当前位置: 文江博客话题详情

以编程方式将受信任的站点添加到 Internet Explorer

发布于 2024-07-23 01:23:17 字数 323 浏览 5 评论 0原文

我正在使用 WatiN 做一个 IE 自动化项目。

单击要下载的文件时,我会在 Internet Explorer 信息栏中看到以下内容:

为了帮助保护您的安全, Internet Explorer 已阻止此操作 网站向您下载文件 计算机。

为了下载报告,我可以手动将该站点添加到 Internet Explorer 的受信任站点列表中,但我更愿意在 .NET 中以编程方式检查该站点是否可信,如果不可信,则将其添加到列表中。

仅供参考,我目前使用的是 IE7。

原文

I'm doing an IE automation project using WatiN.

When a file to be downloaded is clicked, I get the following in the Internet Explorer Information bar:

To help protect your security,
Internet Explorer has blocked this
site from downloading files to you
computer.

In order to download the report, I can manually add the site to Internet Explorer's list of trusted sites, but I would prefer to check programmatically in .NET to see if the site is trusted and add it to the list if it is not.

FYI, I'm currently using IE7.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(7

慕烟庭风 2024-07-30 01:23:17

看看这个

基本上看起来好像所有您要做的就是在

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\DOMAINNAME

名为“http”的 REG_DWORD 值中创建注册表项,其值==2

Have a look at this

Basically it looks as if all you have to do is create registry key in

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\DOMAINNAME

then a REG_DWORD value named "http" with value==2

回复 原文
江挽川 2024-07-30 01:23:17

下面是我为在 .NET 中编写注册表项而提出的实现。

谢谢你给我指明了正确的方向,本。

using System;
using System.Collections.Generic;
using Microsoft.Win32;


namespace ReportManagement
{
    class ReportDownloader
    {
        [STAThread]
        static void Main(string[] args)
        {

            const string domainsKeyLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains";
            const string domain = @"newsite.com";
            const int trustedSiteZone = 0x2;

            var subdomains = new Dictionary<string, string>
                                 {
                                     {"www", "https"},
                                     {"www", "http"},
                                     {"blog", "https"},
                                     {"blog", "http"}
                                 };

            RegistryKey currentUserKey = Registry.CurrentUser;

            currentUserKey.GetOrCreateSubKey(domainsKeyLocation, domain, false);

            foreach (var subdomain in subdomains)
            {
                CreateSubdomainKeyAndValue(currentUserKey, domainsKeyLocation, domain, subdomain, trustedSiteZone);
            }

            //automation code
        }

        private static void CreateSubdomainKeyAndValue(RegistryKey currentUserKey, string domainsKeyLocation, 
            string domain, KeyValuePair<string, string> subdomain, int zone)
        {
            RegistryKey subdomainRegistryKey = currentUserKey.GetOrCreateSubKey(
                string.Format(@"{0}\{1}", domainsKeyLocation, domain), 
                subdomain.Key, true);

            object objSubDomainValue = subdomainRegistryKey.GetValue(subdomain.Value);

            if (objSubDomainValue == null || Convert.ToInt32(objSubDomainValue) != zone)
            {
                subdomainRegistryKey.SetValue(subdomain.Value, zone, RegistryValueKind.DWord);
            }
        }
    }

    public static class RegistryKeyExtensionMethods
    {
        public static RegistryKey GetOrCreateSubKey(this RegistryKey registryKey, string parentKeyLocation, 
            string key, bool writable)
        {
            string keyLocation = string.Format(@"{0}\{1}", parentKeyLocation, key);

            RegistryKey foundRegistryKey = registryKey.OpenSubKey(keyLocation, writable);

            return foundRegistryKey ?? registryKey.CreateSubKey(parentKeyLocation, key);
        }

        public static RegistryKey CreateSubKey(this RegistryKey registryKey, string parentKeyLocation, string key)
        {
            RegistryKey parentKey = registryKey.OpenSubKey(parentKeyLocation, true); //must be writable == true
            if (parentKey == null) { throw new NullReferenceException(string.Format("Missing parent key: {0}", parentKeyLocation)); }

            RegistryKey createdKey = parentKey.CreateSubKey(key);
            if (createdKey == null) { throw new Exception(string.Format("Key not created: {0}", key)); }

            return createdKey;
        }
    }
}

Here's the implementation that I came up with for writing the registry keys in .NET.

