Active Server Pages (ASP) is a well known server side scripting technology. We will explain how this web technology can be emulated entirely on aWindows client machine from within Internet Explorer (IE) and Internet Explorer ActiveXwebbrowser controls (IEX controls) using custom IE pluggable protocolsand Windows Scripting to turn IE into an interactive programmingenvironment. We will also examine how we can use content storage files
Active Server Pages (ASP) is a well known server side scripting technology. We will explain how this web technology can be emulated entirely on aWindows client machine from within Internet Explorer (IE) and Internet Explorer ActiveXwebbrowser controls (IEX controls) using custom IE pluggable protocolsand Windows Scripting to turn IE into an interactive programmingenvironment. We will also examine how we can use content storage files tostore all HTML/ASP/graphic files in a single file to be read by the pluggableprotocol.The use of embedded Internet Explorer ActiveX controls (orIEX for short) can enhance Windows programs very powerfully. The ability to easily add multi-media content to your Windows programs is quite compelling. Trying to place graphics and tabular data using C++ or even VB is quite a bit of effort. There are many issues with placement, resizing and a range of other messy problems. Using the IEX webbrowser control to easily display HTML contentcan be quite compelling. Furthermore, HTML content can bechanged without recompiling your program. This can be quite advantageous indeed. Microsoft uses IEX with HTML content in limited amounts in products and tools such asOutlook (and Express), and MMC.
One of the major drawbacks to using embedded web browsercontrols is that they can only display static content. That is, untilnow. HTML Scripting Pages, or HSP for short, is the first and onlyproduct to actually run ASP pages on the Windows client machine in a plug-in DLL. No longer are webpages doomed to only display static webpages. With HSP,webpages can be seamlessly generated on the fly within either theInternet Explorer webbrowser or embedded IEX webbrowser controls. You canactually run "browser applications" (analogous to a web application)right inside Internet Explorer entirely on the Windows machine with no Internetconnection. This ability has tremendous implications for Windowsprogrammers. Suddenly, an entire new programming/display methodology isopened up. We will explain HSP thoroughly in the paragraphsbelow.
But even with HSP, there two other issues which may stop someone from embedding IEX controls and ASP/HTML content in their Windows program. The following identifies the problems and how EzTools' products solve them.
Problem 1: File Proliferation
File proliferation is simply when the file count of your application distribution gets too high. Typically, a webpage is not simply a single file, but many files (such asgraphic files), that are referenced by the webpage. Shipping several"raw" HTML files with your product is potentially a bad idea because:1) it can dramatically increase the "file count" of your product. 2)if any of these files are accidentally deleted, it may be difficult to ascertainwhich they are, and 3) raw files can be tampered with or viewed by end users thus exposing your intellectual property. All ofthese are good reasons not to use them. But there is a perfect solution tothis problem. That is, the use of contentstorage files and pluggable protocols. We will also deal with content storage file security.
Problem 2: Webpages Can't Interact with Application
You should be able to detect mouse clicks on the webpage links and buttons and be able to pass them through to the containing application code (in the form of COM events) so you can respond to them outside the scope of the IEX control. This is necessary so your webpages can reach outside the scope of the webbrowser control. You would also want to be able to disable the right-click Context Menu and accelerator keys as well. We will see how we can detectmouse-clicks (and other HTML events) in webpages and pass them through to the containingapplication. We will see how to put all of these new technologies together to form a new andunique programming paradigm.
Besides the fact that IE doesn't natively pass through HTML events, amazingly you cannot set the window border to be on or off, nor can you set the style to be 3D or flat - its always 3D! We will show you how EzTools' products solve all of these problems, letting you to "have it your way". To writeWindows programs that make effective use of embedded IEX controls, you will needall of these features.
Pluggable Protocols
IE uses pluggable protocols to obtain all of its content. Whenever youtype a URL such as
http://www.microsoft.com
IE looks up the http pluggable protocol Registry entry and loads theappropriate COM object to go get the content. It is entirely the job of the pluggable protocolto get the specified content resource, the way it knows how according to itsprotocol. Once the resource data has been retrieved, the pluggable protocolfeeds it back to IE. The HTTP pluggable protocol uses HTTP to get the resource.The FILE pluggable protocol uses the file system to get the resource. FTP uses the FTP pluggable protocol, and so on. We will see you can use a custom pluggable protocol to read content from a special file called a content storage file.
