executing scripts within a web browser control under the system ac

  • Thread starter Thread starter QSIDeveloper
  • Start date Start date
Q

QSIDeveloper

We have a .Net 2.0 webservice hosted under IIS that converts classic ASP
webpages into image files. When run under the system account, the underlying
web browser control is failing to execute the script that populates the page
with its data (the resulting image contains the static HTML elements, but no
data). Running a command line app, which bypasses webservice wrapper and
calls the conversion code directly, works as expected producing the static
HTML with the dynamic data. However, if the command line app is scheduled to
run using the "at.exe" command under the system account, the conversion
exhibits the same behavior as the webservice, that is, the dynamic data is
missing from the form. This points to a security restriction with executing
scripts within a web browser control under the system account. How do we
remove this restriction (group policy setting, internet setting, etc)?
 
Hello John,

Thanks for your posting! I have a quick test in my side,

1. Write a test.js script file in local driver D:\. The content looks like,
var filename = 'D://Test//temp.txt';
var fso = new ActiveXObject('Scripting.FileSystemObject');
if (fso.FileExists(filename)) {
var a, ForAppending, file;
ForAppending = 8;
file = fso.OpenTextFile(filename, ForAppending, false);
}
else {
var file = fso.CreateTextFile(filename, true);
file.WriteLine("hello");
}
file.Close();

2. Use the psexec tool from SysinternalsSuite to run psexec -s cmd. This
launches a console process under System Account.

3. In the cmd, we navigate to D:\ and run test.js. After that, I can see
the script creates a file in my D:\Test\ folder. The system account works
OK.

As far as I research on the internet, I also do not see anyone to report
that the System Account lacks of permission to run script. So, the problem
may be something else.

For better troubleshooting, would you mind letting me know the following
information,

1. What version of OS and IE, you are using?

2. When running the script within web browser control under the normal
user, do you see a prompt warning "An ActiveX control on this page might be
unsafe to interact with other parts of the page. Do you want to allow this
interaction?". If that is the case, the System Account cannot work here
because there is no one to click the Yes button to enable the script to run.

3. What does your script do? Does it retrieve the data from some DB? Could
you please post the codes of the script.

4. Would you mind giving a brief description about how you are using Web
Broswer Control to launch ASP page and convert it to image?

I collect these questions just for better supporting the case. Thanks for
your understanding! Have a nice day!

Best regards,
Colbert Zhou (colbertz @online.microsoft.com, remove 'online.')
Microsoft Online Community Support

Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
(e-mail address removed).
 
The issue seems to be related with the configuring trusted sites. I added the
server hosting the ASP pages as a trusted site for all users on the machine
doing the conversion of HTML to image format. Using the same command line app
invoked with the "at" command now, we are now able to retrieve the dynamic
content while running under the system account. However, the dynamic content
is still not showing up when invoked through the webservice. We have found a
single server where the webservice works correctly, however, we don't know
what is different with this machine.

Both servers are 2003, IE 7. There are no ActiveX controls on the ASP page
(it retrieves data from the database).
 
Back
Top