Thanks for setting me in the right direction, Ben.

using System;
using System.Collections.Generic;
using Microsoft.Win32;


namespace ReportManagement
{
    class ReportDownloader
    {
        [STAThread]
        static void Main(string[] args)
        {

            const string domainsKeyLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains";
            const string domain = @"newsite.com";
            const int trustedSiteZone = 0x2;

            var subdomains = new Dictionary<string, string>
                                 {
                                     {"www", "https"},
                                     {"www", "http"},
                                     {"blog", "https"},
                                     {"blog", "http"}
                                 };

            RegistryKey currentUserKey = Registry.CurrentUser;

            currentUserKey.GetOrCreateSubKey(domainsKeyLocation, domain, false);

            foreach (var subdomain in subdomains)
            {
                CreateSubdomainKeyAndValue(currentUserKey, domainsKeyLocation, domain, subdomain, trustedSiteZone);
            }

            //automation code
        }

        private static void CreateSubdomainKeyAndValue(RegistryKey currentUserKey, string domainsKeyLocation, 
            string domain, KeyValuePair<string, string> subdomain, int zone)
        {
            RegistryKey subdomainRegistryKey = currentUserKey.GetOrCreateSubKey(
                string.Format(@"{0}\{1}", domainsKeyLocation, domain), 
                subdomain.Key, true);

            object objSubDomainValue = subdomainRegistryKey.GetValue(subdomain.Value);

            if (objSubDomainValue == null || Convert.ToInt32(objSubDomainValue) != zone)
            {
                subdomainRegistryKey.SetValue(subdomain.Value, zone, RegistryValueKind.DWord);
            }
        }
    }

    public static class RegistryKeyExtensionMethods
    {
        public static RegistryKey GetOrCreateSubKey(this RegistryKey registryKey, string parentKeyLocation, 
            string key, bool writable)
        {
            string keyLocation = string.Format(@"{0}\{1}", parentKeyLocation, key);

            RegistryKey foundRegistryKey = registryKey.OpenSubKey(keyLocation, writable);

            return foundRegistryKey ?? registryKey.CreateSubKey(parentKeyLocation, key);
        }

        public static RegistryKey CreateSubKey(this RegistryKey registryKey, string parentKeyLocation, string key)
        {
            RegistryKey parentKey = registryKey.OpenSubKey(parentKeyLocation, true); //must be writable == true
            if (parentKey == null) { throw new NullReferenceException(string.Format("Missing parent key: {0}", parentKeyLocation)); }

            RegistryKey createdKey = parentKey.CreateSubKey(key);
            if (createdKey == null) { throw new Exception(string.Format("Key not created: {0}", key)); }

            return createdKey;
        }
    }
}
回复 原文
假面具 2024-07-30 01:23:17

很高兴看到你的帖子。 我唯一可以添加到已经做出的出色贡献中的是,只要 URI 包含 IP 地址(即该地址不是完全限定的域名),就会使用不同的注册表项。

在这种情况下,您必须使用替代方法:

假设我希望将 IP 地址添加到受信任的站点:比如说 10.0.1.13,我不在乎什么协议。

在 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges 下,我创建一个键,例如“Range1”,并在内部创建以下值:

名称为“*”且值为 0x2 的 DWORD(对于所有协议 (*) 和可信站点 (2))
名称为“:Range”、值为“10.0.1.13”的字符串

Glad I came across your postings. The only thing I can add to the excellent contributions already is that a different registry key is used whenever the URI contains an IP address i.e. the address isn't a fully qualified domain name.

In this instance you have to use an alternative approach:

Imagine I wish to add an IP address to the trusted sites: say 10.0.1.13 and I don't care what protocol.

Under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges, I create a key e.g. "Range1" and the inside that create the following values:

A DWORD with name "*" and value 0x2 (for all protocols(*) and trusted site(2))
A string with name ":Range" with value "10.0.1.13"

回复 原文
日久见人心 2024-07-30 01:23:17

使用 powershell 非常简单。

#Setting IExplorer settings
Write-Verbose "Now configuring IE"
#Add http://website.com as a trusted Site/Domain
#Navigate to the domains folder in the registry
set-location "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
set-location ZoneMap\Domains

#Create a new folder with the website name
new-item website/ -Force
set-location website/
new-itemproperty . -Name * -Value 2 -Type DWORD -Force
new-itemproperty . -Name http -Value 2 -Type DWORD -Force
new-itemproperty . -Name https -Value 2 -Type DWORD -Force

Using powershell it is quite easy.

