IE中嵌入的.NET Applet和ActiveX控件有什么区别

时间:2022-01-19 15:58:48

I have come across some articles on the web about .Net applets and I was wondering how it differed from an activex control (created using a .Net language)? (to clarify, this is with regards to applets that run inside a web-browser)

我在网上看到一些关于.Net applets的文章,我想知道它与activex控件(使用.Net语言创建)有何不同? (澄清一下,这是关于在Web浏览器中运行的applet)

(Is the difference: ActiveX controls written in a .Net language are called .Net Applets?)

(区别是:用.Net语言编写的ActiveX控件被称为.Net Applets?)

Are there any advantages in using one over the other?

使用一个优于另一个有什么优势吗?

Also, what does Microsoft reference this technology as? (A search on MSDN doesnt bring anything up called .Net Applets!)

此外,Microsoft将此技术引用为什么? (在MSDN上搜索不会带来任何名为.Net Applets的内容!)

ps: from what I can see ActiveX controls need to be COM registered, whereas .Net applets dont. Also, in the web-page, activeX controls are referenced using their CLSID, whereas the .NET applets seem to be referenced by a full name (path, dll name, namespace and class)

ps:从我所看到的ActiveX控件需要COM注册,而.Net applets不。此外,在Web页面中,使用其CLSID引用activeX控件,而.NET applet似乎由全名(路径,DLL名称,名称空间和类)引用

3 个解决方案

#1


ActiveX controls are simply COM objects that, at a minimum, implement IUnknown. Recent versions of IE have started to also require the object to implement IObjectSafety. To do anything useful, the object needs to implement some other Ole interfaces as well, such as IDispatch, IOleObject, etc. The object needs to be create-able via CoCreateInstance() which means you have to register it in some way with the registry. You don't have to use a guid in the tag, you can also use the AppId if you register one.

ActiveX控件只是COM对象,至少可以实现IUnknown。最新版本的IE已经开始要求该对象实现IObjectSafety。要做任何有用的事情,对象还需要实现一些其他Ole接口,例如IDispatch,IOleObject等。对象需要通过CoCreateInstance()创建,这意味着你必须以某种方式注册它。您不必在标签中使用guid,如果您注册了一个,也可以使用AppId。

You can also write some managed code and get that running inside IE as well. The way that works is the CLR registers a MIME filter when it is installed. Then when IE sees you're sending down something of the proper mime type, it hands the code off to the CLR to handle. The CLR does sandbox the code to the extent that it is only granted Internet permissions, so it can't do everything the framework exposes. You'll have to check specific documentation for what can and can't be done in this security zone.

您也可以编写一些托管代码,并在IE中运行。可行的方法是CLR在安装时注册MIME过滤器。然后,当IE看到你正在发送一些正确的mime类型时,它会将代码交给CLR来处理。 CLR将代码沙箱化到只授予Internet权限的程度,因此它无法执行框架公开的所有操作。您必须检查特定文档,了解在此安全区域中可以执行和不可执行的操作。

Some trade-offs:

Ease of Installation: ActiveX controls require you to pack everything up into a .CAB file with an .INI file that describes the installation requirements in a fairly cryptic manner. If you have to install additional dependencies with your modules (such as ATL/MFC dlls, or other third party modules) it gets pretty tricky. With the .net module, you just send it down with the right MIME type, but you have to make sure your users have the right version of the framework (which you can check via user agent string on your website).

易于安装:ActiveX控件要求您将所有内容打包到带有.INI文件的.CAB文件中,该文件以相当神秘的方式描述安装要求。如果必须在模块上安装其他依赖项(例如ATL / MFC dll或其他第三方模块),那将非常棘手。使用.net模块,您只需使用正确的MIME类型发送它,但您必须确保您的用户拥有正确的框架版本(您可以通过网站上的用户代理字符串进行检查)。

Security: ActiveX controls are just native code running on the users system, so in theory they can do whatever they want. In practice LoRIE limits it in many cases and you have to do a bunch of special casing of things like Registry and File System access (see Understanding and Working in Protected Mode).

安全性:ActiveX控件只是在用户系统上运行的本机代码,因此理论上它们可以做任何他们想做的事情。在实践中,LoRIE在许多情况下限制它,你必须做一些特殊的外壳,如注册表和文件系统访问(请参阅了解和在保护模式下工作)。

Threading: Since ActiveX controls run on the browsers UI thread, you have to make sure you don't do long blocking operations on that thread, so you have to do the threading yourself. If your long blocking operation manipulates the DOM, you have to Marshal the IHTMLxxx interfaces yourself, either using the GIT or COM Marshalling functions. I'm not sure if the .net applets run on the browsers UI thread or not, but it's easier to handle in C# I'm sure.

