从网站启动可执行文件?

发布于 2024-07-12 09:59:36 字数 217 浏览 10 评论 0原文

我们正在开发一个仅在 Intranet 上运行的站点,并且可以访问该 Intranet 的计算机将安装此可执行文件。 我们不能有任何“你想打开[文件名].exe吗?” 提示。 单击链接,程序开始运行。

我意识到让网站能够在客户端计算机上运行可执行文件是非常非常糟糕的,但管理层拒绝在这一点上让步。

机器将安装 Windows(XP 或更高版本)和 Firefox 3。

We're developing a site that will only run on the intranet, and computers with access to this intranet will have this executable installed. We can't have any "Would you like to open [filename].exe?" prompts. Click a link and the program begins running.

I realize that giving websites the ability to run executables on the client machine is very, very bad, but management refuses to budge on this.

Machines will have Windows (XP or up) with Firefox 3.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(11

山川志 2024-07-19 09:59:36

我们正在开发一个仅在 Intranet 上运行的站点,并且可以访问该 Intranet 的计算机将安装此可执行文件。

这是否意味着 EXE 已经安装在桌面上? 您只想从网站启动它吗?

如果是这样,您可以将 EXE 与 MIME 内容类型 相关联,并且当用户单击它,它将启动。

为您的 EXE 名称选择内容类型和文件扩展名,例如:

CauseChaos.exe
Associated with .chaos file extenstion
Content Type will be: application/chaos

通过 EXE 安装将文件扩展名与您的 EXE 相关联。 我在这里展示,使用 InnoSetup

[Registry]
Root: HKCR; Subkey: .chaos; ValueType: string; ValueData: CauseChaos; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos; ValueType: string; ValueData: CauseChaos Tool; Flags: uninsdeletekey 
Root: HKCR; Subkey: CauseChaos\DefaultIcon; ValueType: string; ValueData: {app}\CauseChaos.exe,0; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos\shell\open\command; ValueType: string; ValueData: "{app}\CauseChaos.exe ""%1"""; Flags: uninsdeletekey

通过 EXE 安装将 MIME 内容类型与文件扩展名关联起来。

[Registry] (continued...)
Root: HKCR; Subkey: HKCR\Mime\Database\Content Type\application/chaos; ValueType: string; ValueName: Extension; ValueData: .chaos; Flags: uninsdeletevalue

We're developing a site that will only run on the intranet, and computers with access to this intranet will have this executable installed.

Does this mean the EXE is already installed on the desktop? You just want to launch it from the website?

If so, you can associate the EXE with a MIME Content Type and when the user clicks it, it will launch.

Pick a Content Type and a file extension, for your EXE name, for instance:

CauseChaos.exe
Associated with .chaos file extenstion
Content Type will be: application/chaos

Associate the file extension with your EXE via the EXE install. I show it here, using InnoSetup

[Registry]
Root: HKCR; Subkey: .chaos; ValueType: string; ValueData: CauseChaos; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos; ValueType: string; ValueData: CauseChaos Tool; Flags: uninsdeletekey 
Root: HKCR; Subkey: CauseChaos\DefaultIcon; ValueType: string; ValueData: {app}\CauseChaos.exe,0; Flags: uninsdeletekey
Root: HKCR; Subkey: CauseChaos\shell\open\command; ValueType: string; ValueData: "{app}\CauseChaos.exe ""%1"""; Flags: uninsdeletekey

Associate the MIME content type with the file extension, through the EXE install.

[Registry] (continued...)
Root: HKCR; Subkey: HKCR\Mime\Database\Content Type\application/chaos; ValueType: string; ValueName: Extension; ValueData: .chaos; Flags: uninsdeletevalue
゛清羽墨安 2024-07-19 09:59:36

去过也做过。 MIME 类型(我添加此内容时已接受的答案)需要在客户端和服务器上进行大量配置。这是一项相当多的工作,并且最终会得到临时文件等。

我们的解决方案是添加我们自己的“自定义 URL 协议”处理程序”。 基本上,添加 URL 类型 x-our-intranet 并使您的公司应用程序成为它的 URL 处理程序。 现在,任何链接都将启动您的公司应用程序,并将“x-our-intrenet:foo”作为命令行参数传递。 它所需要的只是一个客户端注册表项,类似于 MIME 类型。

Been there done that. MIME types (accepted answer at the moment I add this) requires a lot of configuring on client and server.This is quite a bit of work, and you end up with temporary files etc.

