How can I run a batch file on the client side? An exe file? Just to open pre-installed program in client side?
如何在客户端运行批处理文件?一个exe文件?只是在客户端打开预装程序?
[Edit]
Regarding ActiveX, I tried
关于ActiveX,我试过了
var activeXObj = new ActiveXObject("Shell.Application"); activeXObj.ShellExecute("C:\\WINDOWS\\NOTEPAD.EXE", "", "", "open", "1");but this doesn't work. Any suggestions?
但这不起作用。有什么建议?
7 个解决方案
#1
37
From Javascript? You can't. It's a security risk. Think about it - would you want every website to be able to run programs on your PC?
来自Javascript?你不能。这是一个安全风险。想一想 - 您希望每个网站都能在您的PC上运行程序吗?
#2
11
You mean launch an external program thru a browser window using JavaScript? No way you can do that! That's a goddamn security black hole!
你的意思是使用JavaScript通过浏览器窗口启动外部程序?你无法做到这一点!那是一个该死的安全黑洞!
#3
7
<script language="javascript" type="text/javascript"> function RunEXE(prog) { var oShell = new ActiveXObject("WScript.Shell"); oShell.Run('"' + prog + '"', 1); } </script>#4
5
Redirect the client to http://yourserver/batchfile.bat. Under some browsers, this will prompt the user to run the batch file.
将客户端重定向到http://yourserver/batchfile.bat。在某些浏览器下,这将提示用户运行批处理文件。
#5
5
If you really have control on the client, then you may want to install some remote daemon service on the client side, like SSH.
如果您真的可以控制客户端,那么您可能希望在客户端安装一些远程守护程序服务,例如SSH。
PS. Invoke it through your "server-code", however.
PS。但是,通过“服务器代码”调用它。
Updated:
Don't be discouraged. You can absolutely do that in safe manner.
不要气馁。你绝对可以安全地做到这一点。
-
First you need a daemon service on the client that will handle the task of invoking your application. Personally, I'd rather build simple rpc-server as windows-service with C++ or Delphi; but many other kinds of server could also do the job (SSH, Apache, Telnet)
首先,您需要在客户端上提供一个守护程序服务,该服务将处理调用您的应用程序的任务。就个人而言,我宁愿使用C ++或Delphi构建简单的rpc-server作为windows-service;但许多其他类型的服务器也可以完成这项工作(SSH,Apache,Telnet)
-
Then make a web pages that allow the user to "register" their services with proper authentication to invoke that service (password, security key)
然后创建一个网页,允许用户通过适当的身份验证“注册”他们的服务以调用该服务(密码,安全密钥)
-
When you want to invoke your application from web-page on the client that's already registered, make ajax call (xmlhttprequest) to your server.
如果要在已注册的客户端上从Web页面调用应用程序,请对服务器进行ajax调用(xmlhttprequest)。
-
The server should validate the requesting IP address with registered information.
服务器应使用注册信息验证请求的IP地址。
-
Then make a remote command invokation to the client with the registered information.
然后使用注册信息对客户端进行远程命令调用。
There can be some networking situation that this scheme might not work. However, if you really have control on the execution environment then there always be some workarounds.
可能存在一些网络情况,该方案可能无效。但是,如果您真的可以控制执行环境,那么总会有一些解决方法。
#6
3
If the problem is the batch file is being displayed in the browser you need to set Content-Type and Content-Disposition in the HTTP header so the user is prompted to Save (or Run) the file rather than have the browser display it.
如果问题是浏览器中显示批处理文件,则需要在HTTP标头中设置Content-Type和Content-Disposition,以提示用户保存(或运行)该文件,而不是让浏览器显示它。
You won't be able to run the file without an OK from the user but this shouldn't be a problem.
如果用户没有OK,您将无法运行该文件,但这应该不是问题。
Have a look at this question for a little more detail.
详细了解这个问题。
#7
0
Basically, you can't. If you need to launch something on the client side, you'll need another mechanism altogether, presumably one with some security built in. A previous poster mentioned psexec (http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx), which will obviously only work if you have appropriate permissions on the target system, and which is completely outside the browser.
基本上,你不能。如果你需要在客户端启动一些东西,你将需要另一种机制,大概是内置一些安全性的。前一张海报提到了psexec(http://technet.microsoft.com/en-us/sysinternals/bb897553 .aspx),显然只有在目标系统上具有适当的权限且完全在浏览器之外时才有效。
Basically, what you are asking for is a BIG, BIG, problem if you were able to do it easily.
