Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to allow certain scripts from certain trusted domains to run

Status
Not open for further replies.
wchull

wchull

MIS
Jun 14, 2001
93
US
We have an application (Siebel v 8.0) that requires a work-around for a GUI interface problem. The problem with the work around is that it must be initiated from within IE and the code needed to fix the problem opens an instance of ActiveXObject. Here's a snippet of code:

var myShell = new ActiveXObject("WScript.Shell");
var strExe = this.BusComp().GetFieldValue("FullPath");
var strExeWinStyle = this.BusComp().GetFieldValue("WindowStyle");
ar strCommand = strQuote + strExe + strQuote + "{TAB}{TAB}{TAB}" + ", " + strExeWinStyle;
myShell.Run (strCommand);

The problem is that with Windows XP, SP2 ActiveXObject is not considered trusted and opens a prompt on screen asking for comfirmation that it is OK to execute the command and this is not acceptable to the user community. As a work-around to the prompting issue, the application vendor suggested that a modification to the Wscript.Shell CLSID be made to the registry that would make any shelled execution be "Trusted for Scripting" and "Trusted for Initialization". At this point, our IT Security department is concerned about the implications of doing this as it seems to open a vulnerability on our workstations.

So....... Does anyone know of another way to allow this code to run on the machine without the prompt but without having to change the context of Wscript.shell?

Any help would be appreciated.
 
Sort by date Sort by votes
I may very well be wrong, but I thought the traditional way of getting around this was to use signed scripts. You might look into that.
 
Upvote 0 Downvote
Add that server to your trusted sites and allow your trusted sites to execute unsigned ActiveX.

Cheers,
Dian
 
Upvote 0 Downvote
The way I read this, it wasn't a server, but a local file with a local ActiveX in it. I don't think the "trusted sites" thing will help.

It is true that MOTW might help, but even then, I think that IE will complain about an unsigned activex trying to run. I think it needs to be a signed control to get around IE's complaints.
 
Upvote 0 Downvote
Thanks for the replys. Turns out that this is a temporary problem that Siebel is going to resolve in several weeks. Since it is temporary we were able to change IE through a group policy to allow things to work and the plan is to follow up with the development guys when the Siebel code has been fixed to change IE back so that it does not trust and remove the temporary fix.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

moveit
  • Locked
  • Question
Firefox will not let me sign in to my Tesco account
Replies
4
Views
364
teknance
teknance
Soisoi23
  • Locked
  • Question
Where to find a secure proxy?
Replies
4
Views
144
Mike Lewis
Mike Lewis
Tedwhite
  • Locked
  • Question
How To Fix Firefox Freezing Issue In Windows 10?
Replies
2
Views
219
Tedwhite
Tedwhite
weberm
  • Locked
  • Question
How do I keep the Favorites bar from reappearing in Windows 10? 1
Replies
2
Views
146
Finsery
Finsery
demigod7
  • Locked
  • Question
No internet in browser even after being connected to the internet
Replies
1
Views
201
xwb
xwb

Part and Inventory Search

Sponsor

Back
Top