By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,610 Members | 1,957 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,610 IT Pros & Developers. It's quick & easy.

Viewing Data Access Pages (DAP) - Internet Explorer Protecting Your Security

P: n/a
I am developing some Data Access Pages (DAP) using Microsoft Access
2003 on Microsoft Windows XP.

When I try to open these pages (located on my C: drive), the display of
the data access page is blocked and I receive the following error
message in the Information Bar in Microsoft Internet Explorer:

"To help protect your security, Internet Explorer has restricted this
site from showing certain content. Click here for options."

I can then click on the Information Bar to Allow Blocked Content, and
everything works just fine - but it gets a little annoying after a
while. Any idea how to stop this happening when I try and deploy these
data access pages for my users?

Nov 13 '05 #1
Share this Question
Share on Google+
10 Replies


P: n/a
Edlueze wrote:
I am developing some Data Access Pages (DAP) using Microsoft Access
2003 on Microsoft Windows XP.

When I try to open these pages (located on my C: drive), the display of
the data access page is blocked and I receive the following error
message in the Information Bar in Microsoft Internet Explorer:

"To help protect your security, Internet Explorer has restricted this
site from showing certain content. Click here for options."

I can then click on the Information Bar to Allow Blocked Content, and
everything works just fine - but it gets a little annoying after a
while. Any idea how to stop this happening when I try and deploy these
data access pages for my users?


Not really, it's a security feature. When you can leave your car in the
street with the keys in the ignition and not have it taken, then MS will
remove that block :-)

The only way to completely avoid it is to write a real web application.
Nov 13 '05 #2

P: n/a
I've never had this problem. If I did I would explore "calling" the
DAPS from an HTA.

MSDN says this about HTAs.

"Your application is fully trusted and free from the restrictions
placed on Web pages for security reasons. Unlike Web pages, which run
when visited, users will need to trust your HTA; however, once
installed and run, your HTA can potentially do anything any program
can"

I have been successful in opening HTM files (DAPs are HTM files) from
within an HTA.

HTAs are introduced at
http://msdn.microsoft.com/library/de...tml/ie5hta.asp

Nov 13 '05 #3

P: n/a
Thanks for the tips! HTA's were new to me and quite interesting to read
about.

Nov 13 '05 #4

P: n/a
Have you tried this:

"Allow active content to run in files on My Computer - Windows XP
Service Pack 2"

http://www.winxptutor.com/lmzunlock.htm
Edlueze wrote:
I am developing some Data Access Pages (DAP) using Microsoft Access
2003 on Microsoft Windows XP.

When I try to open these pages (located on my C: drive), the display of
the data access page is blocked and I receive the following error
message in the Information Bar in Microsoft Internet Explorer:

"To help protect your security, Internet Explorer has restricted this
site from showing certain content. Click here for options."

I can then click on the Information Bar to Allow Blocked Content, and
everything works just fine - but it gets a little annoying after a
while. Any idea how to stop this happening when I try and deploy these
data access pages for my users?

Nov 13 '05 #5

P: n/a
"Edlueze" <ed*****@onegen.com> wrote in
news:11*********************@o13g2000cwo.googlegro ups.com:
Thanks for the tips! HTA's were new to me and quite interesting to
read about.


As a standard practice, I disable the HTA file assocation on every
workstation I sit down at, because it's an excellent way for hackers
to do nasty things to your computer. I also disable the default VBS
associations (though leaving WSH available for calling explicitly).
There have been viruses/worms distributed as HTAs, just as there
have been VBS viruses/worms, and that's why I disable it.

It's a Microsoft-only technology and works only in IE, which is
naither reason not to use it, since it hardwires your app to the
most insecure and poorly designed web browser available anywhere.

--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc
Nov 13 '05 #6

P: n/a
"David W. Fenton" <dX********@bway.net.invalid> wrote in
news:Xn*********************************@216.196.9 7.142:
"Edlueze" <ed*****@onegen.com> wrote in
news:11*********************@o13g2000cwo.googlegro ups.com:
Thanks for the tips! HTA's were new to me and quite interesting to
read about.


