Geek Answers Handbook

Running an executable from a website?

We are developing a site that will only work on the intranet, and computers that have access to this intranet will have this executable file. We cannot have any "Want to open [filename] .exe?" hints. Click the link and the program will start working.

I understand that giving websites the ability to run executable files on a client machine is very, very bad, but management refuses to budge on this.

The machines will have Windows (XP or higher) with Firefox 3.

+4
source share
11 answers

We are developing a site that will only work on the intranet, and computers that have access to this intranet will have this executable file.

Does this mean that the exe is already installed on the desktop? Do you just want to run it from a website?

If so, you can associate the EXE with the MIME Content Type , and when the user clicks on it, it will start.

Select the content type and file extension for your EXE name, for example:

  CauseChaos.exe
 Associated with .chaos file extenstion
 Content Type will be: application / chaos

Associate the file extension with EXE using the EXE installation. I show it here using InnoSetup

[Registry] Root: HKCR; Subkey: .chaos; ValueType: string; ValueData: CauseChaos; Flags: uninsdeletekey Root: HKCR; Subkey: CauseChaos; ValueType: string; ValueData: CauseChaos Tool; Flags: uninsdeletekey Root: HKCR; Subkey: CauseChaos\DefaultIcon; ValueType: string; ValueData: {app}\CauseChaos.exe,0; Flags: uninsdeletekey Root: HKCR; Subkey: CauseChaos\shell\open\command; ValueType: string; ValueData: "{app}\CauseChaos.exe ""%1"""; Flags: uninsdeletekey

Associate the MIME content type with the file extension using the EXE installation.

 [Registry] (continued...) Root: HKCR; Subkey: HKCR\Mime\Database\Content Type\application/chaos; ValueType: string; ValueName: Extension; ValueData: .chaos; Flags: uninsdeletevalue
+10
source

It has been done. MIME types (the accepted answer at the time of adding) require a lot of configuration on the client and server. This is quite a bit of work, and you get temporary files, etc.

Our solution was to add our own custom URL protocol handler. Basically, add the x-our-intranet url and make your enterprise application a URL handler for it. Now any link will launch your corporate application by passing "x-our-intrenet: foo" as a command line argument. All that is required is a client-side entry similar to MIME types.

+2
source

Try this javascript:

 function executeCommands(inputparms) { // Instantiate the Shell object and invoke its execute method. var oShell = new ActiveXObject("Shell.Application"); var commandtoRun = "c:\windows\Notepad.exe"; // Invoke the execute method. oShell.ShellExecute(commandtoRun, commandParms, "", "open", "1"); }

You will need to set the browser security settings accordingly, and this will only work in IE.

+1
source

The only way I could imagine this work is with some kind of ActiveX control that runs your executable file, but I don't know how much this is possible with Firefox.

This should be one of those things in which you should give up on this, not management.

0
source

I recommend you take a look at Adobe Flex / Air , it is designed with this model in mind and has a built-in security sarav door that opens.

0
source

I agree with the rest, I'm sure that you can no longer do this (and especially in Firefox). This is how many of the spyware / adware programs were installed during the day. You will need to get up and just tell the management that this is not possible.

0
source

Active management of X is the easiest way. There is a plugin for firefox that allows you to host active X controls. Or you can just write an NS plugin to handle this.

0
source

This is an old article about web deploying executables. I know this is possible using Internet Explorer (due to our fragmented development team, we still need to support some of them). I do not know about the consequences of firefox.

0
source

Using the file "file: /// c: / Program Files / myprogs / myprog.exe" in the link used to work in IE. But I have not tried this for a long time.

I would recommend a method like MIME above or add a special URI prefix "chaos: // myparams", which is processed by this executable file.

0
source

I fully understand what you want. All that I read on the Internet are people who mention that this is a serious security violation, etc. However, I do not think that they understand why you want it to be implemented, and I will explain why I need it, and I am working on a solution to this problem and I am very close.

I have many different user applications, for example. Call Center, etc. I am currently working on a kiosk desktop PC. The whole user will see a blue screen with information about the computer and the IE icon. My goal is to launch Microsoft Office and some internal Client / Server applications from this page. It works great because it is still there, only my users cannot see it. However, I have the same problems as you. My network is very secure using MPLS, internal and external managed routers, firewalls / ASAs, and many security professionals. In addition, it is strictly INTERNAL. So, in my opinion, this is normal. So, if I come up with some solution for this, I will post it.

0
source

I don’t even know if this is possible. As mentioned above, perhaps using an ActiveX control, but then you will have problems with browser support and people's security settings. Not to mention the moral consequences of how you steal someone from the PC.

-1
source

More articles:


All Articles