#Setting IExplorer settings
Write-Verbose "Now configuring IE"
#Add http://website.com as a trusted Site/Domain
#Navigate to the domains folder in the registry
set-location "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
set-location ZoneMap\Domains

#Create a new folder with the website name
new-item website/ -Force
set-location website/
new-itemproperty . -Name * -Value 2 -Type DWORD -Force
new-itemproperty . -Name http -Value 2 -Type DWORD -Force
new-itemproperty . -Name https -Value 2 -Type DWORD -Force
回复 原文
树深时见影 2024-07-30 01:23:17

除了将域添加到受信任的站点列表之外,您可能还需要更改设置“自动提示文件下载” ” 对于受信任的站点区域。 要以编程方式执行此操作,您可以修改键/值:

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
设置\区域\2@2200

将值从 3(禁用)更改为 0(启用)。 下面是一些用于执行此操作的 C# 代码:

public void DisableForTrustedSitesZone()
{
    const string ZonesLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones";
    const int TrustedSiteZone = 2;

    const string AutoPromptForFileDownloadsValueName = @"2200";
    const int AutoPromptForFileDownloadsValueEnable = 0x00;     // Bypass security bar prompt

    using (RegistryKey currentUserKey = Registry.CurrentUser)
    {
        RegistryKey trustedSiteZoneKey = currentUserKey.OpenSubKey(string.Format(@"{0}\{1:d}", ZonesLocation, TrustedSiteZone), true);
        trustedSiteZoneKey.SetValue(AutoPromptForFileDownloadsValueName, AutoPromptForFileDownloadsValueEnable, RegistryValueKind.DWord);
    }
}

In addition to adding the domain to the Trusted Sites list, you may also need to change the setting "Automatically prompt for file downloads" for the Trusted Sites zone. To do so programatically, you modify the key/value:

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\2@2200

Change the value from 3 (Disable) to 0 (Enable). Here's some C# code to do that:

public void DisableForTrustedSitesZone()
{
    const string ZonesLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones";
    const int TrustedSiteZone = 2;

    const string AutoPromptForFileDownloadsValueName = @"2200";
    const int AutoPromptForFileDownloadsValueEnable = 0x00;     // Bypass security bar prompt

    using (RegistryKey currentUserKey = Registry.CurrentUser)
    {
        RegistryKey trustedSiteZoneKey = currentUserKey.OpenSubKey(string.Format(@"{0}\{1:d}", ZonesLocation, TrustedSiteZone), true);
        trustedSiteZoneKey.SetValue(AutoPromptForFileDownloadsValueName, AutoPromptForFileDownloadsValueEnable, RegistryValueKind.DWord);
    }
}
回复 原文
为人所爱 2024-07-30 01:23:17

下面是以编程方式向 IE 添加受信任站点的实现 - 基于 Even Mien 的代码。 它还支持域名和IP地址。 限制是无法定义特定协议,而是简单地对所有协议使用“*”。

//  Source : http://support.microsoft.com/kb/182569
static class IeTrustedSite
{
    const string DOMAINS_KEY = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains";
    const string RANGES_KEY = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges";

    const int TRUSTED_SITE_CODE = 0x2;
    const string ALL_PROTOCOL = "*";
    const string RANGE_ADDRESS = ":Range";

    public static void AddSite(string address)
    {
        string[] segmentList = address.Split(new string[] {"."}, StringSplitOptions.None);
        if (segmentList.Length == 4)
            AddIpAddress(segmentList);
        else
            AddDomainName(segmentList);
    }

    static void AddIpAddress(string[] segmentList)
    {
        string ipAddress = segmentList[0] + "." + segmentList[1] + "." + segmentList[2] + "." + segmentList[3];
        RegistryKey rangeKey = GetRangeKey(ipAddress);

        rangeKey.SetValue(ALL_PROTOCOL, TRUSTED_SITE_CODE, RegistryValueKind.DWord);
        rangeKey.SetValue(RANGE_ADDRESS, ipAddress, RegistryValueKind.String);
    }

    static RegistryKey GetRangeKey(string ipAddress)
    {
        RegistryKey currentUserKey = Registry.CurrentUser;
        for (int i = 1; i < int.MaxValue; i++)
        {
            RegistryKey rangeKey = currentUserKey.GetOrCreateSubKey(RANGES_KEY, "Range" + i.ToString());

