安装 SP3 与 SP3 集成,默认安全设置有何区别?
Lotus Notes 安装 Domino 7x 最终尝试启动 IBM SameTime 7.5.1 聊天客户端,但在某些计算机上失败。
具体来说,它在安装了 SP3 的 Windows XP 计算机上失败,而随后安装了 SP3 的 Windows XP 计算机却可以正常工作。
通过调整 Internet Explorer 中与活动内容相关的高级设置,可以暂时解决此问题:
[ ] Allow active content from CDs to run on My Computer
设置 [x] 使整个事情正常工作,将其删除(这是默认设置),使它不起作用。 但正如我所说,此设置在后来安装了 SP3 的计算机上被禁用,但它仍然可以工作。
这不是一个可接受的解决方案,因此我们需要找出其根本原因。
所发生的情况是,作为初始化过程的一部分,Lotus Notes 下载一个小网页。 该网页包含 javascript,它只是运行 window.open,并使用指向 SameTime 服务器的 url(包括会话 ID 等)。
如果我获取此 url,并将其粘贴到 Notes 中的地址栏中,一切都会按预期运行。
因此,我认为问题在某种程度上与 Notes 根本不允许脚本运行有关。
进程监视器显示,下载网页后,Notes 不会对该服务器执行任何类型的网络查询(我可以看到它写入磁盘的位置),因此我认为问题出在 javascript 处理上。
那么问题来了:
- 有谁知道安装 SP3 和滑流 SP3 之间有任何具体的安全差异,这可能会影响这一点吗?
- 有没有人有任何其他想法,我们可以具体尝试在机器上进行调整以使其正常工作?
A Lotus Notes installation, Domino 7x, which ends up trying to start a IBM SameTime 7.5.1 chat client, fails on some machines.
Specifically, it fails on Windows XP machines that has SP3 slipstreamed, whereas Windows XP machines which has had SP3 installed afterwards, works fine.
The problem can be worked around temporarily by adjusting the advanced settings in Internet Explorer, related to Active Content:
[ ] Allow active content from CDs to run on My Computer
Setting that [x] there makes the whole thing work, removing it (which is the default setting), makes it not work. But as I said, this setting is disabled on the machines that had SP3 installed afterwards, and it works there.
This isn't an acceptable solution, so we need to figure out the root cause of this.
What happens is that as part of the initialization process, Lotus Notes downloads a small web page. This web page contains javascript, that simply runs window.open with an url that points to the SameTime server, including session id, etc.
If I take this url, and pastes it into the address bar in Notes, everything works exactly as expected.
As such, I believe that the problem is somehow related to Notes not allowing the script to run at all.
Process Monitor shows that Notes does not do any sort of network query against that server after the web page was downloaded (I can see the point where it is written to disk), so I believe the problem is with the javascript handling.
So, the questions:
- Does anyone know of any specific security differences between installing SP3, and slipstreaming SP3, that could impact this?
- Does anyone have any other ideas for what specifically we can try to adjust on the machine in order to get this working?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论