线程:由于ActiveX控件在浏览器UI线程上运行,因此您必须确保不对该线程执行长时间的阻塞操作,因此您必须自己进行线程处理。如果长时间阻塞操作操纵DOM,则必须使用GIT或COM编组功能自行编组IHTMLxxx接口。我不确定.net小程序是否在浏览器UI线程上运行,但在C#中处理起来更容易我确定。

Browser Objects: If you want to use IE / Shell objects in your managed extension, you have to write the interop yourself most of the time since the Framework doesn't do a great job of wrapping those interfaces in managed objects. See http://pinvoke.net to get a little help getting started.

浏览器对象:如果要在托管扩展中使用IE / Shell对象,则必须在大多数时间自己编写互操作,因为框架不能很好地将这些接口包装在托管对象中。请访问http://pinvoke.net以获得一些帮助。

Compatibility: There are issues with hosting different versions of the runtime in the same process. Until recently it wasn't possible at all, but I think with the 3.x versions it has started to become possible to an extent. The upshot is if you target .net 2.0 and someone else already loaded .net 1.0 as part of their browser extension, you lose. In general IE and the Windows Shell don't support managed extensions. This .net app MIME filter stuff may be a notable exception, but be aware that there may be potential issues.

兼容性:在同一进程中托管不同版本的运行时存在问题。直到最近它根本不可能,但我认为3.x版本已经开始在一定程度上成为可能。结果是如果你的目标.net 2.0和其他人已经加载.net 1.0作为他们的浏览器扩展的一部分,你输了。通常,IE和Windows Shell不支持托管扩展。这个.net应用程序MIME过滤器的东西可能是一个值得注意的例外,但请注意可能存在潜在问题。

#2


"ActiveX control (created using a .Net language)" and ".NET applet" are both slang for ".NET assembly hosted in IE".

“ActiveX控件(使用.Net语言创建)”和“.NET applet”都是“在IE中托管的.NET程序集”的俚语。

In fact, .NET assemblies can be hosted in a variety of applications. See:

实际上,.NET程序集可以托管在各种应用程序中。看到:

Creating a Host to the .NET Common Language Runtime

创建.NET公共语言运行库的主机

#3


ActiveX controls don't have the same security restrictions than .NET applets, that can be an advantage or disadvantage depending on what you want to do. .NET applets are in general easier to develop, ActiveX you create with VB6 or C++.

ActiveX控件与.NET小程序没有相同的安全限制,这可能是一个优点或缺点,具体取决于您要执行的操作。 .NET applet通常更容易开发,使用VB6或C ++创建的ActiveX。

#1


ActiveX controls are simply COM objects that, at a minimum, implement IUnknown. Recent versions of IE have started to also require the object to implement IObjectSafety. To do anything useful, the object needs to implement some other Ole interfaces as well, such as IDispatch, IOleObject, etc. The object needs to be create-able via CoCreateInstance() which means you have to register it in some way with the registry. You don't have to use a guid in the tag, you can also use the AppId if you register one.

ActiveX控件只是COM对象,至少可以实现IUnknown。最新版本的IE已经开始要求该对象实现IObjectSafety。要做任何有用的事情,对象还需要实现一些其他Ole接口,例如IDispatch,IOleObject等。对象需要通过CoCreateInstance()创建,这意味着你必须以某种方式注册它。您不必在标签中使用guid,如果您注册了一个,也可以使用AppId。

You can also write some managed code and get that running inside IE as well. The way that works is the CLR registers a MIME filter when it is installed. Then when IE sees you're sending down something of the proper mime type, it hands the code off to the CLR to handle. The CLR does sandbox the code to the extent that it is only granted Internet permissions, so it can't do everything the framework exposes. You'll have to check specific documentation for what can and can't be done in this security zone.