EzStor and Content Storage Files
EzStor is an application program that provides a User Interface (or UI) forcreating content storage files. A content storage file is a sort of file databasefor storing multiple files in a single file. You create a content storage file by dragging anddropping your HTML content files from Windows Explorer onto a Treeview in theEzStor app. As you drop files andfolders onto EzStor, they are copied into a storage file, maintaining the samehierarchy as your file system. You can create your own hierarchy as well. EzStorhas an embedded IEX control that displays the content files as you select them.To do this, it uses its own pluggable protocol developed for it. The EZS pluggable protocolknows how to read the EzStor content storage file. When you select a file,EzStor tells its IEX control to navigate to the file using the EZS pluggable protocol.
So now you can specify the EZS protocol to load a WebPage storedwithin an EzStor file. It has the following syntax:
ezs://drive:\filepath\filename.ezs/internalpath/htmlfilename
Example:
ezs://c:\myezhfile.ezs/myhtmlfile.htm
You can do this either programatically (using the Navigate method of IEX) ortype it in the address bar of IE.
OK, at this point you have two tools that enable you tosafely store your HTML/ASP/graphiccontent in a single content storage file (EzStor files) to be able to be read byembedded IEXcontrols in your Windows programs. You can stuff all of your content files intoa single file to be shipped with your product, along with the EZS pluggableprotocol DLL.
Using EzStor and and the EZS pluggableprotocol DLL we have solved problem number 1 - file proliferation. But theEZS pluggableprotocol will only display static webpages. If your application onlyrequires static pages, then this solution is all you need.
Dynamic Webpages with HTML Scripting Pages
Displaying static HTML webpages in your apps is pretty good. You can doquite a bit with static webpages. But we cantake it a huge step further and have dynamic webpages using a new technologynamed HTML Scripting Pages, or HSP for short. HSP is a client-side, ASPwork-alike. Think of HSP as IE + pluggable protocols + Windows Scripting. HSP isimplemented in its own pluggable protocol DLL, so it works seamlessly with IE. Ituses Windows Scripting (aka Active Scripting) to execute script code embeddedwithin HTML pages, just like server-side ASP. The difference is that it all takes place onthe client machine - there is no webserver involved.
HSP uses most of the same objects as ASP (eg. Session, Request andResponse, Server).Each object has most or all of the same properties and methods of its ASPcounterpart. The reason not all objects, methods and properties are implementedis simple: They are not needed in a client-only, single user environment.
HSP works with any Windows Scripting engine that supports scriptableCOM objects (IDispatch). HSP only looks for script in files with the .aspextension.
Hello World
Suppose you have an HTML file with the following line in it:
Hello <% Response.Write "World" %>
When loaded by IE, this would be displayed:
Hello World
If you had a QueryString or Form value passed with a user name, you couldwrite:
Hello <% Response.Write Request("UserName") %>
or just
Hello <% = Request("UserName") %>
HSP and EzStor
HSP's pluggable protocol is HSP. You load an HSP resource in the sameway as any other pluggable protocol:
hsp://c:/myproj/myfile.hsp
When IE sees the HSP protocol specified, it loads the HSP DLL and calls a COMobject to retreive the specified resource. The HSP protocol knows how toread EzStor files just as does the EZS protocol. Although HSP will open and execute"raw" files files from disk, that is not the way it is used in yourdeployed applications. Rather, you should stuff all of your HTML, graphics, ASP and other contentfiles into an EzStor file (using the EzStor tool). We do this for the reasons outlined above. But now that wehave executable program code in our files, it becomes even more important thatend users don't tamper with them.
Note: You can take advantage of the new VBScript Classes - COM classesimplemented entirely in VBScript - to write reusable classes in your HSPcode. Quite a powerful feature.
WOW
So we are now displaying static or dynamic HTML content in our Windows programs, and, thanks topluggable protocols, the content is retrieved from neatly bundled contentstorage (EzStor) files.That's a big step forward. Now suppose you wanted to activate program functionsfrom mouse-clicks on the webpage - a function that is outside the scope of IE. For example, when you open Microsoft Outlook, and click "OutlookToday", you are shown a webpage in the right-hand window pane, with linksand graphics on it. Clicking on a link activates the corresponding programfunction. The IEX event model doesn't pass through mouse-clicks, so how is yourapplication codegoing to know when a link is clicked? The WOW control (WOW is for Web OnWindows) handles this by wrapping the IEX control to pass these events through to your program as a COM event. WOW canactually trap any HTML event. Now, when the userclicks on a link you could activate an internal program function such asdisplaying a dialog window, or changing forms, or whatever. WOW lets you usethe IEX more as a classic ActiveX control that interacts with itscontainer program.
This feature is very important. There are situations where you just can't do without it. Besides this feature, WOW gives you the ability disable the Context Menu and any or all accelerator keys, another important feature.