            object addressValue = rangeKey.GetValue(RANGE_ADDRESS);
            if (addressValue == null)
            {
                return rangeKey;
            }
            else
            {
                if (Convert.ToString(addressValue) == ipAddress)
                    return rangeKey;
            }
        }
        throw new Exception("No range slot can be used.");
    }

    static void AddDomainName(string[] segmentList)
    {
        if (segmentList.Length == 2)
        {
            AddTwoSegmentDomainName(segmentList);
        }
        else if (segmentList.Length == 3)
        {
            AddThreeSegmentDomainName(segmentList);
        }
        else
        {
            throw new Exception("Un-supported server address.");
        }
    }

    static void AddTwoSegmentDomainName(string[] segmentList)
    {
        RegistryKey currentUserKey = Registry.CurrentUser;

        string domain = segmentList[0] + "." + segmentList[1];
        RegistryKey trustedSiteKey = currentUserKey.GetOrCreateSubKey(DOMAINS_KEY, domain);

        SetDomainNameValue(trustedSiteKey);
    }

    static void AddThreeSegmentDomainName(string[] segmentList)
    {
        RegistryKey currentUserKey = Registry.CurrentUser;

        string domain = segmentList[1] + "." + segmentList[2];
        currentUserKey.GetOrCreateSubKey(DOMAINS_KEY, domain);

        string serviceName = segmentList[0];
        RegistryKey trustedSiteKey = currentUserKey.GetOrCreateSubKey(DOMAINS_KEY + @"\" + domain, serviceName);

        SetDomainNameValue(trustedSiteKey);
    }

    static void SetDomainNameValue(RegistryKey subDomainRegistryKey)
    {
        object securityValue = subDomainRegistryKey.GetValue(ALL_PROTOCOL);
        if (securityValue == null || Convert.ToInt32(securityValue) != TRUSTED_SITE_CODE)
        {
            subDomainRegistryKey.SetValue(ALL_PROTOCOL, TRUSTED_SITE_CODE, RegistryValueKind.DWord);
        }
    }
}

static class RegistryKeyExtension
{
    public static RegistryKey GetOrCreateSubKey(this RegistryKey registryKey, string parentString, string subString)
    {
        RegistryKey subKey = registryKey.OpenSubKey(parentString + @"\" + subString, true);
        if (subKey == null)
            subKey = registryKey.CreateSubKey(parentString, subString);

        return subKey;
    }

    public static RegistryKey CreateSubKey(this RegistryKey registryKey, string parentString, string subString)
    {
        RegistryKey parentKey = registryKey.OpenSubKey(parentString, true);
        if (parentKey == null)
            throw new Exception("BUG : parent key " + parentString + " is not exist."); 

        return parentKey.CreateSubKey(subString);
    }
}

Here is the implementation of adding trusted sites programmatically to IE - based on Even Mien's code. It supports domain name and IP address as well. The limitation is no specific protocol could be defined, instead it simply uses "*" for all protocols.

//  Source : http://support.microsoft.com/kb/182569
static class IeTrustedSite
{
    const string DOMAINS_KEY = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains";
    const string RANGES_KEY = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges";

    const int TRUSTED_SITE_CODE = 0x2;
    const string ALL_PROTOCOL = "*";
    const string RANGE_ADDRESS = ":Range";

    public static void AddSite(string address)
    {
        string[] segmentList = address.Split(new string[] {"."}, StringSplitOptions.None);
        if (segmentList.Length == 4)
            AddIpAddress(segmentList);
        else
            AddDomainName(segmentList);
    }

    static void AddIpAddress(string[] segmentList)
    {
        string ipAddress = segmentList[0] + "." + segmentList[1] + "." + segmentList[2] + "." + segmentList[3];
        RegistryKey rangeKey = GetRangeKey(ipAddress);

        rangeKey.SetValue(ALL_PROTOCOL, TRUSTED_SITE_CODE, RegistryValueKind.DWord);
        rangeKey.SetValue(RANGE_ADDRESS, ipAddress, RegistryValueKind.String);
    }

    static RegistryKey GetRangeKey(string ipAddress)
    {
        RegistryKey currentUserKey = Registry.CurrentUser;
        for (int i = 1; i < int.MaxValue; i++)
        {
            RegistryKey rangeKey = currentUserKey.GetOrCreateSubKey(RANGES_KEY, "Range" + i.ToString());

