Warning when scripting an ActiveX control.

Discussion in 'Javascript' started by Dave, Jun 20, 2005.

  1. Dave

    Dave Guest

    I have this sample HTML code:

    <html>

    <head>
    <script type="text/javascript">
    var WinHttpReq = new ActiveXObject("WinHttp.WinHttpRequest.5.1");
    </script>
    </head>

    <body>
    </body>

    </html>

    As you can see it really does nothing but instantiate an ActiveX
    control.

    Loading the page off my desktop into IE6 results in this warning:

    "An ActiveX control on this page might be unsafe
    to interact with other parts of the page. Do you
    want to allow this interaction?"

    I'd like to turn this warning off since

    * It's not a random ActiveX control it's a standard MS component
    * It's not being installed from the internet. It's being loaded and run
    from the local machine.

    but from my reading I may not be able to do that. Does anyone know how
    I can let IE6 know that it's safe to instantiate this object?

    Thanks
    Dave, Jun 20, 2005
    #1
    1. Advertising

  2. Dave

    Wintersrush Guest

    Hi
    I am having the same issue. I have enabeled EVERYTHING on my computer,
    active x, java this that and the other, and I still get that damn
    warning and it won't load. *sigh* I would be equally grateful if
    someone can tell me how to rub my computer belly just right to make it
    work.

    I've even went as far as to put everything on the lowest security
    settings possible and shut off ALL the AntiSpyware crap from Microsoft
    (just in case , since its Beta 1) but to no avail it still gave me that
    little annoying error.

    So I just put everything back up to full security since then.

    *grumbles bastards*
    Wintersrush, Jun 20, 2005
    #2
    1. Advertising

  3. Dave

    Dave Guest

    In my case, if I click "Yes" on the warning the ActiveX control does in
    fact load and it behaves correctly but I'm just trying to avoid being
    asked each time.


    In article <>,
    says...
    > Hi
    > I am having the same issue. I have enabeled EVERYTHING on my computer,
    > active x, java this that and the other, and I still get that damn
    > warning and it won't load. *sigh* I would be equally grateful if
    > someone can tell me how to rub my computer belly just right to make it
    > work.
    >
    > I've even went as far as to put everything on the lowest security
    > settings possible and shut off ALL the AntiSpyware crap from Microsoft
    > (just in case , since its Beta 1) but to no avail it still gave me that
    > little annoying error.
    >
    > So I just put everything back up to full security since then.
    >
    > *grumbles bastards*
    >
    >
    Dave, Jun 20, 2005
    #3
  4. Dave

    web.dev Guest

    Dave,

    Have you tried going to (on IE) Tools > Internet Options > Security >
    Custom Levels and then setting everything under Active X Controls &
    plug-ins to be "Enabled" ?
    web.dev, Jun 20, 2005
    #4
  5. Dave

    Bonnett Guest

    Dave wrote:
    > Loading the page off my desktop into IE6 results in this warning:
    >
    > "An ActiveX control on this page might be unsafe
    > to interact with other parts of the page. Do you
    > want to allow this interaction?"
    >
    > I'd like to turn this warning off since
    >
    > * It's not a random ActiveX control it's a standard MS component
    > * It's not being installed from the internet. It's being loaded and run
    > from the local machine.
    >
    > but from my reading I may not be able to do that. Does anyone know how
    > I can let IE6 know that it's safe to instantiate this object?
    >
    > Thanks


    I think you need the "Mark of the web" on your page -
    http://www.phdcc.com/xpsp2.htm#markoftheweb - assuming you are using
    IE6 SP2 that is.
    Bonnett, Jun 21, 2005
    #5
  6. Dave

    Dave Guest

    Yes, I've set everything that I could to enable on both the "internet"
    and "local intranet" zones.

    Did you try the code in the original post? Did you see the same
    problem?

    In article <>,
    says...
    > Dave,
    >
    > Have you tried going to (on IE) Tools > Internet Options > Security >
    > Custom Levels and then setting everything under Active X Controls &
    > plug-ins to be "Enabled" ?
    >
    >
    Dave, Jun 21, 2005
    #6
  7. Dave

    Dave Guest

    I believe I've set everything with an "enable" option to enable in the
    Internet, Local intranet and Trusted sites zones. This is in the
    security tab of IE's Internet Options dialog...

    Were you able to bring up the code from the original post without an
    error?

    In article <>,
    says...
    > Dave,
    >
    > Have you tried going to (on IE) Tools > Internet Options > Security >
    > Custom Levels and then setting everything under Active X Controls &
    > plug-ins to be "Enabled" ?
    >
    >
    Dave, Jun 21, 2005
    #7
  8. Dave

    Dave Guest

    In article <>,
    says..s
    >
    > I think you need the "Mark of the web" on your page -
    > http://www.phdcc.com/xpsp2.htm#markoftheweb - assuming you are using
    > IE6 SP2 that is.
    >
    >

    Actually, I'm surprised to see that I'm NOT at SP2 on this computer.

    I'm going try that first.
    Dave, Jun 21, 2005
    #8
  9. If your site is intended for intranet use, use a hta file. They are a
    more trusted version of IE and won't show you that pesky warning.
    Pretty dumb from MS to even show that warning if it's one of their own
    ActiveX' . Even the use of filters and transitions will show the
    warning. tssss
    michael elias, Jun 21, 2005
    #9
  10. Dave

    Dave Guest

    It's not necessarily intended only for intranet use but I felt that was
    the easiest case to handle first.

    I'm not familiar with hta files but I'll do some google research. If
    you have a good site for me that will explain how hta files may help me,
    please pass it along.

    I agree it seems crazy, I'm not asking users to download some unknown
    ActiveX control, I'm just trying to use something that's part of
    windows.

    Thanks for the ideas...


    In article <>,
    says...
    > If your site is intended for intranet use, use a hta file. They are a
    > more trusted version of IE and won't show you that pesky warning.
    > Pretty dumb from MS to even show that warning if it's one of their own
    > ActiveX' . Even the use of filters and transitions will show the
    > warning. tssss
    >
    >
    Dave, Jun 21, 2005
    #10
  11. Dave

    Dave Guest

    Behavior unchanged in SP2 Re: Warning when scripting an ActiveX control.

    In article <>,
    says...
    > Dave wrote:
    > > Loading the page off my desktop into IE6 results in this warning:
    > >
    > > "An ActiveX control on this page might be unsafe
    > > to interact with other parts of the page. Do you
    > > want to allow this interaction?"
    > >
    > > I'd like to turn this warning off since
    > >
    > > * It's not a random ActiveX control it's a standard MS component
    > > * It's not being installed from the internet. It's being loaded and run
    > > from the local machine.
    > >
    > > but from my reading I may not be able to do that. Does anyone know how
    > > I can let IE6 know that it's safe to instantiate this object?
    > >
    > > Thanks

    >
    > I think you need the "Mark of the web" on your page -
    > http://www.phdcc.com/xpsp2.htm#markoftheweb - assuming you are using
    > IE6 SP2 that is.


    I updated to SP2 and there was no change to the behavior so I looked
    more closely at the web site you sent me and I don't think it will help
    me.

    First of all I tried it, and on the simple example I posted, it worked.
    However, it seems that the mark of the web prevents "get" messages from
    being sent by javascript on the page. I need to do that because the
    page will be using AJAX to update itself.

    Also, although I'm developing the html on my local machine, the html
    will ultimately be delivered by an app server like any other web page.

    To me the critical point is that the ActiveX control I want to access
    will be on the user's local machine and will not have to be downloaded.

    I would think that there would be some way of indicating that local
    objects can be run, or that web pages from our site are safe or
    something.

    Unfortunately they seem to want to make this warning almost unstoppable
    Dave, Jun 21, 2005
    #11
  12. Dave

    Dave Guest

    Warning when scripting an ActiveX control, Part 2

    This seems even stranger. Consider this new version of the code from my
    original post:

    <html>

    <head>
    <script type="text/javascript">
    alert("one");
    var req1 = new ActiveXObject("Microsoft.XMLHTTP");
    alert("two");
    var Req2 = new ActiveXObject("WinHttp.WinHttpRequest.5.1");
    alert("three");
    </script>
    </head>

    <body>
    </body>

    </html>

    If I run this under IE6 (now SP2) I get alerts "one" and "two" and THEN
    a warning about active content.

    Why is IE happy with creating the first ActiveX object and not the
    second?

    (below is my first post on the subject for context)


    In article <>,
    noemail@anyaddressiown_invalid.com says...
    > I have this sample HTML code:
    >
    > <html>
    >
    > <head>
    > <script type="text/javascript">
    > var WinHttpReq = new ActiveXObject("WinHttp.WinHttpRequest.5.1");
    > </script>
    > </head>
    >
    > <body>
    > </body>
    >
    > </html>
    >
    > As you can see it really does nothing but instantiate an ActiveX
    > control.
    >
    > Loading the page off my desktop into IE6 results in this warning:
    >
    > "An ActiveX control on this page might be unsafe
    > to interact with other parts of the page. Do you
    > want to allow this interaction?"
    >
    > I'd like to turn this warning off since
    >
    > * It's not a random ActiveX control it's a standard MS component
    > * It's not being installed from the internet. It's being loaded and run
    > from the local machine.
    >
    > but from my reading I may not be able to do that. Does anyone know how
    > I can let IE6 know that it's safe to instantiate this object?
    >
    > Thanks
    >
    Dave, Jun 21, 2005
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Chris Zoper
    Replies:
    1
    Views:
    3,604
    Nicole Calinoiu
    Sep 10, 2004
  2. Ron Stephens
    Replies:
    23
    Views:
    2,767
    Ron Stephens
    Apr 12, 2004
  3. vml
    Replies:
    0
    Views:
    1,010
  4. Chris Zoper

    How to mark ActiveX control save for scripting

    Chris Zoper, Sep 7, 2004, in forum: ASP .Net Building Controls
    Replies:
    0
    Views:
    112
    Chris Zoper
    Sep 7, 2004
  5. Ben Katz
    Replies:
    0
    Views:
    117
    Ben Katz
    Jul 29, 2003
Loading...

Share This Page