Using a Web Application to Obtain Client-Specific Information


An Editor friend and some of my co-workers have taken occasion to remind me that some people don't like Internet Explorer or don't see why anyone would ever develop Web applications just for Internet Explorer. Some of these same smart people have expressed the opinion that they don't like ActiveX in Web applications much either. I respect their opinions. Everyone is entitled to an opinion.

I understand. I have read the Cathedral and the Bazaar by Eric Raymond. I have even exchanged a couple of emails with him. I understand that some people think open source software and uniform standards is the way to go. However, I think about these kinds of issues-open source versus proprietary solutions and IE-only development versus multi- browser platform development-differently, from my own perspective.

First, IE is the most popular browser and is the most widely used. Second, I have actually worked on applications that were Web-based intranet applications and the customer requested IE only. The latest two applications had multi- million dollar budgets. If you are targeting the World Wide Web then IE only development may be short sighted. And, when it comes to ActiveX I think of all available code and solutions as possibilities. Most code has pluses and minuses. My criteria for using something are really just a matter of does it solve the issue expediently, efficiently, and cost effectively and are the risks manageable. Other than that I don't care where the code comes from, which language it is in, or what coding standard was applied.

This article is limited to IE web-based development and just a few odds and bobs that let your JavaScript code obtain some client/user specific information.

Enabling and Disabling Script Debugging in IE8

Visual Studio 2008 automatically enables script debugging for Internet Explorer 8 sessions started from Visual Studio. You know longer have to uncheck this option (Disable script debugging (Internet Explorer)) in the IE Tools|Options in the Advanced tab. In fact, regardless of the debugging settings script debugging will be enabled for IE8 sessions started from Visual Studio.

There exists a potential for performance problems associated with script debugging always being on. For a registry hack that disables script debugging refer to my DevExpress blog entry here.

Enabling ActiveX in IE8

Internet Explorer security is established by zone. There are five zones: Internet, Local Intranet, Trusted Sites, Restricted Sites, and My Computer. The Internet zone is represented by Web sites on your computer that haven't been assigned to another zone. The Local Intranet zone is represented by network connections established using a UNC path, Web sites that by-pass the proxy server, or sites that have not been assigned to the Restricted or Trusted zone. Also, if you use a fully qualified domain name (FQDN) or IP address then the site is considered part of the Internet zone. The Trusted Sites zone is for adding web sites that you trust, like,,, and the Restricted Sites zone is for web sites that you don't trust. My Computer is exactly what it sounds like.

If you want to enable ActiveX support for desktop development then you want to adjust the Local Intranet zone. If you add ActiveX controls to your public web site then your users will need to adjust the Internet zone.

If you write some JavaScript that uses an ActiveX object and your browser isn't configured to permit ActiveX objects then you will get an error dialog like the one shown in Figure 1. To configure support for ActiveX controls on your workstation or laptop, the machine you are developing on, follow these steps (using Figure 2 as a guide):

  1. In Internet Explorer 8 select Tools|Options
  2. Change to the Security tab and click Local intranet in the zones section
  3. Click Custom level
  4. In the Security Settings dialog scroll to the ActiveX controls and plug-ins
  5. Change the "Initialize and script ActiveX controls not marked as safe for scripting" from Disable to Enable or Prompt. (If you want to remember that you have turned on ActiveX support then select Prompt)
  6. Click OK to close the Security Settings dialog
  7. Click OK to close the Internet options dialog

Click here for larger image

Figure 1: If you see this dialog then you need to enable ActiveX objects for the Local Intranet zone.

Figure 2: To let ActiveX objects that you create in script run on your workstation's browser set "Initialize and script ActiveX controls not marked as safe…" to Enable or Prompt.

Using a Web Application to Obtain Client-Specific Information

Creating an ActiveX Object

ActiveX objects for ascertaining client information include WScript.Network and WScript.Shell. WScript.Network can be used to determine the active user, for example, and WScript.Shell can be used to query information like the path to the MyDocuments folder. For a complete reference for these ActiveX libraries refer to the MSDN help documentation.

Tip: You can use script languages to run JavaScript at a command prompt by running the .js script file in the WScript.exe host.

To create an instance of the desired ActiveXObject you can invoke new ActiveXObject passing in the name of the library as a string that you want to create. The following code demonstrates how to use the debugger; statement to break into the code and create an instance of WScript.Network and WScript.Shell. With these two objects the UserName and the path to the special folder MyDocuments is obtained (refer to Listing 1).

Listing 1: Some JavaScript in a Web page that obtains client-specific information using ActiveX.

          <script type="text/javascript">
            var o = new ActiveXObject("WScript.Network");
            var w = new ActiveXObject("WScript.Shell");
            var jsonObject = { "UserName": o.UserName,
              "MyDocuments": w.SpecialFolders("MyDocuments")

The end of the listing contains a statement that starts with var jsonObject. Programmers used to create objects by writing new Object() and referring to the desired properties. The revised syntax above is part of JSON (pronounced Jason), or JavaScript Object Notation. JSON is a lightweight data-interchange format that is a subset of JavaScript. JSON is used in objects and arrays in a highly readable form, and the technology plays in the same space as XML. The statement above creates an object with two properties: UserName and MyDocuments.


Now that you have the tools to configure a browser for ActiveX features and obtain client-specific information, it is up to you to figure out how you are going to use it. To recap JavaScript debugging is enabled automatically when Visual Studio starts an instance of IE8. Security settings like ActiveX support are managed by zone. For local workstation ActiveX support modify the Local Intranet zone. You can choose between enabling ActiveX support or prompting for permission. (I choose the latter, so I turn it off when not needed.) Finally, two of the objects that support discovering client-side information are WScript.Shell and WScript.Network. You can explore the integrated MSDN help for more information.

As a final note JavaScript Object Notation (JSON) was briefly introduced. JSON is subset of JavaScript and is a lightweight data-interchange format. JSON is picking up steam and becoming more popular, so I wedged it into the sample.


Paul Kimmel is the VB Today columnist for and has written several books on object- oriented programming and .NET. Check out his upcoming book Professional DevExpress ASP.NET Controls (from Wiley) now available on and fine bookstores everywhere. Look for his upcoming book Teach Yourself the ADO.NET Entity Framework in 24 Hours (from Sams). You may contact him for technology questions at pkimmel@softconcepts .com. Paul Kimmel is a Technical Evangelist for Developer Express, Inc, and you can ask him about Developer Express at and read his DX blog at http://


  • There are no comments yet. Be the first to comment!

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Moving from an on-premises environment to Office 365 does not remove the need to plan for disruptions or reduce the business risk requirements for protecting email services. If anything, some risks increase with a move to the cloud. Read how to ease the transition every business faces if considering or already migrating to cloud email. This white paper discusses: Setting expectations when migrating to Office 365 Understanding the implications of relying solely on Exchange Online security Necessary archiving …

  • Anthony Christie, the Chief Marketing Officer for Level Communications, is responsible for customer experience, worldwide marketing and product management. In this informative asset, he shares his insights into why a private network connection to cloud-bases applications is the right decision for your enterprise. Download now to find out more.

Most Popular Programming Stories

More for Developers

RSS Feeds

Thanks for your registration, follow us on our social networks to keep up-to-date