基本上,如果你能够轻松地做到这一点,你要求的是一个大的,大的问题。
You might look into ActiveX, but I don't know what limits there are on an ActiveX object these days (I know there ARE limits, but perhaps you can work within them).
您可能会查看ActiveX,但我不知道这些天ActiveX对象有什么限制(我知道有限制,但也许您可以在其中工作)。
#1
37
From Javascript? You can't. It's a security risk. Think about it - would you want every website to be able to run programs on your PC?
来自Javascript?你不能。这是一个安全风险。想一想 - 您希望每个网站都能在您的PC上运行程序吗?
#2
11
You mean launch an external program thru a browser window using JavaScript? No way you can do that! That's a goddamn security black hole!
你的意思是使用JavaScript通过浏览器窗口启动外部程序?你无法做到这一点!那是一个该死的安全黑洞!
#3
7
<script language="javascript" type="text/javascript"> function RunEXE(prog) { var oShell = new ActiveXObject("WScript.Shell"); oShell.Run('"' + prog + '"', 1); } </script>#4
5
Redirect the client to http://yourserver/batchfile.bat. Under some browsers, this will prompt the user to run the batch file.
将客户端重定向到http://yourserver/batchfile.bat。在某些浏览器下,这将提示用户运行批处理文件。
#5
5
If you really have control on the client, then you may want to install some remote daemon service on the client side, like SSH.
如果您真的可以控制客户端,那么您可能希望在客户端安装一些远程守护程序服务,例如SSH。
PS. Invoke it through your "server-code", however.
PS。但是,通过“服务器代码”调用它。
Updated:
Don't be discouraged. You can absolutely do that in safe manner.
不要气馁。你绝对可以安全地做到这一点。
-
First you need a daemon service on the client that will handle the task of invoking your application. Personally, I'd rather build simple rpc-server as windows-service with C++ or Delphi; but many other kinds of server could also do the job (SSH, Apache, Telnet)
首先,您需要在客户端上提供一个守护程序服务,该服务将处理调用您的应用程序的任务。就个人而言,我宁愿使用C ++或Delphi构建简单的rpc-server作为windows-service;但许多其他类型的服务器也可以完成这项工作(SSH,Apache,Telnet)
-
Then make a web pages that allow the user to "register" their services with proper authentication to invoke that service (password, security key)
然后创建一个网页,允许用户通过适当的身份验证“注册”他们的服务以调用该服务(密码,安全密钥)
-
When you want to invoke your application from web-page on the client that's already registered, make ajax call (xmlhttprequest) to your server.
如果要在已注册的客户端上从Web页面调用应用程序,请对服务器进行ajax调用(xmlhttprequest)。
-
The server should validate the requesting IP address with registered information.
服务器应使用注册信息验证请求的IP地址。
-
Then make a remote command invokation to the client with the registered information.
然后使用注册信息对客户端进行远程命令调用。
There can be some networking situation that this scheme might not work. However, if you really have control on the execution environment then there always be some workarounds.
可能存在一些网络情况,该方案可能无效。但是,如果您真的可以控制执行环境,那么总会有一些解决方法。
#6
3
If the problem is the batch file is being displayed in the browser you need to set Content-Type and Content-Disposition in the HTTP header so the user is prompted to Save (or Run) the file rather than have the browser display it.
如果问题是浏览器中显示批处理文件,则需要在HTTP标头中设置Content-Type和Content-Disposition,以提示用户保存(或运行)该文件,而不是让浏览器显示它。
You won't be able to run the file without an OK from the user but this shouldn't be a problem.
如果用户没有OK,您将无法运行该文件,但这应该不是问题。
Have a look at this question for a little more detail.
详细了解这个问题。
#7
0
Basically, you can't. If you need to launch something on the client side, you'll need another mechanism altogether, presumably one with some security built in. A previous poster mentioned psexec (http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx), which will obviously only work if you have appropriate permissions on the target system, and which is completely outside the browser.
基本上,你不能。如果你需要在客户端启动一些东西,你将需要另一种机制,大概是内置一些安全性的。前一张海报提到了psexec(http://technet.microsoft.com/en-us/sysinternals/bb897553 .aspx),显然只有在目标系统上具有适当的权限且完全在浏览器之外时才有效。
Basically, what you are asking for is a BIG, BIG, problem if you were able to do it easily.
基本上,如果你能够轻松地做到这一点,你要求的是一个大的,大的问题。
You might look into ActiveX, but I don't know what limits there are on an ActiveX object these days (I know there ARE limits, but perhaps you can work within them).
您可能会查看ActiveX,但我不知道这些天ActiveX对象有什么限制(我知道有限制,但也许您可以在其中工作)。