Marking a Python COM server safe for Internet Explorer
Bill Bell
bill-bell at bill-bell.hamilton.on.ca
Fri Jul 6 17:32:18 EDT 2001
"Steve Holden" <sholden at holdenweb.com> wrote:
> "Bill Bell" <bill-bell at bill-bell.hamilton.on.ca> wrote in ...
> >
> > As a kind of default, Internet Explorer will ask the user's
> > permission before instantiating an ActiveX control. However, one can
> > implement IObjectSafety to inform IE that one's control is safe,
> > thus sparing the user the need to respond to the dialog box.
> >
> I must have misunderstood. Are you telling me that IE has a security
> system to detect potentially unsafe downloaded content, but that it
> won't use this system if the downloaded content tells it there's no
> need?
>
> How very Microsoft. I must have missed something.
Steve,
This may not be as bad as it might have sounded. In order for IE to
successfully query for IObjectSafety the ActiveX has to have been
registered, right? And it couldn't be registered until it had been
downloaded. And that couldn't happen unless the user agreed--
assuming that his/her IE is properly secured.
Do I discern perhaps that your trust in, and admiration for, MS
products are bounded?
Take care.
Bill
More information about the Python-list
mailing list