There is a HTML resource defined
IDR_HTML_HTMLDISPLAYDIALOG HTML "res\\HTMLDisplayDialog.htm"
This HTML resource is loaded into a CDHtmlDialog.
As a part of tightening the security to our products, the base product uses LOAD_LIBRARY_AS_DATAFILE flag.
Because of this change, the resource is not loaded and the dialog hangs/crashes. Is there a way to securely get the URL to the resource in some other manner?
Related
This is a question on roles and rights security restriction on the General Link field type.
The general link field displays an Edit Link button on Page Editor and on click of the button, a general link form opens up with options to set up Internal Link, Media Link, External Link, Anchor, Mail and Javascript.
I want to hide/disable the Anchor and Javascript links for certain roles via Security Restrictions using Security Editor in Sitecore.
If I go to the Core Database and deny Read access to item at path:
sitecore/system/Field types/LinkTypes/General Link/Menu/Anchor
it hides the Anchor item for General Link field in Content Editor but not in Page Editor.
Is there a way to do hide it in Page Editor mode?
Unfortunately, in Sitecore 7 (not sure about 8), these options are hard-coded into the dialog and do not pull from Sitecore items, so you will not be able to apply security as you normally would. As I see it, that leaves you with two options:
Override the dialog's default behavior by pointing to your own implementation.
Disable the options for all users by commenting out the Anchor and JavaScript sections of the following file. Place the modified file in the \sitecore\shell\Override folder.
<webroot>\sitecore\shell\Applications\Dialogs\GeneralLink\GeneralLink.xml
I am using Microsoft's Web Browser ActiveX control in an MFC application.
I want to be able to change the default MIME handler for PDF.
https://msdn.microsoft.com/en-us/library/ie/ms775148(v=vs.85).aspx
It appears to me that web browser control must use the registry based file type association
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/pdf
I want to be able to set web browser control to use the pdf application
I tell it to use at runtime, rather than using the system registered default.
I cannot find any API that will allow me to do this. Is it possible?
I initially proposed in the comments to create an Asynchronous Pluggable Protocol handler to customize the player for this MIME type, but I think there might be an easier approach.
You might be able to redirect the HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/pdf registry key to your own custom version (per-process) with RegOverridePredefKey API, as explained here.
I have a template called Classified Image which inherited from /sitecore/templates/System/Media/Versioned/File template. There are some items created from Classified Image template and each item contains an image in the Media field which is coming from /sitecore/templates/System/Media/Versioned/File template.
There are some Sitecore users without adminstrator privileges(admin testers) who simply wants to download that saved image in the classified image item. But I couldn't find a way to enable only this download option
for admin tester users so I had to give access to whole item by setting template standard values security. But the problem is even for downloading they have to acquire a lock by selecting "Lock and Edit" and later release that lock so other admin tester users won't be denied the acccess for that item.
Is there a simpler way I can configure this so this admin tester users will be able to download the image without acquiring any locks.
After navigating to the media item, have the user navigate to the Media tab and try the Download button there - this is illustrated by the screenshot below. If that doesn't work out you could implement a custom toolbar button that uses the Sitecore.SecurityModel.SecurityDisabler to allow downloads for otherwise unprivileged users
Note: This screenshot is from Sitecore 6.4.1
I am using CDHTMLDialog from MFC to get Click notifications from HTML Element in Web pages. However I am not getting any notification, if the Webpage has Frameset Tags. Please let me know the steps on how to get notifications.
Thanks,
Edwin.
The MFC DHTML event macros are not designed for elements inside frames. The MFC implementation only look for elements in the top level document.
Hook up the event sink manually with the MFC source as a reference. See Handling HTML Element Events and How to get the WebBrowser object model of an HTML frame
How can I launch a URL in a NEW window using C++ (Windows only)?
The straight-forward approach seems to open a new tab in an existing browser window. (Or, if tabbed browsing is disabled, the new URL hijacks the existing browser window).
This is for a (large) desktop app, using MFC and Qt.
I've used this for showing locally generated html in the default browser, in my case filename is something like "c:\temp\page.html", perhaps replacing filename with the URL might work??
ShellExecute(NULL,"open",filename,NULL,NULL,SW_SHOWNORMAL);
Updated:
http://support.microsoft.com/kb/224816
How ShellExecute Determines Whether to Start a New Instance
When ShellExecute looks through the registry, it looks for the shell\open subkey. If the shell\open\ddeexec key is defined, then a Dynamic Data Exchange (DDE) message with the specified application IExplore and the topic WWW_OpenURL is broadcast to all top-level windows on the desktop. The first application to respond to this message is the application that goes to the requested URL. If no application responds to this DDE message, then ShellExecute uses the information that is contained in the shell\open\command subkey to start the application. It then re-broadcasts the DDE message to go to the requested URL.
So it looks like you have no control over opening a new window. Whatever browser currently running can handle opening it in whatever way they want.
This is controlled by windows. The only way to explicitly tell it to open in a new browser window is to spawn the browser explicitly and give it the url.
Here's a link to some code that will open a URL in a new browser. The code looks up the default application for handling an HTML document and then explicitly opens that application with a ShellExecute call.
You can't in general. The user's browser is free to do whatever the user wants it to do.
One way to achieve your desired effect might be to embed a particular browser in a window of your own (say, the IE ActiveX control) and have that render your URL.