Client-side ASP scripting with HTML Scripting Pages

Active Server Pages (ASP) is a well known server side scripting technology. We will explain how this web technology can be emulated entirely on aWindows client machine from within Internet Explorer (IE) and Internet Explorer ActiveXwebbrowser controls (IEX controls)  using custom IE pluggable protocolsand Windows Scripting to turn IE into an interactive programmingenvironment.  We will also examine how we can use content storage files tostore all HTML/ASP/graphic files in a single file to be read by the pluggableprotocol.

The use of embedded Internet Explorer ActiveX controls (orIEX for short) can enhance Windows programs very powerfully.  The ability to easily add multi-media content to your Windows programs is quite compelling.  Trying to place graphics and tabular data using C++ or even VB is quite a bit of effort.  There are many issues with placement, resizing and a range of other messy problems.  Using the IEX webbrowser control to easily display HTML contentcan be quite compelling.  Furthermore, HTML content can bechanged without recompiling your program. This can be quite advantageous indeed.  Microsoft uses IEX with HTML content in limited amounts in products and tools such asOutlook (and Express), and MMC.  

One of the major drawbacks to using embedded web browsercontrols is that they can only display static content.  That is, untilnow.  HTML Scripting Pages, or HSP for short, is the first and onlyproduct to actually run ASP pages on the Windows client machine in a plug-in DLL. No longer are webpages doomed to only display static webpages.  With HSP,webpages can be seamlessly generated on the fly within either theInternet Explorer webbrowser or embedded IEX webbrowser controls.  You canactually run "browser applications" (analogous to a web application)right inside Internet Explorer entirely on the Windows machine with no Internetconnection.  This ability has tremendous implications for Windowsprogrammers.  Suddenly, an entire new programming/display methodology isopened up.  We will explain HSP thoroughly in the paragraphsbelow.  

But even with HSP, there two other issues which may stop someone from embedding IEX controls and ASP/HTML content in their Windows program.   The following identifies the problems and how EzTools' products solve them.

Problem 1: File Proliferation

File proliferation is simply when the file count of your application distribution gets too high. Typically, a webpage is not simply a single file, but many files (such asgraphic files), that are referenced by the webpage. Shipping several"raw" HTML files with your product is potentially a bad idea because:1) it can dramatically increase the "file count" of your product. 2)if any of these files are accidentally deleted, it may be difficult to ascertainwhich they are, and 3) raw files can be tampered with or viewed by end users thus exposing your intellectual property.  All ofthese are good reasons not to use them.  But there is a perfect solution tothis problem.  That is, the use of contentstorage files and pluggable protocols.  We will also deal with content storage file security.

Problem 2: Webpages Can't Interact with Application

You should be able to detect mouse clicks on the webpage links and buttons and be able to pass them through to the containing application code (in the form of COM events) so you can respond to them outside the scope of the IEX control.  This is necessary so your webpages can reach outside the scope of the webbrowser control.  You would also want to be able to disable the right-click Context Menu and accelerator keys as well.  We will see how we can detectmouse-clicks (and other HTML events) in webpages and pass them through to the containingapplication. We will see how to put all of these new technologies together to form a new andunique programming paradigm.

Besides the fact that IE doesn't natively pass through HTML events, amazingly you cannot set the window border to be on or off, nor can you set the style to be 3D or flat - its always 3D!  We will show you how EzTools' products solve all of these problems, letting you to "have it your way".  To writeWindows programs that make effective use of embedded IEX controls, you will needall of these features.

IE uses pluggable protocols to obtain all of its content. Whenever youtype a URL such as

http://www.microsoft.com

IE looks up the http pluggable protocol Registry entry and loads theappropriate COM object to go get the content. It is entirely the job of the pluggable protocolto get the specified content resource, the way it knows how according to itsprotocol. Once the resource data has been retrieved, the pluggable protocolfeeds it back to IE. The HTTP pluggable protocol uses HTTP to get the resource.The FILE pluggable protocol uses the file system to get the resource.  FTP uses the FTP pluggable protocol, and so on.  We will see you can use a custom pluggable protocol to read content from a special file called a content storage file.

EzStor is an application program that provides a User Interface (or UI) forcreating content storage files.  A content storage file is a sort of file databasefor storing multiple files in a single file.  You create a content storage file by dragging anddropping your HTML content files from Windows Explorer onto a Treeview in theEzStor app. As you drop files andfolders onto EzStor, they are copied into a storage file, maintaining the samehierarchy as your file system. You can create your own hierarchy as well. EzStorhas an embedded IEX control that displays the content files as you select them.To do this, it uses its own pluggable protocol developed for it. The EZS pluggable protocolknows how to read the EzStor content storage file. When you select a file,EzStor tells its IEX control to navigate to the file using the EZS pluggable protocol.

So now you can specify the EZS protocol to load a WebPage storedwithin an EzStor file.  It has the following syntax:

ezs://drive:\filepath\filename.ezs/internalpath/htmlfilename

Example:

ezs://c:\myezhfile.ezs/myhtmlfile.htm

You can do this either programatically (using the Navigate method of IEX) ortype it in the address bar of IE.

