Using a Web Application to Obtain Client-Specific Information

Introduction

An Editor friend and some of my co-workers have taken occasion to remind me that some people don't like Internet Explorer or don't see why anyone would ever develop Web applications just for Internet Explorer. Some of these same smart people have expressed the opinion that they don't like ActiveX in Web applications much either. I respect their opinions. Everyone is entitled to an opinion.

I understand. I have read the Cathedral and the Bazaar by Eric Raymond. I have even exchanged a couple of emails with him. I understand that some people think open source software and uniform standards is the way to go. However, I think about these kinds of issues-open source versus proprietary solutions and IE-only development versus multi- browser platform development-differently, from my own perspective.

First, IE is the most popular browser and is the most widely used. Second, I have actually worked on applications that were Web-based intranet applications and the customer requested IE only. The latest two applications had multi- million dollar budgets. If you are targeting the World Wide Web then IE only development may be short sighted. And, when it comes to ActiveX I think of all available code and solutions as possibilities. Most code has pluses and minuses. My criteria for using something are really just a matter of does it solve the issue expediently, efficiently, and cost effectively and are the risks manageable. Other than that I don't care where the code comes from, which language it is in, or what coding standard was applied.

This article is limited to IE web-based development and just a few odds and bobs that let your JavaScript code obtain some client/user specific information.

Enabling and Disabling Script Debugging in IE8

Visual Studio 2008 automatically enables script debugging for Internet Explorer 8 sessions started from Visual Studio. You know longer have to uncheck this option (Disable script debugging (Internet Explorer)) in the IE Tools|Options in the Advanced tab. In fact, regardless of the debugging settings script debugging will be enabled for IE8 sessions started from Visual Studio.

There exists a potential for performance problems associated with script debugging always being on. For a registry hack that disables script debugging refer to my DevExpress blog entry here.

Enabling ActiveX in IE8

Internet Explorer security is established by zone. There are five zones: Internet, Local Intranet, Trusted Sites, Restricted Sites, and My Computer. The Internet zone is represented by Web sites on your computer that haven't been assigned to another zone. The Local Intranet zone is represented by network connections established using a UNC path, Web sites that by-pass the proxy server, or sites that have not been assigned to the Restricted or Trusted zone. Also, if you use a fully qualified domain name (FQDN) or IP address then the site is considered part of the Internet zone. The Trusted Sites zone is for adding web sites that you trust, like FedEx.com, Dell.com, Amazon.com, and the Restricted Sites zone is for web sites that you don't trust. My Computer is exactly what it sounds like.

If you want to enable ActiveX support for desktop development then you want to adjust the Local Intranet zone. If you add ActiveX controls to your public web site then your users will need to adjust the Internet zone.

If you write some JavaScript that uses an ActiveX object and your browser isn't configured to permit ActiveX objects then you will get an error dialog like the one shown in Figure 1. To configure support for ActiveX controls on your workstation or laptop, the machine you are developing on, follow these steps (using Figure 2 as a guide):

  1. In Internet Explorer 8 select Tools|Options
  2. Change to the Security tab and click Local intranet in the zones section
  3. Click Custom level
  4. In the Security Settings dialog scroll to the ActiveX controls and plug-ins
  5. Change the "Initialize and script ActiveX controls not marked as safe for scripting" from Disable to Enable or Prompt. (If you want to remember that you have turned on ActiveX support then select Prompt)
  6. Click OK to close the Security Settings dialog
  7. Click OK to close the Internet options dialog



Click here for larger image

Figure 1: If you see this dialog then you need to enable ActiveX objects for the Local Intranet zone.


Figure 2: To let ActiveX objects that you create in script run on your workstation's browser set "Initialize and script ActiveX controls not marked as safe…" to Enable or Prompt.

Using a Web Application to Obtain Client-Specific Information

Creating an ActiveX Object

ActiveX objects for ascertaining client information include WScript.Network and WScript.Shell. WScript.Network can be used to determine the active user, for example, and WScript.Shell can be used to query information like the path to the MyDocuments folder. For a complete reference for these ActiveX libraries refer to the MSDN help documentation.

