We're developing a site that will only run on the intranet, and computers with access to this intranet will have this executable installed. We can't have any "Would you like to open [filename].exe?" prompts. Click a link and the program begins running.
我们正在开发一个只能在Intranet上运行的站点,并且可以访问此Intranet的计算机将安装此可执行文件。我们不能有任何“你想打开[filename] .exe吗?”提示。单击一个链接,程序开始运行。
I realize that giving websites the ability to run executables on the client machine is very, very bad, but management refuses to budge on this.
我意识到让网站能够在客户端计算机上运行可执行文件非常非常糟糕,但是管理层拒绝让步。
Machines will have Windows (XP or up) with Firefox 3.
机器将使用Firefox 3的Windows(XP或更高版本)。
11 个解决方案
#1
We're developing a site that will only run on the intranet, and computers with access to this intranet will have this executable installed.
我们正在开发一个只能在Intranet上运行的站点,并且可以访问此Intranet的计算机将安装此可执行文件。
Does this mean the EXE is already installed on the desktop? You just want to launch it from the website?
这是否意味着EXE已经安装在桌面上?你只想从网站上发布它?
If so, you can associate the EXE with a MIME Content Type and when the user clicks it, it will launch.
如果是这样,您可以将EXE与MIME内容类型相关联,当用户单击它时,它将启动。
Pick a Content Type and a file extension, for your EXE name, for instance:
为您的EXE名称选择内容类型和文件扩展名,例如:
CauseChaos.exe Associated with .chaos file extenstion Content Type will be: application/chaos
Associate the file extension with your EXE via the EXE install. I show it here, using InnoSetup
通过EXE安装将文件扩展名与EXE相关联。我使用InnoSetup在这里展示
[Registry]
Root: HKCR; Subkey: .chaos; ValueType: string; ValueData: CauseChaos; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos; ValueType: string; ValueData: CauseChaos Tool; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos\DefaultIcon; ValueType: string; ValueData: {app}\CauseChaos.exe,0; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos\shell\open\command; ValueType: string; ValueData: "{app}\CauseChaos.exe ""%1"""; Flags: uninsdeletekeyAssociate the MIME content type with the file extension, through the EXE install.
通过EXE安装将MIME内容类型与文件扩展名相关联。
[Registry] (continued...)
Root: HKCR; Subkey: HKCR\Mime\Database\Content Type\application/chaos; ValueType: string; ValueName: Extension; ValueData: .chaos; Flags: uninsdeletevalue#2
Been there done that. MIME types (accepted answer at the moment I add this) requires a lot of configuring on client and server.This is quite a bit of work, and you end up with temporary files etc.
去过也做过。 MIME类型(我添加此时接受的答案)需要在客户端和服务器上进行大量配置。这是相当多的工作,你最终得到临时文件等。
Our solution was to add our own "Custom URL Protocol Handler". Basically, add URL type x-our-intranet and make your corporate app the URL handler for it. Now any link will start your corporate app, passing "x-our-intrenet:foo" as a command-line argument. All it takes is a client-side registry entry, similar to the MIME types.
我们的解决方案是添加我们自己的“自定义URL协议处理程序”。基本上,添加URL类型x-our-intranet并使您的公司应用程序成为它的URL处理程序。现在任何链接都将启动您的企业应用程序,将“x-our-intrenet:foo”作为命令行参数传递。它只需要一个客户端注册表项,类似于MIME类型。
#3
Try this JavaScript:
试试这个JavaScript:
function executeCommands(inputparms)
{
// Instantiate the Shell object and invoke its execute method.
var oShell = new ActiveXObject("Shell.Application");
var commandtoRun = "c:\windows\Notepad.exe";
// Invoke the execute method.
oShell.ShellExecute(commandtoRun, commandParms, "", "open", "1");
}
You will have to set the browser security settings accordingly, and this would work only in IE.
