An ActiveX control might be unsafe

G

G. Tarazi

An ActiveX control might be unsafe



How can I disable the "An ActiveX control might be unsafe . " message when I am running the InfoPath automation? Isn't InfoPath is a sand box and safe by default? Can I mark the jscrip in the web page as safe in anyway?



This is the code triggering the problem: its a java script in a web page, and trigared on load.



// Reference the InfoPath application module.

var IpApp = new ActiveXObject("InfoPath.Application");

var IpDocuments = IpApp.XDocuments;



// Open the document.

var IpDocument = IpDocuments.NewFromSolution(p_formTemplate);

var loadFromWs = IpDocument.DOM.selectSingleNode("/ipdoc:IxSystem/ipdoc:LoadFromWs");

// And pass the values.

loadFromWs .text = "true";
 
M

Matthew Blain \(Serriform\)

That control probably isn't safe, that code certainly isn't--imagine it running on a malicious site, opening up your form and entering some malicious data.

You can work around this by marking that page as coming from a trusted site using IE's security zone model.

--Matthew Blain
http://tips.serriform.com/



"G. Tarazi" <Tarazi (at) LiveTechnologies.ca> wrote in message An ActiveX control might be unsafe



How can I disable the "An ActiveX control might be unsafe . " message when I am running the InfoPath automation? Isn't InfoPath is a sand box and safe by default? Can I mark the jscrip in the web page as safe in anyway?



This is the code triggering the problem: its a java script in a web page, and trigared on load.



// Reference the InfoPath application module.

var IpApp = new ActiveXObject("InfoPath.Application");

var IpDocuments = IpApp.XDocuments;



// Open the document.

var IpDocument = IpDocuments.NewFromSolution(p_formTemplate);

var loadFromWs = IpDocument.DOM.selectSingleNode("/ipdoc:IxSystem/ipdoc:LoadFromWs");

// And pass the values.

loadFromWs .text = "true";
 
G

G. Tarazi

I have added it to the trusted sites, but I still have the same problem.



The trusted sites are not allowed to run unsafe controls, even if you put IE to minimum security (Win2K IE6 last SPs), they will prompt first.



"Initialize and script active x controls that are not marked as safe", if I change this option the problem will disappear.



Then my computer will be opened to run all unsafe controls in the trusted sites without asking me.



My point is, why all this security restrictions inside InfoPath, if the application is unsafe at the beginning.



I am not able to debug a trusted form without 20 workarounds and now a newly released script; I have a headache from all these security messages inside the application itself, like signing the form, referencing other controls, blh blh blh (which all of them maybe a good thing, and make me feel secure)



And now I just discovered, that the application itself is insecure :)



So why when I select "edit" an InfoPath form in SharePoint it's not complaining for anything, what is the mysteries script behind that, what is the secret?



That control probably isn't safe, that code certainly isn't--imagine it running on a malicious site, opening up your form and entering some malicious data.

You can work around this by marking that page as coming from a trusted site using IE's security zone model.

--Matthew Blain
http://tips.serriform.com/



"G. Tarazi" <Tarazi (at) LiveTechnologies.ca> wrote in message An ActiveX control might be unsafe



How can I disable the "An ActiveX control might be unsafe . " message when I am running the InfoPath automation? Isn't InfoPath is a sand box and safe by default? Can I mark the jscrip in the web page as safe in anyway?



This is the code triggering the problem: its a java script in a web page, and trigared on load.



// Reference the InfoPath application module.

var IpApp = new ActiveXObject("InfoPath.Application");

var IpDocuments = IpApp.XDocuments;



// Open the document.

var IpDocument = IpDocuments.NewFromSolution(p_formTemplate);

var loadFromWs = IpDocument.DOM.selectSingleNode("/ipdoc:IxSystem/ipdoc:LoadFromWs");

// And pass the values.

loadFromWs .text = "true";
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Form won't open from JavaScript 1
Error - This page provides potentially unsafe information to an ActiveX control. 0
ActiveX Control 3
Disable the prompt "....ActiveX controls that might be unsafe ..." 5
Active X Security Problem? 0
MS Word as an ActiveX Control 0
'About to initialize AcitveX controls that might be unsafe' when using owc 1
Clear infoPath template cache 0

Top