Safely disable the “Windows Security Warning” dialog for an ActiveX control
Today I needed to run an MFC application that makes use of an ActiveX control. When I ran the application the following error dialog box was displayed.
Screen shot of the ActiveX control Windows Security Warning dialog. The title of the dialog box is “Windows Security Warning.” The message displayed within the dialog box is as follows: An ActiveX control on this page might be unsafe to interact with other parts of the page. Do you want to allow this interaction? The dialog box has two buttons, Yes and No.
While I was able to use the application once I pressed the Yes button, there were several odd behaviors that I suspected might be related to this security related issue. Thus I embarked on a quest to disable the warning.
The Quest for the Holy Grail
I embarked upon my quest by asking the great and wise oracle known as Google for advice. I used the following Google query.
Google kindly suggested I consult the lesser oracle known as StackOverflow for advice: How to disable “ActiveX Control May Be Unsafe” popup. The lesser oracle known as StackOverflow suggested that all my problems could be solved if I changed two settings in the Internet Options dialog box of Internet Explorer.
- In the Security section of the Advanced page of the Internet Options dialog box thou must check the “Allow active content to run in files on My Computer” option.
- In the Security page of the Internet Options dialog box thou must modify the Internet Zone by pressing the Custom Level button and check the “Initialize and script ActiveX controls not marked as safe” option.
Upon hearing the second piece of advice given to me by the lesser oracle known as StackOverflow, the great and wise oracle known as Google issued the following ominous warning: Here be dragons!
So, how was I to solve this problem without inviting dragons into my kingdom to run amuck?
I asked the great and wise oracle known as Google another question. How to mark an ActiveX control safe for scripting?
Google suggested I consult the article How to mark MFC ActiveX controls as Safe for Scripting and Initialization.
At the bottom of this article I found the following very useful piece of information.
After compiling and registering your control, you should find the following entries in the registry:
HKEY_CLASSES_ROOT Categories{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT Categories{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT{“your controls GUID”} Categories{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT{“your controls GUID”} Categories{7DD95802-9882-11CF-9FA9-00AA006C42C4}
This of course led to a question. How do I determine the GUID for my control. Fortunately the application includes an HTML file that provided me with the information. The application uses an ActiveXObject named “SFTComServer.MathControl.” I searched the registry for that name and found that it is associated with the following GUID: {005C1FA1-FC7E-4FBB-8F12-15D410416F59}.
Thus I was able to solve my problems by enabling the “Allow active content to run in files on My Computer” option and using the following .REG file.
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{005C1FA1-FC7E-4FBB-8F12-15D410416F59}\Implemented Categories]
[HKEY_CLASSES_ROOT\CLSID\{005C1FA1-FC7E-4FBB-8F12-15D410416F59}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{005C1FA1-FC7E-4FBB-8F12-15D410416F59}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
@=""I am pleased to be able to report that my quest for the holy grail was a complete success and I did not have to invite dragons into my kingdom to run amuck.