An activex control on this page might be unsafe

8
votes

I created a com component in C#, which I registered by using Regasm. I am able now to use this in IE by using ActiveXObject(...). However this only works when I change my IE security settings and allow to run unsigned activex controls, in which case I get the message:

An ActiveX control on this page might be unsafe to interact with other parts of the page. Do you want to allow this interaction?

I always want IE to allow this interaction without the prompt. Does anybody know how this can be done?

Thanks

6
activex

6 Answers

5
votes

Your ActiveX control must implement the IObjectSafety interface in order for IE to stop showing the "unsafe?" prompt. I did this several years ago for a VB6 ActiveX control. In the 5th step of This page is shown how to do it in .Net.

3
votes

I have already faced this problem.After long walk i have solved this problem.In your activeX class simply inherit IObjectSafety class.See the image bellow : enter image description here

IObjectSafety Class given bellow:

 [ComImport, GuidAttribute("CB5BDC81-93C1-11CF-8F20-00805F2CD064")]
[InterfaceTypeAttribute(ComInterfaceType.InterfaceIsIUnknown)]
public interface IObjectSafety
{
    [PreserveSig]
    int GetInterfaceSafetyOptions(ref Guid riid,[MarshalAs(UnmanagedType.U4)] ref int pdwSupportedOptions,[MarshalAs(UnmanagedType.U4)] ref int pdwEnabledOptions);

    [PreserveSig()]
    int SetInterfaceSafetyOptions(ref Guid riid,[MarshalAs(UnmanagedType.U4)] int dwOptionSetMask,[MarshalAs(UnmanagedType.U4)] int dwEnabledOptions);
}
public class IObjectSafetyImpl : IObjectSafety
 {
     private const string _IID_IDispatch = "{00020400-0000-0000-C000-000000000046}";
     private const string _IID_IDispatchEx = "{a6ef9860-c720-11d0-9337-00a0c90dcaa9}";
     private const string _IID_IPersistStorage = "{0000010A-0000-0000-C000-000000000046}";
     private const string _IID_IPersistStream = "{00000109-0000-0000-C000-000000000046}";
     private const string _IID_IPersistPropertyBag = "{37D84F60-42CB-11CE-8135-00AA004BB851}";

     private const int INTERFACESAFE_FOR_UNTRUSTED_CALLER = 0x00000001;
     private const int INTERFACESAFE_FOR_UNTRUSTED_DATA = 0x00000002;
     private const int _OK = 0;
     private const int _FAIL = unchecked((int)0x80004005);
     private const int _NOINTERFACE = unchecked((int)0x80004002);

     private bool _fSafeForScripting = true;
     private bool _fSafeForInitializing = true;

     public int GetInterfaceSafetyOptions(ref Guid riid, ref int pdwSupportedOptions, ref int pdwEnabledOptions)
     {
         int Result = _FAIL;

         string strGUID = riid.ToString("B");
         pdwSupportedOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER | INTERFACESAFE_FOR_UNTRUSTED_DATA;
         switch (strGUID)
         {
             case _IID_IDispatch:
             case _IID_IDispatchEx:
                 Result = _OK;
                 pdwEnabledOptions = 0;
                 if (_fSafeForScripting == true)
                     pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_CALLER;
                 break;
             case _IID_IPersistStorage:
             case _IID_IPersistStream:
             case _IID_IPersistPropertyBag:
                 Result = _OK;
                 pdwEnabledOptions = 0;
                 if (_fSafeForInitializing == true)
                     pdwEnabledOptions = INTERFACESAFE_FOR_UNTRUSTED_DATA;
                 break;
             default:
                 Result = _NOINTERFACE;
                 break;
         }

         return Result;
     }

     public int SetInterfaceSafetyOptions(ref Guid riid, int dwOptionSetMask, int dwEnabledOptions)
     {
         int Result = _FAIL;

         string strGUID = riid.ToString("B");
         switch (strGUID)
         {
             case _IID_IDispatch:
             case _IID_IDispatchEx:
                 if (((dwEnabledOptions & dwOptionSetMask) == INTERFACESAFE_FOR_UNTRUSTED_CALLER) &&
                      (_fSafeForScripting == true))
                     Result = _OK;
                 break;
             case _IID_IPersistStorage:
             case _IID_IPersistStream:
             case _IID_IPersistPropertyBag:
                 if (((dwEnabledOptions & dwOptionSetMask) == INTERFACESAFE_FOR_UNTRUSTED_DATA) &&
                      (_fSafeForInitializing == true))
                     Result = _OK;
                 break;
             default:
                 Result = _NOINTERFACE;
                 break;
         }

         return Result;
     }
 }
2
votes

You can create a .reg file to modify the registry key like this:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] "1201"=dword:00000000
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] "1201"=dword:00000000

1
votes
  1. Start -> Run -> regedit
  2. Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVer sion\Internet Settings\Zones\0
  3. Doubleclick 1201 and change the value to 0 (it was probably 1)
  4. Close Registry Editor
0
votes

I think you can just set the sites trust level to full.

Tools->Internet Options->Security->Trusted Sites->Sites button

0
votes

As for signing the ActiveX see this article. However you will still have to allow the ActiveX (it'll just show you as the author). See Ryan's answer for how to allow the ActiveX for this site.