Tip: You can use script languages to run JavaScript at a command prompt by running the .js script file in the WScript.exe host.

To create an instance of the desired ActiveXObject you can invoke new ActiveXObject passing in the name of the library as a string that you want to create. The following code demonstrates how to use the debugger; statement to break into the code and create an instance of WScript.Network and WScript.Shell. With these two objects the UserName and the path to the special folder MyDocuments is obtained (refer to Listing 1).

Listing 1: Some JavaScript in a Web page that obtains client-specific information using ActiveX.

          <script type="text/javascript">
            debugger;
            var o = new ActiveXObject("WScript.Network");
            //UserDomain
            //ComputerName
            //UserName
            alert(o.UserName);
            var w = new ActiveXObject("WScript.Shell");
            alert(w.SpecialFolders("MyDocuments"));
            //CreateShortcut
            //SpecialFolders
            
      
            var jsonObject = { "UserName": o.UserName,
              "MyDocuments": w.SpecialFolders("MyDocuments")
            };
      
          </script>

The end of the listing contains a statement that starts with var jsonObject. Programmers used to create objects by writing new Object() and referring to the desired properties. The revised syntax above is part of JSON (pronounced Jason), or JavaScript Object Notation. JSON is a lightweight data-interchange format that is a subset of JavaScript. JSON is used in objects and arrays in a highly readable form, and the technology plays in the same space as XML. The statement above creates an object with two properties: UserName and MyDocuments.

Summary

Now that you have the tools to configure a browser for ActiveX features and obtain client-specific information, it is up to you to figure out how you are going to use it. To recap JavaScript debugging is enabled automatically when Visual Studio starts an instance of IE8. Security settings like ActiveX support are managed by zone. For local workstation ActiveX support modify the Local Intranet zone. You can choose between enabling ActiveX support or prompting for permission. (I choose the latter, so I turn it off when not needed.) Finally, two of the objects that support discovering client-side information are WScript.Shell and WScript.Network. You can explore the integrated MSDN help for more information.

As a final note JavaScript Object Notation (JSON) was briefly introduced. JSON is subset of JavaScript and is a lightweight data-interchange format. JSON is picking up steam and becoming more popular, so I wedged it into the sample.

Biography

Paul Kimmel is the VB Today columnist for www.codeguru.com and has written several books on object- oriented programming and .NET. Check out his upcoming book Professional DevExpress ASP.NET Controls (from Wiley) now available on Amazon.com and fine bookstores everywhere. Look for his upcoming book Teach Yourself the ADO.NET Entity Framework in 24 Hours (from Sams). You may contact him for technology questions at pkimmel@softconcepts .com. Paul Kimmel is a Technical Evangelist for Developer Express, Inc, and you can ask him about Developer Express at paulk@devexpress.com and read his DX blog at http:// community.devexpress.com/blogs/paulk.



Comments

  • There are no comments yet. Be the first to comment!

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Live Event Date: April 22, 2014 @ 1:00 p.m. ET / 10:00 a.m. PT Database professionals — whether developers or DBAs — can often save valuable time by learning to get the most from their new or existing productivity tools. Whether you're responsible for managing database projects, performing database health checks and reporting, analyzing code, or measuring software engineering metrics, it's likely you're not taking advantage of some of the lesser-known features of Toad from Dell. Attend this live …

  • Hurricane Sandy was one of the most destructive natural disasters that the United States has ever experienced. Read this success story to learn how Datto protected its partners and their customers with proactive business continuity planning, heroic employee efforts, and the right mix of technology and support. With storm surges over 12 feet, winds that exceeded 90 mph, and a diameter spanning more than 900 miles, Sandy resulted in power outages to approximately 7.5 million people, and caused an estimated $50 …

Most Popular Programming Stories

More for Developers

Latest Developer Headlines

RSS Feeds