IE Script Security Settings
I am writing HTML for the intranet site, and am using script to open Word
documents in Word, using CreateObject("Word.Application").
To make this work requires setting a security option in IE. That is:Initialise
and Script ActiveX controls not marked as safe. It must be set to Enable
or Prompt.
This setting is different for each user of the machine.
How can I make this setting apply to everyone, or how can I make this CreateObject
"safe"?
[485 byte] By [
Chris] at [2007-11-9 23:50:32]
# 1 Re: IE Script Security Settings
"Chris" <firth@nor.com.au> wrote in message news:39a22843$1@news.dev-archive.com...
> How can I make this setting apply to everyone, or how can I make this
CreateObject
> "safe"?
I hope you are only modifying the Trusted Sites Zone settings and not the
Internet Zone settings. What you are proposing is an extremely dangerous
move in either case. If you allow client side browser script to open word
documents, then you are setting your clients up for major virus problems
down the road. Personally, I wouldn't let a web site talk me into lowering
my security settings. But, as a web developer, I did that exact thing to my
clients...
I took a slightly different approach when I needed my clients to run
"dangerous" controls, etc. in IE. I didn't feel it proper to tamper or
lower any of their security settings, so I created a completely new Security
Zone in the registry with low security settings, then added my server IP
address into it. This way I was sure that the security holes that I created
on the client PC could only be used by my web server. This of course means
that I have complete control to do anything I want to their PCs. They have
to trust me not to. To do this, I created a Wise script that made the
necessary registry changes. I can mail you the script if you want.
However, I believe that these setting as you point out were only for the
currently logged in user. I think that any others who used the PC also had
to run my script. Sorry, I didn't investigate it very far.
-Rich
# 2 Re: IE Script Security Settings
Rich is 100% correct - do not change the settings for the zones unless you
ABSOLUTELY must do so, rather add sites to zones.
mh
"Rich Bramande" <rich
b500@hotmail.com> wrote:
>"Chris" <firth@nor.com.au> wrote in message news:39a22843$1@news.dev-archive.com...
>> How can I make this setting apply to everyone, or how can I make this
>CreateObject
>> "safe"?
>I hope you are only modifying the Trusted Sites Zone settings and not the
>Internet Zone settings. What you are proposing is an extremely dangerous
>move in either case. If you allow client side browser script to open word
>documents, then you are setting your clients up for major virus problems
>down the road. Personally, I wouldn't let a web site talk me into lowering
>my security settings. But, as a web developer, I did that exact thing to
my
>clients...
>
>I took a slightly different approach when I needed my clients to run
>"dangerous" controls, etc. in IE. I didn't feel it proper to tamper or
>lower any of their security settings, so I created a completely new Security
>Zone in the registry with low security settings, then added my server IP
>address into it. This way I was sure that the security holes that I created
>on the client PC could only be used by my web server. This of course means
>that I have complete control to do anything I want to their PCs. They have
>to trust me not to. To do this, I created a Wise script that made the
>necessary registry changes. I can mail you the script if you want.
>However, I believe that these setting as you point out were only for the
>currently logged in user. I think that any others who used the PC also
had
>to run my script. Sorry, I didn't investigate it very far.
>
>-Rich
>
>
# 3 Re: IE Script Security Settings
Agreed, if they are 'captured' clients you could try deploying a 'branded'
IE distribution using the IE Administration kit. Search IEAK at
http://msdn.microsoft.com to locate.
"Michael Howard" <mikehow@microsoft.com> wrote in message
news:39a6b005$1@news.dev-archive.com...
>
> Rich is 100% correct - do not change the settings for the zones unless you
> ABSOLUTELY must do so, rather add sites to zones.
>
> mh
>
> "Rich Bramande" <rich
> b500@hotmail.com> wrote:
> >"Chris" <firth@nor.com.au> wrote in message
news:39a22843$1@news.dev-archive.com...
> >> How can I make this setting apply to everyone, or how can I make this
> >CreateObject
> >> "safe"?
> >I hope you are only modifying the Trusted Sites Zone settings and not the
> >Internet Zone settings. What you are proposing is an extremely dangerous
> >move in either case. If you allow client side browser script to open
word
> >documents, then you are setting your clients up for major virus problems
> >down the road. Personally, I wouldn't let a web site talk me into
lowering
> >my security settings. But, as a web developer, I did that exact thing to
> my
> >clients...
> >
> >I took a slightly different approach when I needed my clients to run
> >"dangerous" controls, etc. in IE. I didn't feel it proper to tamper or
> >lower any of their security settings, so I created a completely new
Security
> >Zone in the registry with low security settings, then added my server IP
> >address into it. This way I was sure that the security holes that I
created
> >on the client PC could only be used by my web server. This of course
means
> >that I have complete control to do anything I want to their PCs. They
have
> >to trust me not to. To do this, I created a Wise script that made the
> >necessary registry changes. I can mail you the script if you want.
> >However, I believe that these setting as you point out were only for the
> >currently logged in user. I think that any others who used the PC also
> had
> >to run my script. Sorry, I didn't investigate it very far.
> >
> >-Rich
> >
> >
>