OK, at this point you have two tools that enable you tosafely store your HTML/ASP/graphiccontent in a single content storage file (EzStor files) to be able to be read byembedded IEXcontrols in your Windows programs. You can stuff all of your content files intoa single file to be shipped with your product, along with the EZS pluggableprotocol DLL. 

Using EzStor and and the EZS pluggableprotocol DLL we have solved problem number 1 - file proliferation.  But theEZS pluggableprotocol will only display static webpages.  If your application onlyrequires static pages, then this solution is all you need.

Displaying static HTML webpages in your apps is pretty good. You can doquite a bit with static webpages. But we cantake it a huge step further and have dynamic webpages using a new technologynamed HTML Scripting Pages, or HSP for short. HSP is a client-side, ASPwork-alike. Think of HSP as IE + pluggable protocols + Windows Scripting.  HSP isimplemented in its own pluggable protocol DLL, so it works seamlessly with IE. Ituses Windows Scripting (aka Active Scripting) to execute script code embeddedwithin HTML pages, just like server-side ASP. The difference is that it all takes place onthe client machine - there is no webserver involved.

HSP uses most of the same objects as ASP (eg. Session, Request andResponse, Server).Each object has most or all of the same properties and methods of its ASPcounterpart. The reason not all objects, methods and properties are implementedis simple: They are not needed in a client-only, single user environment. 

HSP works with any Windows Scripting engine that supports scriptableCOM objects (IDispatch). HSP only looks for script in files with the .aspextension.

Suppose you have an HTML file with the following line in it:

When loaded by IE, this would be displayed:

If you had a QueryString or Form value passed with a user name, you couldwrite:

or just

HSP's pluggable protocol is HSP. You load an HSP resource in the sameway as any other pluggable protocol:

hsp://c:/myproj/myfile.hsp

When IE sees the HSP protocol specified, it loads the HSP DLL and calls a COMobject to retreive the specified resource.  The HSP protocol knows how toread EzStor files just as does the EZS protocol.  Although HSP will open and execute"raw" files files from disk, that is not the way it is used in yourdeployed applications. Rather, you should stuff all of your HTML, graphics, ASP and other contentfiles into an EzStor file (using the EzStor tool).  We do this for the reasons outlined above. But now that wehave executable program code in our files, it becomes even more important thatend users don't tamper with them.

Note: You can take advantage of the new VBScript Classes - COM classesimplemented entirely in VBScript - to write reusable classes in your HSPcode.  Quite a powerful feature.

WOW

So we are now displaying static or dynamic HTML content in our Windows programs, and, thanks topluggable protocols, the content is retrieved from neatly bundled contentstorage (EzStor) files.That's a big step forward.  Now suppose you wanted to activate program functionsfrom mouse-clicks on the webpage - a function that is outside the scope of IE. For example, when you open Microsoft Outlook, and click "OutlookToday", you are shown a webpage in the right-hand window pane, with linksand graphics on it. Clicking on a link activates the corresponding programfunction. The IEX event model doesn't pass through mouse-clicks, so how is yourapplication codegoing to know when a link is clicked? The WOW control (WOW is for Web OnWindows) handles this by wrapping the IEX control to pass these events through to your program as a COM event.  WOW canactually trap any HTML event.  Now, when the userclicks on a link you could activate an internal program function such asdisplaying a dialog window, or changing forms, or whatever.  WOW lets you usethe IEX more as a classic ActiveX control that interacts with itscontainer program.

This feature is very important.  There are situations where you just can't do without it. Besides this feature, WOW gives you the ability disable the Context Menu and any or all accelerator keys, another important feature.

EzStor has built-in security features that can make it impossible forunauthorized or unlicensed persons to open, execute or examine the contents ofyour EzStor files. Without security, anyone would be able to run your HSPapplication. Also, anyone with the EzStor Viewer could view the contents of yourHSP EzStor files, including your source code.  EzStor's licensing feature allows you to copy protect your HSP files so that they can only be run on licensed machines.

EzStor has two levels of security: Password and Machine License. EzStorallows you to set a password on your storage file, so that it cannot be openedunless the correct password is supplied. You can also set a Machine License, so that the file cannot beopened or run unless a license key is detected on that machine. To do this, the EzRegproduct is required. You might require a password or machine license if you sellyour HSP program (for example if you produce educational courseware) that you need to copyprotect to guard your content, product and revenue.

Conclusion

These technologies introduce a totally new programming paradigm that, thoughWindows centric, can be used in a variety of applications on a large installedbase of computers.  All Windows machines have Internet Explorer installed, and the latest version can be obtained from Microsoft for free.  TheWindows Scripting DLLs are also free and readily available from Microsoft. Being able to write a  secure, copy protected executable program that can run in the IE browser or inyour own custom programs is quite an interesting prospect.  The web browser actually becomes a sort of programmable whiteboard for a wide variety ofuses, using HTML and VBScript.  Only EzTools' integrated products give you the ability to do it.

This article is copyrighted by Brett Goodman andEzTools - 2000-2001.  All rights reserved.

Reach me at www.eztools-software.comor brettg@eztools-software.com