• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Re: HTML & VBScript -> security problem!?



Similar problem with vbscript in html for wallpaper in active desktop.
Getting "ActiveX can't create object", then, when that resolved, "An ActiveX
control on this page might be unsafe to interact with other parts of the
page. Do you want to allow this interaction?" Answer yes and UserName is
displayed, No and it's not. I've got workstations with XP+SP2/3 and IE7/8.
Basic, much, much simplified, script is
<body style="background-color:#0033FF">
<script language = "vbscript">
Set oNet = CreateObject ("WScript.Network")
sUserName = oNet.UserName
document.write (sUserName)
Have reduced security in Local Zone and Lockdown Zone 0 and works with no
nasty popups. But surely this compromises security of the domain? So, am
reluctant to roll it out across the domain.
I tried adding 'Mark of the web' (MOTW) to move it out of the Local Zone.
But discovered this only moves the action to a HIGHER security zone. Since
Local Zone is probably, normally now, the highest security it's no use. (Does
MOTW work from IE7 as it's imprinted when I save a webpage from IE6 but not
Any suggestions please as to how I can get userName displayed on Active
Desktop wallpaper without compromising security of Local Zone.

My Computer

Users Who Are Viewing This Thread (Users: 1, Guests: 0)