您必须相应地设置浏览器安全设置,这仅适用于IE。
#4
The only way I could possibly imagine this working is through some sort of ActiveX control which would run your executable, but I don't know how feasible that is with Firefox.
我可以想象这个工作的唯一方法是通过某种ActiveX控件运行你的可执行文件,但我不知道Firefox的可行性。
This should be one of those things where -you- should be refusing to budge on it, not management.
这应该是你应该拒绝让步的东西之一,而不是管理层。
#5
I recommend you take a look at Adobe Flex / Air, it is designed with this model in mind and the inherent security barn door that it opens.
我建议你看一下Adobe Flex / Air,它的设计考虑了这个型号以及它打开的固有安全谷仓门。
#6
I agree with the rest, I'm pretty sure you can't do this anymore (and especially in Firefox). This is how many of the spyware/adware programs got installed back in the day. You will have to take a stand and just tell management that its impossible.
我同意其余的,我很确定你不能再这样做了(特别是在Firefox中)。这是当天安装了多少间谍软件/广告软件程序。你必须采取立场,告诉管理层这是不可能的。
#7
An active X control is the easiest way. There is a plugin for firefox that allows you to host active X controls. Or you could just write an NS Plugin to handle this.
有效的X控件是最简单的方法。有一个firefox插件,允许您托管活动的X控件。或者你可以写一个NS插件来处理这个问题。
#8
This is an old article about web deployment of executables. I know this is possible using Internet Explorer (because of our fragmented development team we still have to support some of this). I don't know about the firefox implications.
这是一篇关于可执行文件的Web部署的旧文章。我知道这可以使用Internet Explorer(因为我们支离破碎的开发团队,我们仍然需要支持其中一些)。我不知道firefox的含义。
#9
Using a "file:///c:/Program Files/myprogs/myprog.exe" URL in the link used to work for IE. But, I have not tried this in a long time.
在用于IE的链接中使用“file:/// c:/ Program Files / myprogs / myprog.exe”URL。但是,我很久没有尝试过这个了。
I would recommend the MIME type method above or adding a special URI prefix "chaos://myparams" that is handled by that executable.
我建议使用上面的MIME类型方法或添加由该可执行文件处理的特殊URI前缀“chaos:// myparams”。
#10
I understand completely what you are wanting. All I read on the internet is people mentioning this is a big security breach etc... However, I dont guess they understand why you would want this implemented and I will explain why I need this and am working on a solution to this problem and am getting very close.
我完全理解你的想法。我在互联网上读到的只是人们提到这是一个很大的安全漏洞等等......但是,我不认为他们理解你为什么要这样实现,我会解释为什么我需要这个并且我正在努力解决这个问题,我越来越近了。
I have many different user applications, ex. Call Center, etc... I am currently working on a lockdown desktop that runs in Kiosk mode. All the user will see is a blue screen with some computer information and an IE icon. My goal is to run the Microsoft Office, and some internal Client/Server apps from this page. It works perfectly fine as everything is still there just my users cannot see it. However, I'm having the same issues as you. My network is very secure utilizing MPLS, internal and external managed Routers, Firewalls/ASA's, and plenty of security professionals. Plus, this is strictly INTERNAL only. So, in my opinion its perfectly ok. So, if I come up with some sort of workaround solution for this I will post it.
我有很多不同的用户应用程序,例如。呼叫中心等...我目前正在研究一种在Kiosk模式下运行的锁定桌面。所有用户都会看到一个带有一些计算机信息和IE图标的蓝屏。我的目标是从此页面运行Microsoft Office和一些内部客户端/服务器应用程序。它工作得很好,因为一切都还在那里,只是我的用户看不到它。但是,我遇到了和你一样的问题。我的网络使用MPLS,内部和外部管理路由器,防火墙/ ASA以及大量安全专业人员非常安全。另外,这仅限于INTERNAL。所以,在我看来,它完全可以。所以,如果我想出一些解决方法,我会发布它。
#11
I don't even know if that is possible. As mentioned above maybe using an ActiveX control, but then you are going to have problems with browser support and people's security settings. Not to mention the moral implications of you hijacking someone's PC.
