Sign in to follow this  
Followers 0
cabyrc

Creating WebBrowser control with WSH enabled in it

4 posts in this topic

Hi all,

I'm wondering, how can I create an embedded IE instance in my AutoIt application where I would have WSH disabled and no warnings shown when wsh is executed? Microsoft suggests the following: http://msdn.microsoft.com/en-us/library/ie/ms537182%28v=vs.85%29.aspx (Implementing a Custom Security Manager), but it's in C++. Is it anyhow possible with AutoIt?

Thanks!

Share this post


Link to post
Share on other sites



I don't have a specific answer, but as a word of warning Microsoft are all too keen on doing this kind of thing where IE is given special priveleges to access the local filesystem. The issue is that it's hard to tell if there might be ways of exploiting it from external websites.

I'd look for a safer method of implementing whatever it is you're doing.

Share this post


Link to post
Share on other sites

The way for sure exists, and I saw working C++ implementations. I know that it might sound insecure, but for my case this is the easiest and fastest way.

And I don't think it's not really safe. I just need WSH script that would have some interactions with HTML. The html file will be a local one, and thus no real security issues.

Share this post


Link to post
Share on other sites

What matters is not what happens with a local file, but whether the security relaxation can be exploited by an external website. Can you be certain that is not the case? 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0