As a standard practice, I disable the HTA file assocation on every
workstation I sit down at, because it's an excellent way for hackers
to do nasty things to your computer. I also disable the default VBS
associations (though leaving WSH available for calling explicitly).
There have been viruses/worms distributed as HTAs, just as there
have been VBS viruses/worms, and that's why I disable it.

It's a Microsoft-only technology and works only in IE, which is
naither reason not to use it, since it hardwires your app to the
most insecure and poorly designed web browser available anywhere.


If you want expert advice about something from someone who knows nothing
about it and who has never used it and therefore MUST denigrate it, then
David is your expert of choice.

Nov 13 '05 #7

P: n/a
If you want to know everything about a technology from someone who
knows nothing about it then David is certainly your expert of choice.

Nov 13 '05 #8

P: n/a
Lyle Fairfield wrote:
It's a Microsoft-only technology and works only in IE, which is
naither reason not to use it, since it hardwires your app to the
most insecure and poorly designed web browser available anywhere.

If you want expert advice about something from someone who knows nothing
about it and who has never used it and therefore MUST denigrate it, then
David is your expert of choice.


I don't know much about HTAs and DAPs but David is not wrong about IE
being insecure.
Nov 13 '05 #9

P: n/a
Trevor Best wrote:
I don't know much about HTAs and DAPs ....
It seems so. Perhaps you could read:
http://msdn.microsoft.com/workshop/a...w.asp#Security
but David is not wrong about IE being insecure.


I agree. IE can be an insecure program with which to browse or interact
with the Internet. But when IE hosts an HTA it's not browsing or
interacting with the Internet. An executable which requires components
of IE is running; this executable (HTA) is no more and no less dangerous
than any other executable.

HTAs can be deployed as packages, over the web or in combination of the
two. Packages are my preferred deployment method. If you read this you
will note that IE does not have to connect to the Internet at all to run
a local HTA.

"The Package Model

In the package deployment model, the installation process for the HTA is
the same as for traditional applications. Files are copied from disk or
over a network, using any installer or self-extracting executable. The
installer places the application in the Program Files directory or in
the directory selected by the user. A link to the HTA is included in the
Start menu. And the application's dependency on Internet Explorer 5 or
greater is registered. This way the user is warned that uninstalling
Internet Explorer will disable that application. Look to tools vendors
for vehicles for packaging and delivering HTAs to your specifications.

Like the Web model, the package model has points in its favor. The user
is prompted only during the initial installation about trusting the
application; thereafter, the application runs as trusted code just as an
..exe does. Also, the installed HTA is always available to users, whether
they are connected to the server or not."

When a web manifestation of an HTA is run, all IE is connecting for is
to download the latest file update.

Nov 13 '05 #10

P: n/a
Lyle Fairfield <ly******@aol.com> wrote in
news:Xn****************************@216.221.81.119 :
"David W. Fenton" <dX********@bway.net.invalid> wrote in
news:Xn*********************************@216.196.9 7.142:
"Edlueze" <ed*****@onegen.com> wrote in
news:11*********************@o13g2000cwo.googlegro ups.com:
Thanks for the tips! HTA's were new to me and quite interesting
to read about.
As a standard practice, I disable the HTA file assocation on
every workstation I sit down at, because it's an excellent way
for hackers to do nasty things to your computer. I also disable
the default VBS associations (though leaving WSH available for
calling explicitly). There have been viruses/worms distributed as HTAs, just as there have been VBS viruses/worms, and that's why I disable it.

It's a Microsoft-only technology and works only in IE, which is
naither reason not to use it, since it hardwires your app to the
most insecure and poorly designed web browser available

anywhere.
If you want expert advice about something from someone who knows
nothing about it and who has never used it and therefore MUST
denigrate it, then David is your expert of choice.


Well, since you know all things, why don't you point out exactly
which parts of what I said are incorrect.

Please provide documentation.

Peronslly, I don't use the same technologies that hackers use to
compromise people's systems. My reason for that is that I don't
want
people mistaking my work for a virus or worm.

You obviously don't care about that.

But you haven't demonstrated that anything I"ve said about HTSs is
wrong.

--
David W. Fenton http://www.bway.net/~dfenton
dfenton at bway dot net http://www.bway.net/~dfassoc
Nov 13 '05 #11

This discussion thread is closed

Replies have been disabled for this discussion.