My WinForms project involves a C# web browser control - and I am getting the dreaded scripting error (like this image, different error though) when I visit different webpages:
I have read, and done, all the stuff about updating the browser emulation mode from IE7 to IE9 (or 11) in the windows registry (a la this stuff Use latest version of Internet Explorer in the webbrowser control) and the error still persists.
Now this is really frustrating due to the fact the the web page I am visiting works fine in IE itself, it is just my embedded one that has the error.
In desperation, I renamed my generated exe file "iexplore.exe" and bingo, the app works, with no scripting errors.
So this tells me there must be other settings in the registry or somewhere that cause this error, if anyone knows what these are I'd be most grateful if you could share them please!
N.B. I don't want to suppress the errors, I want to run the script.
Set the WebBrowser.ScriptErrorsSuppressed property to true disable the alerts for errors. Documentation here.
You can also change the IE version used by your WebBrowser as seen here, though I recommend doing this in the installer as editing the registry requires admin permissions.
I would also recommend navigating to http://detectmybrowser.com/ from your WinForms browser to make sure that the changes you made to your registry are correct.
Related
I have a very strange situation here with CEF Sharp x86 (67 with latest cef.redist 3.3497.1841), but originally reported with v49. It's very crazy, so I'm just looking, maybe somebody have stumbled upon anything similar. We host WPF ChromiumWebBrowser inside WinForms UserControl (via ElementHost) and it's running inside 3rd party application, with which it does not interact in any way (so it's a plugin to this host application). For about 100 or so users everything is ok, but for a single person this happens: webpage loads and displays correctly, but the ChromiumWebBrowser.IsBrowserInitialized flag is always false.
Now, by 'user' I don't mean Windows account, just a user in totally unrelated 3rd party application, logging-in against 3rd party userid/password verification - unrelated to any windows settings. So as crazy as it sounds we've tried it on multiple computers on multiple windows accounts, using different user ids for the application, and the result is still the same - for this one userid there is a problem, for others - all ok.
I wonder if anyone has had such crazy experience with CEF. I'm betting on some bug in .NET layer, as the actual browser works fine - webpage is rendered, you can browse normally. Also this has sth to do with CEF run as plugin to this exact 3rd party app - if I run a test winform app with same setup - user control -> element host -> WPF ChromiumWebBrowser, all is ok. CEF log is not much help, no errors other than in OK situation.
I'm not attaching any code or logs, I don't think it'd be helpful in this case. Just for more background the plugin has been around for almost 3 years with not a single bug reported, except this case. Just to make it clear - I need this flag to be true to be able to inject JS calls into the plugin.
Ok, so it turned out to be a case of opening 2 instances of browser within single process. One browser window was initializing and working fine, second was was displaying page, but reporting 'not initialized'. It became clear only when I went to customer and actually saw the scenario, because they did not report that they opened 2nd instance. I this case, they don't need 2nd instance, so that was the fix, maybe there is an error I our code, I'll follow up this issue once we do more through analysis.
I'm at the point of giving up.
I need to view pdfs in my Winforms application, so I've tried using Adobe's ActiveX control, and the vanilla WebBrowser control. The pdfs are local, and can be opened from Explorer with no problems at all.
The weird thing is that the application views the pdfs fine when running in Visual Studio, but the built application simply shows a grey area where the pdf is supposed to be. The exact same thing happens with both the Adobe control and the WebBrowser control. After a while, I usually get an Adobe error saying There is a problem with Adobe Acrobat/Reader. If it is running, please exit and try again. (103:103). I've looked this error up, which advised me to do things that didn't work (turning off a security setting).
Moreover, if the WebBrowser control is called with a .Navigate(path, true), the application opens an IE window that displays the pdf just fine.
I've tried running as administrator, which makes no difference. I'm at wits' end, so any help would be greatly appreciated. Maybe going for a 3rd party control?
Some further detail: I tried both Adobe 11 and Adobe DC, on Windows 10 and 8.1 VMs, .Net 4.6. Only a Win7 VM seems to work fine.