Our solution was to add our own "Custom URL Protocol Handler". Basically, add URL type x-our-intranet and make your corporate app the URL handler for it. Now any link will start your corporate app, passing "x-our-intrenet:foo" as a command-line argument. All it takes is a client-side registry entry, similar to the MIME types.

留蓝 2024-07-19 09:59:36

尝试这个 JavaScript:

function executeCommands(inputparms)
{
// Instantiate the Shell object and invoke its execute method.

var oShell = new ActiveXObject("Shell.Application");

var commandtoRun = "c:\windows\Notepad.exe";

// Invoke the execute method. 
oShell.ShellExecute(commandtoRun, commandParms, "", "open", "1"); 
}

您必须相应地设置浏览器安全设置,并且这只适用于 IE。

Try this JavaScript:

function executeCommands(inputparms)
{
// Instantiate the Shell object and invoke its execute method.

var oShell = new ActiveXObject("Shell.Application");

var commandtoRun = "c:\windows\Notepad.exe";

// Invoke the execute method. 
oShell.ShellExecute(commandtoRun, commandParms, "", "open", "1"); 
}

You will have to set the browser security settings accordingly, and this would work only in IE.

独孤求败 2024-07-19 09:59:36

我能想到的唯一方法是通过某种 ActiveX 控件来运行您的可执行文件,但我不知道这在 Firefox 中是否可行。

这应该是你(而不是管理层)应该拒绝让步的事情之一。

The only way I could possibly imagine this working is through some sort of ActiveX control which would run your executable, but I don't know how feasible that is with Firefox.

This should be one of those things where -you- should be refusing to budge on it, not management.

鹿童谣 2024-07-19 09:59:36

我建议你看看Adobe Flex / Air,它是用这个模型设计的头脑和它打开的固有安全谷仓门。

I recommend you take a look at Adobe Flex / Air, it is designed with this model in mind and the inherent security barn door that it opens.

ヤ经典坏疍 2024-07-19 09:59:36

我同意其余的,我很确定你不能再这样做了(尤其是在 Firefox 中)。 这就是当时安装的间谍软件/广告软件程序的数量。 你必须表明立场,告诉管理层这是不可能的。

I agree with the rest, I'm pretty sure you can't do this anymore (and especially in Firefox). This is how many of the spyware/adware programs got installed back in the day. You will have to take a stand and just tell management that its impossible.

迷离° 2024-07-19 09:59:36

Active X 控件是最简单的方法。 Firefox 有一个插件,允许您托管活动的 X 控件。 或者你可以编写一个 NS 插件来处理这个问题。

An active X control is the easiest way. There is a plugin for firefox that allows you to host active X controls. Or you could just write an NS Plugin to handle this.

徒留西风 2024-07-19 09:59:36

This is an old article about web deployment of executables. I know this is possible using Internet Explorer (because of our fragmented development team we still have to support some of this). I don't know about the firefox implications.

甜柠檬 2024-07-19 09:59:36

在用于 IE 的链接中使用“file:///c:/Program Files/myprogs/myprog.exe”URL。 但是,我已经很长时间没有尝试过这个了。

我建议使用上面的 MIME 类型方法或添加由该可执行文件处理的特殊 URI 前缀“chaos://myparams”。

Using a "file:///c:/Program Files/myprogs/myprog.exe" URL in the link used to work for IE. But, I have not tried this in a long time.

I would recommend the MIME type method above or adding a special URI prefix "chaos://myparams" that is handled by that executable.

