Linking to local html files using display URL action

General Tips & Tricks
Site Admin
User avatar
Posts: 223
Joined: Fri May 26, 2006 1:51 pm
Location: Rochester, NY

Linking to local html files using display URL action

Postby Andrew » Wed Jun 20, 2007 12:08 pm

A user was creating a CD distribution of a Viewlet bundled with other HTML files. They were using "Display URL" actions in the Viewlet to open up local HTML files in the same folder as the Viewlet.

They did this by simply adding the name of the file for the URL. The problem was that Internet Explorer was giving an Access Denied" error and not allowing the local page to be opened.

This was possible with VieweltBuilder4, so what had changed? Welcome to the wonderful world of Internet Explorer security, first a little background.

With VB5 we have added the following HTML directive to the top of the generated HTML pages:
<!-- saved from url=(0021) -->

This is called the "mark of the web", you can find more information here.

The purpose of the mark of the web, is get around the Interent Explorer Yellow Security Warning Bar that says something like this:

"To help protect your security, Internet Explorer has restricted this webpage from running scripts or ActiveX controls that could access your computer. Click here for options..."

IE displays this because you are loading the Flash based Viewlet, from your local machine. IE is worried that the ActiveX control might have access to your system. The trick is to make IE think that this is being loaded from a web page, so that it runs under the web security context, which doesn't allow access to your local machine.

The mark of the web does this. It forces the page to run under Internet Explorers web security context and gets rid of the yellow bar warning. The problem is that the external files were still under a local context. So Internet Explorer displays the error message "Access Denied" since you are switching from web to local context.

There are 2 approaches to get rid of the "Access Denied" error message.

1. Remove the mark of the web comment from the HTML generated from VieweltBuilder. This will put all the HTML files into the same local context. But it will display the IE active X security warning yellow bar.

2. Add the mark of the web comment to your external HTML files. All pages will then run under the web security context. You shouldn't see the yellow bar or access denied messages. With a CD distribution, such as this user's case, this is probably the best approach.
Andrew Branch

Return to FAQs - ViewletBuilder 5.x

Who is online

Users browsing this forum: No registered users and 1 guest