I solved this by building to x86 targets. Apparently AcroPDF.dll doesn't support x64. Of course, the error messages weren't at all helpful.
My previous answer was incorrect. The real issue is Adobe's Protected Startup mode. This has to be turned off for the application to use the viewer directly without problems.
I've looked through several similar questions on SO but haven't found something quite like what I need, so my question is this:
I want to take a screenshot (thumbnail) of a URL after the user provides one. I was going to use Awesomium because they provide a fairly simple solution for screengrabs. Unfortunately, Awesomium won't compile in an x64 application, and since I'm building this with ASP.NET for Windows Azure, I can't switch to x86.
So I'm left with a less-elegant solution, using Windows.Forms WebBrowser to load the url and take the screenshot (as shown here: http://www.codeproject.com/Articles/95439/Get-ASP-NET-C-2-0-Website-Thumbnail-Screenshot ).
Ugly, I know, but it works with most pages (there is the occasional white screenshot), but now I'm concerned with security.
If the user inputs a malicious URL and the WebBrowser loads it, what is to stop it from running harmful code and downloading a virus to the server where the app is hosted?
There are several services and websites that offer similar functionality, albeit with different approaches, but the core idea is the same: the site must open up the URL and render the page in order to grab the screenshot. So what kind of measures would one expect them to take to thwart viruses and malicious URLs?
The biggest threat to your application would be client script executing in your browser control (i.e. JavaScript and client-side VBScript). It appears it is not possible to disable JavaScript programmatically in the WebBrowser object:
VB.NET WebBrowser disable javascript
Disable javascript in
WinForms WebBrowser control?
Stripping <script> tags in the first question's first answer is not the way to go for security, as there are so many other ways script can get inserted.
Changing window.alert in the second answer won't work as it needs the page to load fully first, and it is possible for script to execute before then. Also, this would only stop the alert function and not prevent script code in any other way.
Changing the registry settings as suggested in this answer may be the way to go, but this appears to be the same as changing Internet Explorer settings to high security for the internet zone (or selecting custom and disabling Active Scripting). If you are always in control of the machine where your app is loaded from, then manually disabling scripting in Internet Explorer options could be a viable solution.
Most client-side internet threats such as drive-by downloads involve script in some way, so this approach will go a long way in protecting your app.
However, there are other exploits such as the Windows Metafile vulnerability that can harm a client machine.
Viewing a website in a web browser that automatically opens WMF files, in which case any potential malicious code may be automatically downloaded and opened. Internet Explorer, the default Web browser for all versions of Microsoft Windows since 1996, does this.
However, making sure your machines are patched with the latest Windows Updates will secure you against threats like these. This will leave zero-day attacks against Internet Explorer or the WebBrowser object, which you will not be able to do much about. I would suggest running your app on an isolated machine (or VM) which would then upload the screenshot to another server (e.g. via the web) which would help mitigate threats in this scenario.
I am using .NET 4 and trying to use the desktop authentication for the StackApps site via the web-browser control (WPF and/or WinForms) to develop a NNTP Bridge for accessing StackOverflow (https://stackapps.com/questions/4215/stackapp-nntp-bridge-for-accessing-stackexchange-forums-like-stackoverflow).
It seems that the login cannot be done, because the web browser hangs up, after the page from "StackExchange Login" is displayed.
I use the following URL:
https://stackexchange.com/oauth/dialog?client_id=1736&scope=no_expiry&redirect_uri=https://stackexchange.com/oauth/login_success
It works in the normal IE browser, but not in a WinForms or WPF window... Does anyone know what the problem is?
It is simple to repoduce:
Create a WinForms-Project
Add the "WebBrowser" control to the dialog
Double-Click on the Form1
Add the following code
private void Form1_Load(object sender, EventArgs e)
{
webBrowser1.Navigate("https://stackexchange.com/oauth/dialog?client_id=1736&scope=no_expiry&redirect_uri=https://stackexchange.com/oauth/login_success");
}
Start the application
Login by pressing the "login with Stack Exchange" account symbol
A new page gets loaded; it is displayed correctly, but you cannot enter your login name; the window hangs...