星星的轨迹 2024-07-19 09:59:36

我完全理解你想要什么。 我在互联网上读到的只是人们提到这是一个很大的安全漏洞等等...但是,我猜他们不明白为什么你会想要这个实现,我将解释为什么我需要这个并正在研究这个问题的解决方案和我已经非常接近了。

我有许多不同的用户应用程序,例如。 呼叫中心等...
我目前正在开发一个在 Kiosk 模式下运行的锁定桌面。 用户将看到的只是一个带有一些计算机信息和 IE 图标的蓝屏。 我的目标是从此页面运行 Microsoft Office 和一些内部客户端/服务器应用程序。 它工作得很好,因为一切都还在那里,只是我的用户看不到它。 不过,我也有和你一样的问题。 利用 MPLS、内部和外部托管路由器、防火墙/ASA 以及大量安全专业人员,我的网络非常安全。 另外,这仅限内部使用。 所以,在我看来,这是完全可以的。 因此,如果我为此提出某种解决方案,我将发布它。

I understand completely what you are wanting. All I read on the internet is people mentioning this is a big security breach etc... However, I dont guess they understand why you would want this implemented and I will explain why I need this and am working on a solution to this problem and am getting very close.

I have many different user applications, ex. Call Center, etc...
I am currently working on a lockdown desktop that runs in Kiosk mode. All the user will see is a blue screen with some computer information and an IE icon. My goal is to run the Microsoft Office, and some internal Client/Server apps from this page. It works perfectly fine as everything is still there just my users cannot see it. However, I'm having the same issues as you. My network is very secure utilizing MPLS, internal and external managed Routers, Firewalls/ASA's, and plenty of security professionals. Plus, this is strictly INTERNAL only. So, in my opinion its perfectly ok. So, if I come up with some sort of workaround solution for this I will post it.

丿*梦醉红颜 2024-07-19 09:59:36

如果您想运行计算机上已有的应用程序,您可以通过注册到注册表来完成,然后他们以 HTML 形式调用它,就像您发送电子邮件 (mailto) 一样。

因此,您只需要创建注册表:

using Microsoft.Win32;
using System;
using System.IO;
using System.Linq;

namespace WMConsole
{
    class Program
    {
        static void Main(string[] args)
        {
            Console.WriteLine("Listening..");

            //Gets the current location where the file is downloaded
            var loc = System.Reflection.Assembly.GetExecutingAssembly().Location;
            if (!Directory.Exists(@"D:\Console\"))
            {
                System.IO.Directory.CreateDirectory(@"D:\Console\");
            }
            //Creates the Downloaded file in the specified folder
            if (!File.Exists(@"D:\Console\" + loc.Split('\\').Last()))
            {
                File.Move(loc, @"D:\Console\" + loc.Split('\\').Last());
            }
            var KeyTest = Registry.CurrentUser.OpenSubKey("Software", true).OpenSubKey("Classes", true);
            RegistryKey key = KeyTest.CreateSubKey("alert");
            key.SetValue("URL Protocol", "wnPing");
            key.CreateSubKey(@"shell\open\command").SetValue("", @"D:\Console\WMConsole.exe %1");
        }        
    }
}

然后您可以通过以下方式在 HTML 中调用它:

<a href="alert:wmPing">Click to trigger</a>

这是有关它的完整文章:
https://www.codeproject.com/Articles/ 1168356/从网络应用程序运行 EXE

If you want to run application that you already have on the computer, you can do it via registering to the registry and them call it in HTML like you send email (mailto).

So, you just need to create registry:

using Microsoft.Win32;
using System;
using System.IO;
using System.Linq;

namespace WMConsole
{
    class Program
    {
        static void Main(string[] args)
        {
            Console.WriteLine("Listening..");

            //Gets the current location where the file is downloaded
            var loc = System.Reflection.Assembly.GetExecutingAssembly().Location;
            if (!Directory.Exists(@"D:\Console\"))
            {
                System.IO.Directory.CreateDirectory(@"D:\Console\");
            }
            //Creates the Downloaded file in the specified folder
            if (!File.Exists(@"D:\Console\" + loc.Split('\\').Last()))
            {
                File.Move(loc, @"D:\Console\" + loc.Split('\\').Last());
            }
            var KeyTest = Registry.CurrentUser.OpenSubKey("Software", true).OpenSubKey("Classes", true);
            RegistryKey key = KeyTest.CreateSubKey("alert");
            key.SetValue("URL Protocol", "wnPing");
            key.CreateSubKey(@"shell\open\command").SetValue("", @"D:\Console\WMConsole.exe %1");
        }        
    }
}

And then you can call it in HTML via:

<a href="alert:wmPing">Click to trigger</a>

Here is the full article about it:
https://www.codeproject.com/Articles/1168356/Run-an-EXE-from-Web-Application

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文