1

I created a Browser Helper Object for IE8 in order to run a javascript located on my computer. Like browser extensions work in other browsers. I'm trying to execute the following code:

    IHTMLWindow2* pWindow;
    doc->get_parentWindow(&pWindow);

    hr = pWindow->execScript((BSTR)"var d=window.document,\
s=d.createElement('script'),\
h=d.getElementsByTagName('body')[0];\
s.src='file:///L:/prg/Web/ieplugin/ieplugin.js';\
h.appendChild(s);",
(BSTR)"JavaScript", &vResult);

But the result is E_INVALIDARG, which is caused most likely by the script address. Is it possible to run the script from my computer without lowering security settings for Internet Zone? I tried to set security settings for Trusted Sites to minimum and added to trusted sites 'file://localserver', but to no avail.

EDIT: More specifically, I get the following error message within the IE window:

Message: Invalid character

Line: 1

Char: 1

Code: 0

URI: file:///L:/prg/Web/ieplugin/ieplugin.js
Paul
  • 26,170
  • 12
  • 85
  • 119
Al Berger
  • 1,048
  • 14
  • 35
  • Is the problem that your string is ASCII, and you are calling a Unicode function, by any chance? (Or something is wrong in your local .js file?= – Mats Petersson Aug 11 '13 at 09:08
  • @Matt: the file name string is actually passed as a parameter and declared as CComBSTR bstrFileName = L"...script filename here...." The script file contains one line: alert("JavaScript works."); When I call the execScript() with that line instead of filename, the script works OK and the alert window appears normally. – Al Berger Aug 11 '13 at 10:11

1 Answers1

0

Internet Explorer does not allow the use of file:// protocol URIs within non-File:// delivered pages. This change was made back in 2011 and applies only to INTERNET and RESTRICTED ZONE sites.

See http://blogs.msdn.com/b/ieinternals/archive/2011/08/12/internet-explorer-9.0.2-update-changes-file-protocol-and-cookie-naming.aspx for details.

To workaround this, instead have your extension load the contents of the target script into a BSTR, and use that BSTR to pass into execScript.

EricLaw
  • 56,563
  • 7
  • 151
  • 196