The same happens, if I use WPF-App and the WPF-WebBrowser-Control... it seems that it is stuck in an endless-loop in JavaScript...
Any hint on how to solve ths problem?
Or is it possible to debug the JavaScript in the WebBrowser-Control???
Fixing WebBrowser Control
I also had the issue of the WebBrowser control handing when trying to login.
Although requesting a token in IE (11) works, I found that IE itself also hangs when I put it in IE 7 emulation mode. This suggested to me that my previous attempt to make the WebBrowser control use a newer version had failed.
I found this article, Web Browser Control Specifying the IE Version, which suggests that for 32 bit applications in 64 bit mode, you need to set a different registry value.
So now, I've added two values in the registry:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
and
HKEY_CURRENT_USER\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION
In both of them, I added a DWORD value named 'MyExecutable.exe' (where MyExecutable is the actual name of my executable). The value for each of them is 9000 which will work for IE9 and above. Watch out when using RegEdit to test this, it will default to hexadecimal instead of decimal. Also, make sure it is a DWORD value, not any other type.
This seems to do the trick. I can now run the application, go through the login process, and eventually I am redirected to the url specified by me, which I can then capture using the OnNavigate event of the webbrowser control.
Remaining issue
It doesn't really work perfectly. The first time I was redirected to some OpenID page as well, but at least the form didn't hang. With subsequent attempts, apparently the login (which succeeded before) is remembered and I get the message "Navigation to the webpage was cancelled" with a link to refresh the page. When I click that link, I am immediately redirected to the redirect_url I specified when requesting the login form. At least that part works, and I get an actual access_token and an expiry time, so for now I'm happy.
Update: After some testing, it turned out that the previous login was remembered. That causes the request uri to direct to the redirect_uri immediately. I used the OnBeforeNavigate event to detect this, but it isn't fired in this case. I now linked the NavigateComplete2 event, and that one is triggered in this scenario.
Fix for .NET?
I think for .NET the solution should be the same: add the executable (and MyExecutabl.vshost.exe as well, for debugging purposes in Visual Studio) to the first key. If it's a 32 bit executable running on 62 bit Windows, you might also need to add it to the second key, although I'm sure if that rule applies to .NET as well. I don't do C# on a daily basis, and I'm trying to get it to work in Delphi first, but if I find time to test this in C# I will post the update here.
In the end, it would be nice if the actual issue would be solved, and the JavaScript would work in IE7 mode as well, but at least this seems to be a proper work-around.
Unfortunately, I'm not a JavaScript developer, so I only could try to explain you how to debug a JavaScript that executes in the WebBrowser control.
This approach is for the Microsoft Visual Studio, I don't know if Delphi can provide similar functionality.
Enable Script Debugging (both Internet Explorer and Other) in Internet Explorer settings.
Disable Friendly HTTP messages in Internet Explorer settings.
Enable Display a notification about every script error in Internet Explorer settings.
From Visual Studio, start your WebBrowser hosting application without debugging (i. e., Ctrl + F5).
In Visual Studio, go to Debug → Attach to Process… and select your application in the list.
Hit the Select… button to the right of Attach to: field and choose Script code.
Hit the Attach button. Visual Studio starts the script debugger.
In your application, navigate to the deadlocking page by pressing the Login with Stack Exchange account symbol.
Go to Visual Studio and press the Pause button on the debugging toolbar.
Now you can look into your script code and investigate the code itself, the call stack, the variable values and so on. You can set breakpoints too. Perhaps you can then find the place where the script hangs. As I said before, I'm not a web developer and cannot help you with this…
Update:
I guess I can propose you a working solution.
My investigation shows that the WebBrowser hangs when it renders the content in the IE7 mode (what is the default mode even if you have IE10 in your system). You should force it to switch into IE9 mode. In IE9 mode, the page renders well and does not cause the script to stuck in an endless loop.
You can switch your WebBrowser to the IE9 mode using one of the following methods:
Define the global browser emulation mode for your application in Windows registry.
