Internet security inquery and problem

  • Thread starter Thread starter Janice_2k
  • Start date Start date
J

Janice_2k

Hi members and gurus,
I am a newbie in internet security and programming.
The website I developed has a button that will call a
vbscript function to launch an application
(audiorRecorder.exe) that is stored in the user's
computer. The code used is as below:

Dim fso,WshShell
set fso=CreateObject("Scripting.FileSystemObject")
Set WshShell = CreateObject("WScript.Shell")

if fso.FileExists("C:\Program
Files\IEBAudioRecorder\test.txt") then 'Give whole path
to the file here
msgBox("File Exists")
WshShell.Run("C:\Progra~1\IEBAud~1
\AudioRecorder.exe") 'run one.exe program
else
msgbox("file not found, please download it")
WshShell.Run
("http://server:00/library/IEBSoundRecorder.exe") 'downloa
d installer from the server
end if

set fso=nothing
set WshShell=nothing

When the user's internet security is set as default or
medium, the "Initialize and script ActiveX controls not
marked as safe" was set to "disable". If that's the case,
the vbscript function is blocked. If I change
to "prompt", an ActiveX dialog box will pop out
saying "an ActiveX control on this page might be
unsafe....Do you want to allow this interaction? Yes/No".
However, I don't think requesting user to change their
settings is advisable as it will place the user at a high
risk if there are malicious virus or scripts. I was
testing on IE6.

My question is, how can I solve this problem (enable the
vbscript to run and launch the application / skip the
ActiveX pop up) without changing user's internet security
setting?

I would be very glad if someone could share the knowledge
with me. Looking forward to some reply soon.

Thanks in advance,
Janice
 
Janice,

The only way is to have the users add your site to the Trusted Zone.

--
Ramesh, Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

Windows 2000 Group Policy Registry Table:
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/gp/gpref.asp

Hi members and gurus,
I am a newbie in internet security and programming.
The website I developed has a button that will call a
vbscript function to launch an application
(audiorRecorder.exe) that is stored in the user's
computer. The code used is as below:

Dim fso,WshShell
set fso=CreateObject("Scripting.FileSystemObject")
Set WshShell = CreateObject("WScript.Shell")

if fso.FileExists("C:\Program
Files\IEBAudioRecorder\test.txt") then 'Give whole path
to the file here
msgBox("File Exists")
WshShell.Run("C:\Progra~1\IEBAud~1
\AudioRecorder.exe") 'run one.exe program
else
msgbox("file not found, please download it")
WshShell.Run
("http://server:00/library/IEBSoundRecorder.exe") 'downloa
d installer from the server
end if

set fso=nothing
set WshShell=nothing

When the user's internet security is set as default or
medium, the "Initialize and script ActiveX controls not
marked as safe" was set to "disable". If that's the case,
the vbscript function is blocked. If I change
to "prompt", an ActiveX dialog box will pop out
saying "an ActiveX control on this page might be
unsafe....Do you want to allow this interaction? Yes/No".
However, I don't think requesting user to change their
settings is advisable as it will place the user at a high
risk if there are malicious virus or scripts. I was
testing on IE6.

My question is, how can I solve this problem (enable the
vbscript to run and launch the application / skip the
ActiveX pop up) without changing user's internet security
setting?

I would be very glad if someone could share the knowledge
with me. Looking forward to some reply soon.

Thanks in advance,
Janice
 
Thanks Ramesh for your reply.

Does that mean that I have to request user to do these
tasks? Is there a way that I can do from developer/server
side?

How about getting a digital certificate? Will this be
solved? If yes, which object should I sign for the
Digital certificate? The vbscript function? or the exe
file that I created? Is it to do with IObjectSafety? I
happened to read about IObjectSafety just now but not
sure what is the purpose of it. Looking forward to your
reply soon.

Thanks in advance,
Janice
-----Original Message-----
Janice,

The only way is to have the users add your site to the Trusted Zone.

--
Ramesh, Microsoft MVP
Windows XP Shell/User
http://www.mvps.org/sramesh2k

Windows 2000 Group Policy Registry Table:
http://www.microsoft.com/windows2000/techinfo/reskit/en- us/gp/gpref.asp

"Janice_2k" <[email protected]> wrote
Click to expand...
in message news:[email protected]...
Hi members and gurus,
I am a newbie in internet security and programming.
The website I developed has a button that will call a
vbscript function to launch an application
(audiorRecorder.exe) that is stored in the user's
computer. The code used is as below:

Dim fso,WshShell
set fso=CreateObject("Scripting.FileSystemObject")
Set WshShell = CreateObject("WScript.Shell")

if fso.FileExists("C:\Program
Files\IEBAudioRecorder\test.txt") then 'Give whole path
to the file here
msgBox("File Exists")
WshShell.Run("C:\Progra~1\IEBAud~1
\AudioRecorder.exe") 'run one.exe program
else
msgbox("file not found, please download it")
WshShell.Run
Click to expand...
("http://server:00/library/IEBSoundRecorder.exe") 'downloa
 
Back
Top