ActiveX warning

[JasonSTI]

Good afternoon, all.

We are using a JavaScript on our CHM contents page to display the date modified of the file, so we can make sure we are testing the latest release (this probably won't be shipping out). Our Documentation computers are not having any issues (XP Home SP2), but two of the QA computers are (one XP Pro SP2 and one Vista Business release). They both display an ActiveX warning message:

activex_warning.gif

The script we are using is a modified version of the MSDN example:

Code: Select all

<SCRIPT Language="JavaScript">
<!--
   myActiveXObject = new ActiveXObject("Scripting.FileSystemObject");
   var X, Y, sl, a, ra, file;
   ra = /:/;
   a = location.href.search(ra);
   if (a == 2)
      X = 14;
   else
      X = 7;
   sl = "\\";
   Y = location.href.lastIndexOf(sl) + 1;
   file = myActiveXObject.GetFile(location.href.substring(X, Y)+'apmain.chm');
   Date.prototype.toDateString = function () {return [['January ', 'February ', 'March ', 'April ', 'May ', 'June ', 'July ', 'August ', 'September ', 'October ', 'November ', 'December '][this.getMonth()], this.getDate(), ', ', this.getFullYear()].join('')}
   document.write("Beta Updated: " + (new Date(file.DatelastModified).toDateString()));
//--></SCRIPT>

So it displays "Beta Updated: May 13, 2008". Clicking Yes displays this as normal, and clicking No generates a Javascript error, then displays the page without the line.

What would cause some computers to allow this, and some not to? All are running the file locally (as you must for client-side Javascript functions, and CHMs in general). We also use a variation of this code to launch our external tutorials (standalone DemoShield projects) and open the programs, which I'm sure will also cause this warning.

[RamonS]

The security profiles in IE are different. The systems showing the error do not allow for ActiveX controls to be run. That, by the way, is the common recommendation. ActiveX is very dangerous (maybe not in this case) and should never be used. While I see a place for ECMAScript it should be the exception and any dynamic content should be created server-side (not an option in CHMs).
Since this mod will not get shipped once help is released I'd say either change the IE security settings or have the users of the two systems live with that annoyance. And get that Vista box a real OS....

[JasonSTI]

The "Local Machine" profile in IE should not change tho, unless a Group Policy exists for that computer (which I verified is not the case). As far as I know, anything run locally (except in Vista's case, in a "secure" area like Program Files or the Windows directory) should be allowed. You cannot change the Local Machine zone profile in IE security, so thats not really an option (we could use regedit or a registry change in our installer, but that becomes legally problematic). And, like I mentioned, we use the same script to open other files (which requires the full path in the argument, even tho CHM cannot obtain that information without ActiveX), so this will still be an issue.

And we have to have VIsta for testing, since we are in the process of switching to CHM for the sole reason of being Vista compatible...

[RamonS]

Aha...well, anyway, screw Vista. The more people just ignore it the quicker it will go away, which is really the only good thing that can happen to Vista. I'd rather spend efforts to make things Mac and Linux compatible.

[Pete Lees]

Hi, Jason,

... we use the same script to open other files (which requires the full path in the argument, even tho CHM cannot obtain that information without ActiveX), so this will still be an issue.

Have you seen the following articles?

http://helpware.net/FAR/far_faq.htm#externalfile
http://helpware.net/FAR/far_faq.htm#Scr ... ernal_File

I don't believe that using an ActiveX control should be a prerequisite to obtaining the absolute path to an external file, but perhaps I'm misunderstanding what you're seeking to do.

Pete

[JasonSTI]

Sorry, I should have said you can't obtain the full path without Javascript, and I didn't believe you could execute a EXE file without ActiveX. I looked at the links you provided, however, and I will try to use the HH Shortcut method to see if this resolves the error. Thank you.

[JasonSTI]

Switching to HHCTRL shortcuts did resolve my issues with being able to open our multimedia tutorials and opening CHMs in their own window, so thank you very much for those links! I could not discover a way using HHCTRL to pull the Date Modified of the CHM file, but fortunately that portion is not slated to be in the final release to the customer. If anyone finds a way to do this, however, I'd be interested in finding out how.

The one thing that is unfortunate about HHCTRL objects is that Flare does not display them as they will appear when compiled. It would be nice to make sure it looks proper before compiling, but at least it does compile correctly.