Hi Kim, > I'd be especially careful with enabling ActiveX > controls willy-nilly, that's a spyware disaster > waiting to happen. At least set it to prompt, > so you know when a page is trying to use external > code.
Question: What's the consensus for creating a method of the dqsdtools object that provides the ability to create activex objects in the same manner as CreateObject(sObject)? This has the potential to be a one-off security issue if the user is convinced to install a malicious script or someone gains direct access to the system. It's not directly a threat in and of itself, however. This would allow our developers and search authors to avoid annoying 'alert' security concerns which can cause searches which would otherwise run without problems to function properly. Comx and rssx are example scripts which would, on occasion, raise object warning dialogs when the object was created directly with CreateActiveXObject(), but not through dqsdtools.createobject() or similar. Regards, Shawn K. Hall http://ReliableAnswers.com/ '// ======================================================== "Experience should teach us to be most on our guard to protect liberty when the government's purposes are beneficent ... the greatest dangers to liberty lurk in insidious encroachment by men of zeal, well meaning but without understanding." -- Justice Louis Brandeis Olmstead vs. United States United States supreme Court, 1928 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ To unsubscribe visit: https://lists.sourceforge.net/lists/listinfo/dqsd-users [EMAIL PROTECTED] http://sourceforge.net/mailarchive/forum.php?forum_id=8601
