DOCUMENT:Q221541 13-JAN-2001 [vbwin] TITLE :FIX: Failed to Mark Safe for Scripting Using Visual Basic PDW PRODUCT :Microsoft Visual Basic for Windows PROD/VER:WINDOWS:6.0 OPER/SYS: KEYWORDS:kbservicepack kbActiveDocs kbActiveX kbCtrlCreate kbSDKInet100 kbVBp600bug kbSBNWorksho ====================================================================== ------------------------------------------------------------------------------- The information in this article applies to: - Microsoft Visual Basic Learning Edition for Windows, version 6.0, on platform(s): - the operating system: Microsoft Windows 95 - the operating system: Microsoft Windows 98 - Microsoft Visual Basic Professional Edition for Windows, version 6.0, on platform(s): - the operating system: Microsoft Windows 95 - the operating system: Microsoft Windows 98 - Microsoft Visual Basic Enterprise Edition for Windows, version 6.0, on platform(s): - the operating system: Microsoft Windows 95 - the operating system: Microsoft Windows 98 ------------------------------------------------------------------------------- SYMPTOMS ======== When an ActiveX control is marked as Safe for Scripting and Safe for Initialization when packaging it using the Package and Deployment Wizard (PDW), depending on your security settings for unsafe controls, Internet Explorer may still identify the ActiveX control as unsafe, or it may display an "Object Required" error. CAUSE ===== The ActiveX control is not marked as Safe for Scripting and Safe for Initialization in spite of choosing these options when packaging the control using the Visual Basic 6.0 Package and Deployment Wizard. This is because the [AddToRegistry] section is missing from the INF file generated by the Visual Basic 6.0 PDW, and this section usually contains the registry entries that mark the controls as safe. RESOLUTION ========== You can manually add the [AddToRegistry] section in your INF file by following the steps listed below. 1. Create your ActiveX Control. 2. Package your control using the Package and Deployment Wizard. 3. Before you deploy the package, go to the folder for that package in Windows Explorer 4. There should be a support directory under that package. Open the Xxx.inf file under this Support directory with Notepad. 5. Paste the following code at the end of the file. [AddToRegistry] HKLM,"SOFTWARE\Classes\CLSID\{04CD5348-D028-11D2-82A6-00C04FB9D847}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}" HKLM,"SOFTWARE\Classes\CLSID\{04CD5348-D028-11D2-82A6-00C04FB9D847}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}" 6. Save the file with the same name. 7. Run the .bat file in the Support folder, which is created by the PDW. This bat file will re-create your .cab file with the new changes. 8. Now you can use the PDW to deploy the package to the appropriate Web server location. The preferred method for marking a control as safe is to implement the IObjectSafety interface. For information on implementing theIObjectSafety Interface, please see the following: Q182598 HOWTO: Implement IObjectSafety in Visual Basic Controls http://msdn.microsoft.com/vbasic/downloads/download.asp?ID=030 STATUS ====== Microsoft has confirmed this to be a bug in the Microsoft products listed at the beginning of this article. This bug was corrected in Visual Studio 6.0 Service Pack 3. For more information about Visual Studio 6.0 Service Packs, please see the following articles in the Microsoft Knowledge Base: Q194022 INFO: Visual Studio 6.0 Service Packs, What, Where, Why Q194295 HOWTO: Tell That Visual Studio 6.0 Service Packs Are Installed MORE INFORMATION ================ Steps to Reproduce Behavior --------------------------- 1. Create a simple ActiveX Control with at least one method or property. 2. Package it using PDW with the Internet Package option. 3. Set it as Safe for Scripting and Safe for Initialization in the PDW. 4. Deploy the Package to Web Server using the PDW. 5. From the Tools menu, click Internet Options. Click the Security tab. Change the following settings: - Enable - download unsigned ActiveX Controls - Enable - initialize and script ActiveX control mark for safe - Prompt - initialize and script ActiveX control not mark for safe 6. Insert your control in your HTML page with an Object tag and set the codebase point to your .cab file. Script your control by setting/getting the property or calling its methods in the window onload event 7. From your client browser, navigate to your HTML page. 8. You will be prompted with the message that the control is not safe for scripting and initialization even though your security settings are set to enable for scriting and initialization safe controls. This shows that your control has not been marked safe as expected. Steps to Reproduce Behavior --------------------------- REFERENCES ========== For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base: Q169438 PRB: ActiveX Control Does Not Display Correctly on Web Page Q159923 HOWTO: Using Licensed ActiveX Controls in Internet Explorer Q172991 INFO: CAB Files Distributed with Visual Basic 5.0 Q193366 INFO: CAB Files Distributed with Visual Basic 6.0 For more information on developing Web-based solutions for Internet Explorer, please see the following Web sites: http://msdn.microsoft.com/workshop/entry.asp http://msdn.microsoft.com/ie/ http://support.microsoft.com/highlights/iep.asp?FR=0&SD=MSDN (c) Microsoft Corporation 1999, All Rights Reserved. Contributions by Joshua Lee, Microsoft Corporation. Additional query words: ocx ActiveX Safe Security download ====================================================================== Keywords : kbservicepack kbActiveDocs kbActiveX kbCtrlCreate kbSDKInet100 kbVBp600bug kbSBNWorkshop kbGrpDSInet kbVS600sp3fix Technology : kbVBSearch kbAudDeveloper kbZNotKeyword6 kbZNotKeyword2 Version : WINDOWS:6.0 Issue type : kbbug Solution Type : kbfix ============================================================================= THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. Copyright Microsoft Corporation 2001.