            object addressValue = rangeKey.GetValue(RANGE_ADDRESS);
            if (addressValue == null)
            {
                return rangeKey;
            }
            else
            {
                if (Convert.ToString(addressValue) == ipAddress)
                    return rangeKey;
            }
        }
        throw new Exception("No range slot can be used.");
    }

    static void AddDomainName(string[] segmentList)
    {
        if (segmentList.Length == 2)
        {
            AddTwoSegmentDomainName(segmentList);
        }
        else if (segmentList.Length == 3)
        {
            AddThreeSegmentDomainName(segmentList);
        }
        else
        {
            throw new Exception("Un-supported server address.");
        }
    }

    static void AddTwoSegmentDomainName(string[] segmentList)
    {
        RegistryKey currentUserKey = Registry.CurrentUser;

        string domain = segmentList[0] + "." + segmentList[1];
        RegistryKey trustedSiteKey = currentUserKey.GetOrCreateSubKey(DOMAINS_KEY, domain);

        SetDomainNameValue(trustedSiteKey);
    }

    static void AddThreeSegmentDomainName(string[] segmentList)
    {
        RegistryKey currentUserKey = Registry.CurrentUser;

        string domain = segmentList[1] + "." + segmentList[2];
        currentUserKey.GetOrCreateSubKey(DOMAINS_KEY, domain);

        string serviceName = segmentList[0];
        RegistryKey trustedSiteKey = currentUserKey.GetOrCreateSubKey(DOMAINS_KEY + @"\" + domain, serviceName);

        SetDomainNameValue(trustedSiteKey);
    }

    static void SetDomainNameValue(RegistryKey subDomainRegistryKey)
    {
        object securityValue = subDomainRegistryKey.GetValue(ALL_PROTOCOL);
        if (securityValue == null || Convert.ToInt32(securityValue) != TRUSTED_SITE_CODE)
        {
            subDomainRegistryKey.SetValue(ALL_PROTOCOL, TRUSTED_SITE_CODE, RegistryValueKind.DWord);
        }
    }
}

static class RegistryKeyExtension
{
    public static RegistryKey GetOrCreateSubKey(this RegistryKey registryKey, string parentString, string subString)
    {
        RegistryKey subKey = registryKey.OpenSubKey(parentString + @"\" + subString, true);
        if (subKey == null)
            subKey = registryKey.CreateSubKey(parentString, subString);

        return subKey;
    }

    public static RegistryKey CreateSubKey(this RegistryKey registryKey, string parentString, string subString)
    {
        RegistryKey parentKey = registryKey.OpenSubKey(parentString, true);
        if (parentKey == null)
            throw new Exception("BUG : parent key " + parentString + " is not exist."); 

        return parentKey.CreateSubKey(subString);
    }
}
回复 原文
↘人皮目录ツ 2024-07-30 01:23:17

如果一个网站可以将自己添加到受信任的站点中,那将是很糟糕的。

我不太同意 - 只要浏览器请求用户许可,站点将自身添加到受信任站点的能力就可以极大地简化用户体验,用户信任该域并且想要正确的页面显示。

另一种方法是用户必须手动进入互联网选项来添加域,这对于我的用户来说是不可行的。

我正在寻找一种 php 或 javascript 方法来让网站添加自身,可以通过一些 IE api,也可以通过注册表,正如您上面所解释的那样!

到目前为止已经找到了这些可能的解决方案:

  • php via shell
  • 其他我不是允许在这里列出,因为我没有足够的积分

If a website could add itself to the trusted sites, now that would be bad.

I don't quite agree- as long as the browser asks the user for permission, the ability of a site to add itself to trusted sites can greatly simplify the user experience, where the user trusts the domain and wants correct page display.

The alternative is the user must manually go into internet options to add the domain, which is, for my users, not viable.

i'm looking for a php or javascript method for the site to add itself, either through some IE api, or through the registry as you've so helpfully explained above!

have found these possible solutions so far:

  • php via shell
  • others i'm not allowed to list here because i don't have enough points
回复 原文
~没有更多了~

关于作者

仙气飘飘

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

不再见

文章 0 评论 0

真是无聊啊

文章 0 评论 0

樱娆

文章 0 评论 0

浅语花开

文章 0 评论 0

烛光

文章 0 评论 0

绻影浮沉

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文