Security
EzStor has built-in security features that can make it impossible forunauthorized or unlicensed persons to open, execute or examine the contents ofyour EzStor files. Without security, anyone would be able to run your HSPapplication. Also, anyone with the EzStor Viewer could view the contents of yourHSP EzStor files, including your source code. EzStor's licensing feature allows you to copy protect your HSP files so that they can only be run on licensed machines.
EzStor has two levels of security: Password and Machine License. EzStorallows you to set a password on your storage file, so that it cannot be openedunless the correct password is supplied. You can also set a Machine License, so that the file cannot beopened or run unless a license key is detected on that machine. To do this, the EzRegproduct is required. You might require a password or machine license if you sellyour HSP program (for example if you produce educational courseware) that you need to copyprotect to guard your content, product and revenue.
Conclusion
These technologies introduce a totally new programming paradigm that, thoughWindows centric, can be used in a variety of applications on a large installedbase of computers. All Windows machines have Internet Explorer installed, and the latest version can be obtained from Microsoft for free. TheWindows Scripting DLLs are also free and readily available from Microsoft. Being able to write a secure, copy protected executable program that can run in the IE browser or inyour own custom programs is quite an interesting prospect. The web browser actually becomes a sort of programmable whiteboard for a wide variety ofuses, using HTML and VBScript. Only EzTools' integrated products give you the ability to do it.
This article is copyrighted by Brett Goodman andEzTools - 2000-2001. All rights reserved.
Reach me at www.eztools-software.comor brettg@eztools-software.com
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More ASP Articles
More By aspfree
 developerWorks - FREE Tools!
|
Hold your calendar on January 30, 2008 for this free webcast on the new i5/OS. Rational's Enterprise Modernization products will be discussed at this webcast as they help to drive the application development environment for this new System i OS. <br />And learn how i5/OS will take you to the next step of efficient, resilient business processing. You will hear about the new i5/OS capabilities as it will be the most significant i5/OS release in years. If you cannot join the webcast on 1/30/08 you can still use this link to listen to the replay.<br />
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download IBM DB2 Express-C 9.5, a no-charge version of DB2 Express 9 database server. DB2 Express-C offers the same core data server base features as other DB2 Express editions and provides a solid base to build and deploy applications developed using C/C++, Java, .NET, PHP, and other programming languages.
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial version of IBM Rational Business Developer V7.1. Rational Business Developer offers rapid and simplified development of business applications and services through Enterprise Generation Language (EGL) tools, generating Java or mainframe solutions while shielding developers from technical complexities.
FREE! Go There Now!
|
|
|
|
Secure your Web applications with IBM Rational AppScan Standard Edition V7.7, previously known as Watchfire AppScan. This Web application security testing tool automates vulnerability assessments and scans and tests for common Web application vulnerabilities. Visit IBM developerWorks to download a free trial of IBM Rational AppScan Standard Edition V7.7.
FREE! Go There Now!
|
|
|
|
Rational Build Forge Express Edition is an automation framework that packages the latest enterprise-grade technologies into a reliable, flexible and robust configuration designed and priced specifically for small to midsize businesses. The new Rational Build Forge Express eKit provides you with valuable resources – including a case study, podcast, demo, and articles – to help you increase staff productivity, compress development cycles and deliver better software, fast.
FREE! Go There Now!
|
|
|
|
This paper is about the critical role that a discipline called integrated requirements management can play in helping to ensure that your business goals and IT investments are continuously aligned—whether you are sourcing, integrating, building or maintaining software. It also looks at ways that automated IBM Rational® products can work together to help you use requirements in the very best way.
FREE! Go There Now!
|
|
|
|
Get a free trial download of IBM Lotus Forms V3.0 (formerly Workplace Forms), which provides a zero-footprint eForms solution to help you automate and move forms-based business processes off the desktop and onto the Web. With Lotus Forms, you can extend applications beyond the firewall by creating a single electronic form document ready for use in both thick and Web 2.0 thin client format.
FREE! Go There Now!
|
|
|
|
Get a free trial download of the latest version of IBM Rational Method Composer V7.2 which helps you deliver customized yet consistent process guidance to your project teams and IT organization, and includes the latest version of IBM Rational Unified Process (RUP), which has provided process guidance to teams since 1996.
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to try the IBM SOA Sandbox for process. The SOA Sandbox for process focuses on providing a trial environment with the necessary tooling and components required to gain a better understanding of business processes and how to best improve existing business processes to derive value quickly.
FREE! Go There Now!
|
|
|
|
In this webcast, you'll get an introduction to the eXtreme Transaction Processing (XTP) features of WebSphere Extended Deployment and the common architectural traits required by XTP applications. See how WebSphere Extended Deployment's ObjectGrid feature provides a state-of-the-art infrastructure for hosting XTP applications.
FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools!
|
