Marking a Python COM server safe for Internet Explorer
bill-bell at bill-bell.hamilton.on.ca
Fri Jul 6 20:29:54 CEST 2001
On 6 Jul 2001, at 13:04, Skip Montanaro wrote:
> Bill> As a kind of default, Internet Explorer will ask the user's
> Bill> permission before instantiating an ActiveX control. However,
> one Bill> can implement IObjectSafety to inform IE that one's
> control is Bill> safe, thus sparing the user the need to respond
> to the dialog box.
> I have nothing useful to help you with your quest ...
> ... but it seems that if the ActiveX control can say "trust me!",
> it's sort of like asking the fox to guard the hen house.
Well, many software developers are not carnivores. Some of us
injure the chickens only by accident. What I'm trying to say is that
I'm not sure your simile is quite apt.
> Did I misunderstand something? Wouldn't all ActiveX controls
> simply implement IObjectSafety simply to make them easier to use
> (less annoying to the user)?
OTOH, as 'net people are apt to say:
1. To a certain degree I think you're correct, especially considering
that it takes a lot less skill and knowledge to mark the control safe
that it would to actually make it safe. (You will I trust forgive me a
2. In order to reach the stage where this message is emitted the
control must have been installed on the user's computer (which, I
suppose, corresponds to the chicken). In order to provide some
assurance to the user one can, for one thing, associate a
certificate with one's ActiveX control and the user can accept the
certificate only if it was issued by some overwhelmingly trustworthy
source--say Microsoft of Redmond, Washington.
In my case, though, the chickens are all housed in research
buildings and, whether they know it or not, the fox has already
been allowed into all of the buildings. No certificate needed, hehe.
More information about the Python-list