您也可以编写一些托管代码,并在IE中运行。可行的方法是CLR在安装时注册MIME过滤器。然后,当IE看到你正在发送一些正确的mime类型时,它会将代码交给CLR来处理。 CLR将代码沙箱化到只授予Internet权限的程度,因此它无法执行框架公开的所有操作。您必须检查特定文档,了解在此安全区域中可以执行和不可执行的操作。

Some trade-offs:

Ease of Installation: ActiveX controls require you to pack everything up into a .CAB file with an .INI file that describes the installation requirements in a fairly cryptic manner. If you have to install additional dependencies with your modules (such as ATL/MFC dlls, or other third party modules) it gets pretty tricky. With the .net module, you just send it down with the right MIME type, but you have to make sure your users have the right version of the framework (which you can check via user agent string on your website).

易于安装:ActiveX控件要求您将所有内容打包到带有.INI文件的.CAB文件中,该文件以相当神秘的方式描述安装要求。如果必须在模块上安装其他依赖项(例如ATL / MFC dll或其他第三方模块),那将非常棘手。使用.net模块,您只需使用正确的MIME类型发送它,但您必须确保您的用户拥有正确的框架版本(您可以通过网站上的用户代理字符串进行检查)。

Security: ActiveX controls are just native code running on the users system, so in theory they can do whatever they want. In practice LoRIE limits it in many cases and you have to do a bunch of special casing of things like Registry and File System access (see Understanding and Working in Protected Mode).

安全性:ActiveX控件只是在用户系统上运行的本机代码,因此理论上它们可以做任何他们想做的事情。在实践中,LoRIE在许多情况下限制它,你必须做一些特殊的外壳,如注册表和文件系统访问(请参阅了解和在保护模式下工作)。

Threading: Since ActiveX controls run on the browsers UI thread, you have to make sure you don't do long blocking operations on that thread, so you have to do the threading yourself. If your long blocking operation manipulates the DOM, you have to Marshal the IHTMLxxx interfaces yourself, either using the GIT or COM Marshalling functions. I'm not sure if the .net applets run on the browsers UI thread or not, but it's easier to handle in C# I'm sure.

线程:由于ActiveX控件在浏览器UI线程上运行,因此您必须确保不对该线程执行长时间的阻塞操作,因此您必须自己进行线程处理。如果长时间阻塞操作操纵DOM,则必须使用GIT或COM编组功能自行编组IHTMLxxx接口。我不确定.net小程序是否在浏览器UI线程上运行,但在C#中处理起来更容易我确定。

Browser Objects: If you want to use IE / Shell objects in your managed extension, you have to write the interop yourself most of the time since the Framework doesn't do a great job of wrapping those interfaces in managed objects. See http://pinvoke.net to get a little help getting started.

浏览器对象:如果要在托管扩展中使用IE / Shell对象,则必须在大多数时间自己编写互操作,因为框架不能很好地将这些接口包装在托管对象中。请访问http://pinvoke.net以获得一些帮助。

Compatibility: There are issues with hosting different versions of the runtime in the same process. Until recently it wasn't possible at all, but I think with the 3.x versions it has started to become possible to an extent. The upshot is if you target .net 2.0 and someone else already loaded .net 1.0 as part of their browser extension, you lose. In general IE and the Windows Shell don't support managed extensions. This .net app MIME filter stuff may be a notable exception, but be aware that there may be potential issues.

兼容性:在同一进程中托管不同版本的运行时存在问题。直到最近它根本不可能,但我认为3.x版本已经开始在一定程度上成为可能。结果是如果你的目标.net 2.0和其他人已经加载.net 1.0作为他们的浏览器扩展的一部分,你输了。通常,IE和Windows Shell不支持托管扩展。这个.net应用程序MIME过滤器的东西可能是一个值得注意的例外,但请注意可能存在潜在问题。

#2


"ActiveX control (created using a .Net language)" and ".NET applet" are both slang for ".NET assembly hosted in IE".

“ActiveX控件(使用.Net语言创建)”和“.NET applet”都是“在IE中托管的.NET程序集”的俚语。

In fact, .NET assemblies can be hosted in a variety of applications. See:

实际上,.NET程序集可以托管在各种应用程序中。看到:

Creating a Host to the .NET Common Language Runtime

创建.NET公共语言运行库的主机

#3


ActiveX controls don't have the same security restrictions than .NET applets, that can be an advantage or disadvantage depending on what you want to do. .NET applets are in general easier to develop, ActiveX you create with VB6 or C++.

ActiveX控件与.NET小程序没有相同的安全限制,这可能是一个优点或缺点,具体取决于您要执行的操作。 .NET applet通常更容易开发,使用VB6或C ++创建的ActiveX。