For 32 bit OS, go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION.
For 64 bit OS, use HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION.
In this node, create a new DWORD parameter called YourApplicationExeName.exe with a value 9000 (0x2710). You can create another entries for your *.vshost.exe executables, if you want this to work in Visual Studio debug mode.
Manipulate the source for the WebBrowser to switch it in the IE9 mode.
This will be more complicated. You need to alter the <head> tag of the html document adding a new <meta> tag preferably as a first element: <meta http-equiv="X-UA-Compatible" content="IE=9"/>.
This will cause the WebBrowser to switch its mode on document rendering. Since you can't change the compatibility mode after the document is rendered, you could use a proxy as a source for your WebBrowser, so this proxy will add the header.
I`ve successfully tested this with the 1st approach, and the second one should work too.
Hope that helps!
Project + Properties, Debug tab, tick the "Enable native code debugging" option. Ensure that you've got the Microsoft Symbol server enabled (Tools + Options, Debugging, Symbols), I know you do :)
You can now use Debug + Break All and see what's going on inside the browser. Do so repeatedly to get the lay of the land. You'll see that Javascript is executing (jscript8.dll) and constantly forcing the layout engine to recalculate layout, never getting the job done.
Browsers in general are vulnerable to Javascript that's stuck in an endless loop. A regular browser tends to put up a dialog after several dozen seconds to allow the user to abort the JS, but WebBrowser doesn't have that feature. Nor does it have the dev tools so debugging the JS isn't going to be a great joy either. This is going to be difficult to get fixed.
You might consider using the OAuth 2.0 api instead. Notes on usage are on this web page. Exactly how to integrate that with WebBrowser is a bit murky to me, I don't have a key to test this. Find help for this at the Stackapps site. You are probably not the first SE api user that ran into this problem.
I have a Silverlight project that we use internally that I wrote - and since we've not had any need to work on it, it's been a while since I've opened the project. I opened it up this morning and everything is fine in terms of building, but whenever I try to debug I get the following error:
Unable to start program "http://mymachinename/mywebsite/index.aspx"
Of course, running it in Firefox works fine but no symbols are loaded. Running without debugging still throws the same error but IE loads up anyway...
Navigating to the website in IE works fine - SL app opens up, loads data etc etc, all looks good
I've Googled this all morning (usually quite good at finding info) and been through all the questions on SO and I can't figure out what's going on - there doesn't seem to be any messages in the event log, there are no messages in any VS output window, the w3wp just terminates immediately after starting (probably due to there being an error trying to open IE). I've tried reinstalling IE, cleaning/rebuilding, using local dev server, creating a new web project, turning on/off settings in IE9 etc etc
Nothing seems to make a difference - anyone got any experiences of this and has fixed it without doing one of the things I've already done? Any other suggestions?
Thanks in advance!
UPDATE
Just to be clear in case anyone asks - I get this problem when creating a new web project - i.e. everything I said I'd tried (above) didn't change the behaviour. It showed the same error no matter what I'd done so far (that includes a NON SL web project)
I've also tried attaching the debugger to w3wp that is running (the standard IIS process) and I can't seem to get it to debug (no symbols are loading), but that might be another issue altogether. I'm going to look at that next and maybe if I figure that out it might lead to fixing this issue
UPDATE 2
Debugging in Firefox works - I attached to w3wp with no success, then realising my stupidity (SL being a client side app!) I attached to the plugin-container.exe that FF runs its plugins in. This works. I can probably do the same for IE and just attach to IE, but why won't it start up from VS?! hair pull
UPDATE 3
Just in case anyone asks, the default browser is set to IE in VS. Also I've managed to debug by attaching to IE, it just won't start IE from within VS - annoying but I can live with it for now. If anyone does have a suggestion though, feel free...
For anyone's information in case they have this same problem, it ended up being that the port I was running my site on was also running a SharePoint site!
I created a new site on port 81 and used that for dev - not sure what setting on the other site caused the issue but it ended up working on port 81.