473,399 Members | 2,858 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > javascript > questions > what is activexobject ?

Join Bytes to post your question to a community of 473,399 software developers and data experts.

What is ActiveXobject ?

Hi,
I am using ActiveXobject as
var xp = new ActiveXObject("WPrint.PrintCtl");
in my JSP application.
I have heard that using ActiveXobject may be dangerous for my application as i am using Bluetooth mode of commmunication.Can anyone tell me why ActiveXobject is dengerous ?


Regards:
Rohit Kumar
Nov 28 '08 #1
11 13627
dmjpro
2,476 2GB
this is JavaScript related question ....
Nov 28 '08 #2
acoder
16,027 Expert Mod 8TB
ActiveX is usually limited to Internet Explorer on Windows. It's dangerous because it allows access to the operating system outside the browser sandbox. Any that you use should be from trusted sources and will require changes to your security settings.
Nov 28 '08 #3
@acoder
But i am not using Internet Explorer on PDA (containing Windows Mobile 5.0).Instead i am using Lotus Expeditor (IBM product),which has it's own browser and our application runs over it.Will ActiveXobject be dengerous now?
Dec 1 '08 #4
acoder
16,027 Expert Mod 8TB
I'm not familiar with Lotus Expeditor. I'm not sure how it integrates ActiveX, so can't really comment on how effective it is with regards to security. You'd have better luck asking IBM.
Dec 1 '08 #5
gits
5,390 Expert Mod 4TB
i'm not familiar with Lotus Expeditor too ... but as long as your application runs in a browser the potential security issues with activeX should be the same as with a normal browser. typically a browser doesn't allow any program to break out of the browser's sandbox so you might consider the browser your runtime-environment and the code that runs in a browserapp just has very limited access to machine-resources like file-system or similar security related resources. java applets might have some more possibilities but they run within the JVM and are even limited to the JVM's sandbox ... while an activeX-control runs outside of any sandbox and might have direct access to all windows-ressources ... so everytime, when you use such a control you have a potential security risk unless you have really trusted controls, that could be verified, signed etc. ... so that it needn't be a real issue ... just make sure that you could trust the used controls ;)

kind regards
Dec 1 '08 #6
@gits

But i use ActiveXobjet control in Bluetooth mode of communiction.GPRS does not come in picture at that time.So no use of Internet Explorer is there.Now will ActiveX control be dengerous in this situation?
Dec 1 '08 #7
gits
5,390 Expert Mod 4TB
i'm confused now ... whatfor do you need the activeX control now? is it part of the application or is it used for the communication only? bluetooth itself has its own drawbacks, and when you have a insecure connection then it doesn't matter whether you run an activeX-control or whatever. when the activeX control could allow further access to your PDA like adresses, data, whatever ... then the control could open the next door to the attacker, but in case you avoid unauthorized connections then it shouldn't be a problem at all. i guess the application just runs locally on the PDA? ...
Dec 1 '08 #8
ActiveX control is the part of application.But It is used only one time when user wants to take print out of that page.There is a form on that JSP page,in which user fills all details and clicks on "print" button.Now bluetooth & ActiveX control comes into picture.By clicking on print button a bluetooth connection is establised between PDA & Bluetooth printer.When connection is establised properly,the desired print out comes from the printer.
Yes,my application runs locally on PDA after downloading of fresh data to PDA.And we need GPRS connection for this.Actually we need GPRS connection only 2 times.(1-When fresh data is downloaded on PDA.2- When this data (after several modifications) is uploaded back to server.).Between these two points my appliocation runs locally on PDA.
Dec 2 '08 #9
@gits


ActiveX control is the part of application.But It is used only one time when user wants to take print out of that page.There is a form on that JSP page,in which user fills all details and clicks on "print" button.Now bluetooth & ActiveX control comes into picture.By clicking on print button a bluetooth connection is establised between PDA & Bluetooth printer.When connection is establised properly,the desired print out comes from the printer.
Yes,my application runs locally on PDA after downloading of fresh data to PDA.And we need GPRS connection for this.Actually we need GPRS connection only 2 times.(1-When fresh data is downloaded on PDA.2- When this data (after several modifications) is uploaded back to server.).Between these two points my appliocation runs locally on PDA.
Dec 2 '08 #10
gits
5,390 Expert Mod 4TB
so the only security risk i could see at the moment would be: when the bluetooth connection is established your PDA might be visible and an atacker could try to connect to it ... now the activeX control might be insecure and allow the attacker to steal something or load something up to the PDA ... a trojan or whatever ... but i guess that is quite more hype then reality :) ... first i think its a very short connection? next i guess the bluetooth service of the PDA is just invoked when it is needed and not always running? The device should be hidden all the time? etc. ... the more problematic then the activeX control in your case is just the bluetooth useage itself that just need to be secured as good as possible.

kind regards
Dec 2 '08 #11
@gits
Ok.Thanx for your suggestion.
Dec 3 '08 #12

Sign in to post your reply or Sign up for a free account.

Similar topics

1
ActiveXObject, Problem loading into DOM
by: Nomad | last post by:
I'm trying to load an XML document into the DOM using the ActiveXObject I've succeeded in doing this on one machine. Which shouldn't becaus I've checked for the ActiveXObject and it doesn't...
.NET Framework
10
What's wrong with the following code to capture the Browser type?
by: Greener | last post by:
Hi, I need help badly. Can you do client-side programming instead of server-side to capture the Browser type info? If this is the case, what's wrong with the following? <script...
Javascript
1
ActiveXObject('Msxml2.XMLHTTP')
by: Brian McPheeters | last post by:
Is there anyway to get ActiveXObject('Msxml2.XMLHTTP') to work with Mac IE 5.1 on the client side? I need to get a text response from the server with javascript so I can parse it. This seems to...
Javascript
2
ActiveXObject problem - WScript.Shell on Windows 2003 Server
by: Marcin Zmyslowski | last post by:
Hello all! I have installed MSDE on my local computer - Windows 2000 Professional. I have created a function which runs me a link whose path is placed in the input field. This function looks...
ASP / Active Server Pages
4
I can't figure this out! Please tell me what's wrong!
by: _Raven | last post by:
Okay, I am playing with submitting forms with Ajax. I am trying to adapt this script to my forms: http://www.captain.at/howto-ajax-form-post-get.php I have included my code at the bottom of this...
Javascript
2
i thought i know what I was doing - calling a function from a string
by: windandwaves | last post by:
Hi Folk Consider the following function: function UpdateHtml(url, parameters, onready) { http_request = false; if (window.XMLHttpRequest) { // Mozilla, Safari,... http_request = new...
Javascript
1
ie7 xml ActiveXObject ErrorMessage: Object expected
by: JTree | last post by:
Hi all, My System is windows and ie version is 7. My code: <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
Javascript
1
Getting a Handle on an active ActiveXObject
by: jfking | last post by:
Hi Everyone, I have a need to load a document in a browser (in an iFrame) and then get control of that instance of the ActiveXObject. I need to do things like formatting and whatnot. I have...
Javascript
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!