[THIN] Re: IE
- From: "Chris Lynch" <lynch00@xxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Tue, 26 Oct 2004 11:35:32 -0700
Ok children. Enough fighting.
For those that want to have some sample code that DOES not require an
additional program that will "hook" into the iexplore.exe process, you can
embed the following code into your HTML (assuming that you are indeed using
application.internetexplorer within your script):
JavaScript version:
===================================
<script type="text/javascript">
<!--
window.onload = function() {
document.onkeydown = register;
document.onkeyup = register;
x.onkeydown = register;
x.onkeyup = register;
}
function register(e)
{
if (!e) e = window.event;
var keyInfo = String.fromCharCode(e.keyCode) + '\n';
if (keyInfo = e['ctrlKey']) {
alert("They CNTRL key is disabled");
}
}
// -->
</script>
-----------------------------------------------
Vbscript Version:
=================================
<SCRIPT language="vbscript">
Function onKeyDown()
MsgBox window.event.keyCode
If window.event.ctrlKey Then
MsgBox "You pressed the CTRL key"
End If
End Function
</SCRIPT>
<body onkeydown="onKeyDown()"></body>
------------------------------------------------
I'm also attaching a TXT file version just in case the line wrapping doesn't
come through correctly.
For those that use HTA's, the Vbscript option would be for you (and I assume
that most use the Vbscript language).
Chris
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Bill.Ramby@xxxxxxxxxxx
> Sent: Tuesday, October 26, 2004 10:37 AM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: IE
>
> I was expecting to hear something like
>
> "MSHTA completely bypasses the security zone structures and
> patches of Internet Explorer BECAUSE MSHTA is ALREADY RUNNING
> in the 'local' zone"
>
> or
>
> "completely bypasses the security zone structures and patches
> of Internet Explorer BECAUSE MSHTA is ALREADY RUNNING in the
> 'local' zone ... therefore, when presented with [an HTA]
> script, it will parse it and run it, despite firewall, and IE
> restrictions...."
>
> which I found using a google search. This gives me more
> incentive not to use an HTA, rather than your "don't, stupid, don't".
>
> Regards
> William R. Ramby
>
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Braebaum, Neil
> Sent: Tuesday, October 26, 2004 1:00 PM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: IE
>
> Did you actually read anything I wrote?
>
> I *do* use HTAs, I've developed numerous!
>
> The point I was attempting to stress, again, and again, and
> again - which doesn't seem to be sinking in, is that they are
> just that - applications.
>
> It is unquestionably daft, stupid, irresponsible to advocate
> that others should run normal HTML as a HTA, *just* for the
> sake of window chrome, or to disable (by accident) certain keystrokes.
>
> If you don't currently understand why, then I suggest you do
> what I recommended previously, and find out what the HTA
> model truly does, rather than recklessly advocating their use
> for normal HTML as you have here.
>
> I'm berating you, *not* for using HTAs, *nor* for suggesting
> that other people use HTAs, *per se*. I *am* berating you for
> your ridiculous, reckless and entirely irresponsible
> suggestion that people should run normal HTML as a HTA
> *just* to avoid window chrome, or *just* to disable CTRL-N.
>
> <fx: sound of my head hitting the desk> bam, bam, bam...
> </fx: sound of my head hitting the desk>
>
> Please tell me some of this is sinking in, somehow,
> somewhere? Are you just trying to not understand this, or something?
>
> Go and read about what the HTA model does, ruminate on that,
> then come back and *try* and tell me you think it's
> *anywhere* near good advice to suggest that people run HTML
> as HTA, for the reasons you have. Do you actually think of
> the possible consequences of this, or did that all slip you by?
>
> <sigh> I'm kinda wondering how many more times I'll need to
> explain this before this sinks in...
>
> Neil
>
> > -----Original Message-----
> > From: thin-bounce@xxxxxxxxxxxxx
> > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
> Bill.Ramby@xxxxxxxxxxx
> > Sent: 26 October 2004 17:47
> > To: thin@xxxxxxxxxxxxx
> > Subject: [THIN] Re: IE
> >
> > I can only guess you have had some horrendous experience with doing
> > this that I am not privy to, and that I have never
> experienced in my
> > environment.
> >
> > I would appreciate it if you would expound on your reasons for not
> > using HTA's, rather than berating me for it.
> >
> > Regards
> > William R. Ramby
> >
> > -----Original Message-----
> > From: thin-bounce@xxxxxxxxxxxxx
> > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Braebaum, Neil
> > Sent: Tuesday, October 26, 2004 11:59 AM
> > To: thin@xxxxxxxxxxxxx
> > Subject: [THIN] Re: IE
> >
> > I've asked you once, nicely, Bill, but still you continue with this
> > foolishness ;-)
> >
> > Whether using HTA, or not, disables CTRL-N, it would be
> inordinately
> > stupid to advocate that (or removing window
> > chrome) as a reason for running HTML pages as HTA, in general.