我甚至不知道这是否可能。如上所述,可能使用ActiveX控件,但随后您将遇到浏览器支持和人员安全设置方面的问题。更不用说你劫持某人PC的道德含义了。
#1
We're developing a site that will only run on the intranet, and computers with access to this intranet will have this executable installed.
我们正在开发一个只能在Intranet上运行的站点,并且可以访问此Intranet的计算机将安装此可执行文件。
Does this mean the EXE is already installed on the desktop? You just want to launch it from the website?
这是否意味着EXE已经安装在桌面上?你只想从网站上发布它?
If so, you can associate the EXE with a MIME Content Type and when the user clicks it, it will launch.
如果是这样,您可以将EXE与MIME内容类型相关联,当用户单击它时,它将启动。
Pick a Content Type and a file extension, for your EXE name, for instance:
为您的EXE名称选择内容类型和文件扩展名,例如:
CauseChaos.exe Associated with .chaos file extenstion Content Type will be: application/chaos
Associate the file extension with your EXE via the EXE install. I show it here, using InnoSetup
通过EXE安装将文件扩展名与EXE相关联。我使用InnoSetup在这里展示
[Registry]
Root: HKCR; Subkey: .chaos; ValueType: string; ValueData: CauseChaos; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos; ValueType: string; ValueData: CauseChaos Tool; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos\DefaultIcon; ValueType: string; ValueData: {app}\CauseChaos.exe,0; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos\shell\open\command; ValueType: string; ValueData: "{app}\CauseChaos.exe ""%1"""; Flags: uninsdeletekeyAssociate the MIME content type with the file extension, through the EXE install.
通过EXE安装将MIME内容类型与文件扩展名相关联。
[Registry] (continued...)
Root: HKCR; Subkey: HKCR\Mime\Database\Content Type\application/chaos; ValueType: string; ValueName: Extension; ValueData: .chaos; Flags: uninsdeletevalue#2
Been there done that. MIME types (accepted answer at the moment I add this) requires a lot of configuring on client and server.This is quite a bit of work, and you end up with temporary files etc.
去过也做过。 MIME类型(我添加此时接受的答案)需要在客户端和服务器上进行大量配置。这是相当多的工作,你最终得到临时文件等。
Our solution was to add our own "Custom URL Protocol Handler". Basically, add URL type x-our-intranet and make your corporate app the URL handler for it. Now any link will start your corporate app, passing "x-our-intrenet:foo" as a command-line argument. All it takes is a client-side registry entry, similar to the MIME types.
我们的解决方案是添加我们自己的“自定义URL协议处理程序”。基本上,添加URL类型x-our-intranet并使您的公司应用程序成为它的URL处理程序。现在任何链接都将启动您的企业应用程序,将“x-our-intrenet:foo”作为命令行参数传递。它只需要一个客户端注册表项,类似于MIME类型。
#3
Try this JavaScript:
试试这个JavaScript:
function executeCommands(inputparms)
{
// Instantiate the Shell object and invoke its execute method.
var oShell = new ActiveXObject("Shell.Application");
var commandtoRun = "c:\windows\Notepad.exe";
// Invoke the execute method.
oShell.ShellExecute(commandtoRun, commandParms, "", "open", "1");
}
You will have to set the browser security settings accordingly, and this would work only in IE.
您必须相应地设置浏览器安全设置,这仅适用于IE。
#4
The only way I could possibly imagine this working is through some sort of ActiveX control which would run your executable, but I don't know how feasible that is with Firefox.
我可以想象这个工作的唯一方法是通过某种ActiveX控件运行你的可执行文件,但我不知道Firefox的可行性。
This should be one of those things where -you- should be refusing to budge on it, not management.
这应该是你应该拒绝让步的东西之一,而不是管理层。
#5
I recommend you take a look at Adobe Flex / Air, it is designed with this model in mind and the inherent security barn door that it opens.
我建议你看一下Adobe Flex / Air,它的设计考虑了这个型号以及它打开的固有安全谷仓门。
#6
I agree with the rest, I'm pretty sure you can't do this anymore (and especially in Firefox). This is how many of the spyware/adware programs got installed back in the day. You will have to take a stand and just tell management that its impossible.
我同意其余的,我很确定你不能再这样做了(特别是在Firefox中)。这是当天安装了多少间谍软件/广告软件程序。你必须采取立场,告诉管理层这是不可能的。
#7
An active X control is the easiest way. There is a plugin for firefox that allows you to host active X controls. Or you could just write an NS Plugin to handle this.
有效的X控件是最简单的方法。有一个firefox插件,允许您托管活动的X控件。或者你可以写一个NS插件来处理这个问题。
#8
This is an old article about web deployment of executables. I know this is possible using Internet Explorer (because of our fragmented development team we still have to support some of this). I don't know about the firefox implications.
这是一篇关于可执行文件的Web部署的旧文章。我知道这可以使用Internet Explorer(因为我们支离破碎的开发团队,我们仍然需要支持其中一些)。我不知道firefox的含义。
#9
Using a "file:///c:/Program Files/myprogs/myprog.exe" URL in the link used to work for IE. But, I have not tried this in a long time.
在用于IE的链接中使用“file:/// c:/ Program Files / myprogs / myprog.exe”URL。但是,我很久没有尝试过这个了。
I would recommend the MIME type method above or adding a special URI prefix "chaos://myparams" that is handled by that executable.
我建议使用上面的MIME类型方法或添加由该可执行文件处理的特殊URI前缀“chaos:// myparams”。
#10
I understand completely what you are wanting. All I read on the internet is people mentioning this is a big security breach etc... However, I dont guess they understand why you would want this implemented and I will explain why I need this and am working on a solution to this problem and am getting very close.
我完全理解你的想法。我在互联网上读到的只是人们提到这是一个很大的安全漏洞等等......但是,我不认为他们理解你为什么要这样实现,我会解释为什么我需要这个并且我正在努力解决这个问题,我越来越近了。
I have many different user applications, ex. Call Center, etc... I am currently working on a lockdown desktop that runs in Kiosk mode. All the user will see is a blue screen with some computer information and an IE icon. My goal is to run the Microsoft Office, and some internal Client/Server apps from this page. It works perfectly fine as everything is still there just my users cannot see it. However, I'm having the same issues as you. My network is very secure utilizing MPLS, internal and external managed Routers, Firewalls/ASA's, and plenty of security professionals. Plus, this is strictly INTERNAL only. So, in my opinion its perfectly ok. So, if I come up with some sort of workaround solution for this I will post it.
我有很多不同的用户应用程序,例如。呼叫中心等...我目前正在研究一种在Kiosk模式下运行的锁定桌面。所有用户都会看到一个带有一些计算机信息和IE图标的蓝屏。我的目标是从此页面运行Microsoft Office和一些内部客户端/服务器应用程序。它工作得很好,因为一切都还在那里,只是我的用户看不到它。但是,我遇到了和你一样的问题。我的网络使用MPLS,内部和外部管理路由器,防火墙/ ASA以及大量安全专业人员非常安全。另外,这仅限于INTERNAL。所以,在我看来,它完全可以。所以,如果我想出一些解决方法,我会发布它。
#11
I don't even know if that is possible. As mentioned above maybe using an ActiveX control, but then you are going to have problems with browser support and people's security settings. Not to mention the moral implications of you hijacking someone's PC.
我甚至不知道这是否可能。如上所述,可能使用ActiveX控件,但随后您将遇到浏览器支持和人员安全设置方面的问题。更不用说你劫持某人PC的道德含义了。