How to implement IObjectSafety programmatically in JScript.NET

Question

tldr; How to mark a JScript.NET dll as safe for scripting?

Consider this JScript.NET library (helloworld1.js):

package helloworld1{
  class test1 {
    public function test1run(){
      return 'This is a string returned from helloworld1.dll';
    }
  }
}

After running it through

jsc.exe /nologo /t:library helloworld1.js

and

regasm /nologo /codebase helloworld1.dll

I can use it on my local html page with:

var helloworld1 = new ActiveXObject("helloworld1.test1");
alert(helloworld1.test1run());

It all works fine and I get an alert with This is a string returned from helloworld1.dll.

Now... I want to get rid of the dreaded IE security warning which pops up every time the ActiveX object is instantiated:

An ActiveX control on this page might be unsafe to interact with other parts of the page. Do you want to allow this interaction?

I know the way to remove the security warning is to mark the dll as safe for scripting and implement IObjectSafety.

I know how to do this in VB6 and VB.NET but how do I go implementing it in JScript.NET?

Any help is really appreciated.

Answer 1

After an extensive research I figured out, as there is absolutely no documentation for IObjectSafety in JScript.NET, I can't implement this interface directly in the code.

I finally settled down with adding the needed registry keys for marking my dll as "Safe for initialization" and "Safe for scripting":

[HKEY_CLASSES_ROOT\CLSID\[MY_COM_CLASS_GUID]\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
[HKEY_CLASSES_ROOT\CLSID\[MY_COM_CLASS_GUID]\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]

I add these keys during my setup routine, when helloworld1.dll is deployed on target machines. It works flawlessly.