA....@TK2MSFTNGP02.phx.gbl
> I have created a APP that provides Files from a database to the IE
> webbrowsercontrol. This works fine till Microsoft extends it's system
> security by adding the 'confirm open after download' function.
> Now every time the APP provides a File with this flag set the well
> known dialog box ("Do you want to open or save this file") comes up
> and the user must click [open] to show the file in the IE control.
> But -
> if I open a file with the <file://> protocol in IE, this dialog box
> doesn't appear.
Do you report the correct MIME type for your content?
--
With best wishes,
Igor Tandetnik
With sufficient thrust, pigs fly just fine. However, this is not
necessarily a good idea. It is hard to be sure where they are going to
land, and it could be dangerous sitting under them as they fly
overhead. -- RFC 1925
Falko Niemz
Hello Igor,
> Do you report the correct MIME type for your content?
Yes. I call FindMimeFromData with the filename and report the result
with 'ReportProgress (BINDSTATUS_MIMETYPEAVAILABLE ...)'
Also calling the
'ReportProgress (BINDSTATUS_CACHEFILENAMEAVAILABLE ...) with the
existing Filename.
Igor Tandetnik
> I have created a APP that provides Files from a database to the IE
> webbrowsercontrol. This works fine till Microsoft extends it's system
> security by adding the 'confirm open after download' function.
> Now every time the APP provides a File with this flag set the well
> known dialog box ("Do you want to open or save this file") comes up
> and the user must click [open] to show the file in the IE control.
> But -
> if I open a file with the <file://> protocol in IE, this dialog box
> doesn't appear.
I guess the document retrieved with file: protocol is considered to come
from My Computer zone, while the content of your APP is considered to
come from Internet zone, and thus is subject to stricter security
settings.
> OK. Now my question. Is it possible to avoid this dialog box.
Implement IInternetProtocolInfo::ParseUrl, in particular handle
PARSE_SECURITY_URL parse action. See
IInternetSecurityManager::GetSecurityId for a description of what
security URL should look like. Play with CoInternetGetSecurityURL to see
what it looks like for file: protocol, and construct something similar.
You can even report a security URL with file: schema, so that security
decisions are made on your URLs as if they were using file: protocol.
Falko Niemz
> Falko Niemz <niemz@REMOVE_CAPS_AND_INVALIDpisa.de.invalid> wrote:
> Implement IInternetProtocolInfo::ParseUrl, in particular handle
> PARSE_SECURITY_URL parse action. See
> IInternetSecurityManager::GetSecurityId for a description of what
> security URL should look like. Play with CoInternetGetSecurityURL to see
> what it looks like for file: protocol, and construct something similar.
> You can even report a security URL with file: schema, so that security
> decisions are made on your URLs as if they were using file: protocol.
Hello Igor,
this is a good hint. I implemented the IInternetProtocolInfo::ParseUrl
method and strait forwarded to http (http:) but no effect.
Then I tried to return the file protocol (file: or
file:///<filename>) but also no effect. The dialog box comes up and
makes me crazy.
The Documentation says:
< snippet >
PARSE_SECURITY_URL
Retrieve the URL that should be used by the security manager to make
security decisions. The returned URL should either return just the
namespace of the protocol or map the protocol to a known protocol
(such as HTTP).
< snippet >
I couldn't see a way to transport the Security Zone.
The Description for IInternetSecurityManager::GetSecurityId gives me
the [<scheme>:<domain>+<zone>].
I couldn't append the zone to the domain because it is a number and
for the localhost zone it is zero witch is the string terminator
normally. Is there a Zone descriptor for use in URL's?
Or is a IInternetSecurityManager Interface support required?
--
with best wishes,
Falko
Igor Tandetnik
> this is a good hint. I implemented the IInternetProtocolInfo::ParseUrl
> method and strait forwarded to http (http:) but no effect.
> Then I tried to return the file protocol (file: or
> file:///<filename>) but also no effect. The dialog box comes up and
> makes me crazy.
Try file://FullFilePath (with two forward slashes). This is what res://
protocol handler produces.
Falko Niemz
>
> Try file://FullFilePath (with two forward slashes). This is what res://
> protocol handler produces.
<file://D:\....\sample.doc> ---> It is the same. DialogBox appears.
--
With best wishes,
Falko Niemz
Igor Tandetnik
> Igor Tandetnik schrieb:
>> Do you report the correct MIME type for your content?
>
> Yes. I call FindMimeFromData with the filename and report the result
> with 'ReportProgress (BINDSTATUS_MIMETYPEAVAILABLE ...)'
So, what MIME type are you reporting? Is it text/html or something else?
And what's in the file - is it HTML?
Falko Niemz
> Falko Niemz <niemz@REMOVE_CAPS_AND_INVALIDpisa.de.invalid> wrote:
>> Igor Tandetnik schrieb:
>>> Do you report the correct MIME type for your content?
>> Yes. I call FindMimeFromData with the filename and report the result
>> with 'ReportProgress (BINDSTATUS_MIMETYPEAVAILABLE ...)'
>
> So, what MIME type are you reporting? Is it text/html or something else?
> And what's in the file - is it HTML?
Oh sorry I forgot. This query box comes only on some file types up.
Important for me are all office types (doc, xls, rtf ... )
In that case the mime type is 'application/msword' ore others with
'application/*' .
All text types (html, cml, txt) works fine - without the download
question.
I guess it's associated with the 'confirm after download' switch in
the Explorer file types options.
Igor Tandetnik
> Igor Tandetnik schrieb:
>> So, what MIME type are you reporting? Is it text/html or something
>> else? And what's in the file - is it HTML?
>
> Oh sorry I forgot. This query box comes only on some file types up.
> Important for me are all office types (doc, xls, rtf ... )
For .doc files, I get the prompt you describe if I drag and drop a .doc
file onto IE. If I manually type a file:// URL into address bar instead,
there is no prompt, but it behaves differently: it opens a standalone
instance of Word rather than hosting one in IE (as it does with drag and
drop). I suspect IE has special handling file: protocol when entered
directly into address bar.
Falko Niemz
> "Falko Niemz" <niemz@REMOVE_CAPS_AND_INVALIDpisa.de.invalid> wrote in
> message news:OEzqndLB...@TK2MSFTNGP02.phx.gbl
> For .doc files, I get the prompt you describe if I drag and drop a .doc
> file onto IE. If I manually type a file:// URL into address bar instead,
> there is no prompt, but it behaves differently: it opens a standalone
> instance of Word rather than hosting one in IE (as it does with drag and
> drop). I suspect IE has special handling file: protocol when entered
> directly into address bar.
May be you are right. I didn't tested the drag 'n drop behavour
before. I guess there is no way to avoid this dialog box except unset
the 'confirm after download' option.
It's advanced security!
Holder@discussions.microsoft.com Joel Holder
problem. The WebBrowser control can host MSOffice documents, but it wants to
confirm open after download. This behavior can be disabled manually either
by unchecking the "confirm open after download" box, but I need to handle it
programmatically. Is this a registry setting that can be manipulated? Any
IE experts out there have an idea on this?
Thanks,
Joel
Joel Holder
What you need to do is programmatically add the apps to this key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\AttachmentExecute\{0002DF01-0000-0000-C000-000000000046}
Enjoy..