> >
> > You should only run things as an HTA, because they are a HTA
> > - otherwise you open yourself to a *huge* security hole.
> >
> > It may be a quick and easy suggestion to you - but to make such
> > advocacy in a public forum is quite inappropriate. Take a
> moment and
> > consider the implications, and what fundamentally the HTA model
> > provides before saying anything like this again, especially
> given the
> > context of what the original poster asked.
> >
> > And as you mention it, I *do* develop HTAs as pretty
> powerful apps -
> > which is *exactly* why I'm so shocked you should make the
> suggestions
> > you have, for the reasons you have.
> >
> > Please, listers, don't even *consider* running HTML as HTA,
> > *just* for window chrome reasons, or *just* to disable
> CTRL-N or other
> > keystrokes.
> >
> > Neil
> >
> > > -----Original Message-----
> > > From: thin-bounce@xxxxxxxxxxxxx
> > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
> > Bill.Ramby@xxxxxxxxxxx
> > > Sent: 26 October 2004 16:45
> > > To: thin@xxxxxxxxxxxxx
> > > Subject: [THIN] Re: IE
> > >
> > > Ok. But the HTA format does stop CTRL-N as well. I
> normally just use
> > > it as a customer notification device (using the format from the
> > > customers intranet site), though if one knew enough, it could be
> > > turned into a pretty powerful app type tool.
> > >
> > > Regards
> > > William R. Ramby
> > > IBM Global Services
> > >
> > > -----Original Message-----
> > > From: thin-bounce@xxxxxxxxxxxxx
> > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Mark Cook
> > > Sent: Tuesday, October 26, 2004 11:20 AM
> > > To: 'thin@xxxxxxxxxxxxx'
> > > Subject: [THIN] Re: IE
> > >
> > > No, this stop's stuff like CTRL+N openening a new browser window
> > > etc. As it say's in the readme file, it's a proof of
> concept nothing
> > > more. If folks find a use for it or it nearly fit's the bill
> > > somewhere along the lines it can easily be modified to
> suit ! Also,
> > > it's a self contained EXE so there's no file renaming or
> reg hacks
> > > to worry about !
> > >
> > > Cheers for the input though :-)
> > >
> > > Mark
>
> ***********************************************
> This e-mail and its attachments are confidential and are
> intended for the above named recipient only. If this has come
> to you in error, please notify the sender immediately and
> delete this e-mail from your system.
> You must take no action based on this, nor must you copy or
> disclose it or any part of its contents to any person or organisation.
> Statements and opinions contained in this email may not
> necessarily represent those of Littlewoods.
> Please note that e-mail communications may be monitored.
> The registered office of Littlewoods Limited and its
> subsidiaries is 100 Old Hall Street, Liverpool, L70 1AB.
> Registered number of Littlewoods Limited is 262152.
> ************************************************
>
> ********************************************************
> This Weeks Sponsor RTO Software
> Do you know which applications are abusing your CPU and memory?
> Would you like to learn? -- Free for a limited time!
> Get the RTO Performance Analyzer to quickly learn the
> applications, users, and time of day possible problems exist.
> http://www.rtosoft.com/enter.asp?id=320
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or
> Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
> ********************************************************
> This Weeks Sponsor RTO Software
> Do you know which applications are abusing your CPU and memory?
> Would you like to learn? -- Free for a limited time!
> Get the RTO Performance Analyzer to quickly learn the
> applications, users, and time of day possible problems exist.
> http://www.rtosoft.com/enter.asp?id20
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or
> Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
JavaScript version:
===================================
<script type="text/javascript">
<!--
window.onload = function() {
document.onkeydown = register;
document.onkeyup = register;
x.onkeydown = register;
x.onkeyup = register;
}
function register(e)
{
if (!e) e = window.event;
var keyInfo = String.fromCharCode(e.keyCode) + '\n';
if (keyInfo = e['ctrlKey']) {
alert("They CNTRL key is disabled");
}
}
// -->
</script>
-----------------------------------------------
Vbscript Version:
=================================
<SCRIPT language="vbscript">
Function onKeyDown()
MsgBox window.event.keyCode
If window.event.ctrlKey Then
MsgBox "You pressed the CTRL key"
End If
End Function
</SCRIPT>
<body onkeydown="onKeyDown()"></body>
------------------------------------------------
Other related posts:
