以编程方式将受信任的站点添加到 Internet Explorer
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/972345/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Programmatically add trusted sites to Internet Explorer
提问by Even Mien
I'm doing an IE automation project using WatiN.
我正在使用 WatiN 做一个 IE 自动化项目。
When a file to be downloaded is clicked, I get the following in the Internet Explorer Information bar:
单击要下载的文件时,我会在 Internet Explorer 信息栏中看到以下信息:
To help protect your security, Internet Explorer has blocked this site from downloading files to you computer.
为帮助保护您的安全,Internet Explorer 已阻止此站点将文件下载到您的计算机。
In order to download the report, I can manually add the site to Internet Explorer's list of trusted sites, but I would prefer to check programmatically in .NET to see if the site is trusted and add it to the list if it is not.
为了下载报告,我可以手动将站点添加到 Internet Explorer 的受信任站点列表,但我更愿意在 .NET 中以编程方式检查该站点是否受信任,如果不可信,则将其添加到列表中。
FYI, I'm currently using IE7.
仅供参考,我目前正在使用 IE7。
回答by Ben Schwehn
回答by Even Mien
Here's the implementation that I came up with for writing the registry keys in .NET.
这是我想出的用于在 .NET 中编写注册表项的实现。
Thanks for setting me in the right direction, Ben.
谢谢你让我朝着正确的方向前进,本。
using System;
using System.Collections.Generic;
using Microsoft.Win32;
namespace ReportManagement
{
class ReportDownloader
{
[STAThread]
static void Main(string[] args)
{
const string domainsKeyLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains";
const string domain = @"newsite.com";
const int trustedSiteZone = 0x2;
var subdomains = new Dictionary<string, string>
{
{"www", "https"},
{"www", "http"},
{"blog", "https"},
{"blog", "http"}
};
RegistryKey currentUserKey = Registry.CurrentUser;
currentUserKey.GetOrCreateSubKey(domainsKeyLocation, domain, false);
foreach (var subdomain in subdomains)
{
CreateSubdomainKeyAndValue(currentUserKey, domainsKeyLocation, domain, subdomain, trustedSiteZone);
}
//automation code
}
private static void CreateSubdomainKeyAndValue(RegistryKey currentUserKey, string domainsKeyLocation,
string domain, KeyValuePair<string, string> subdomain, int zone)
{
RegistryKey subdomainRegistryKey = currentUserKey.GetOrCreateSubKey(
string.Format(@"{0}\{1}", domainsKeyLocation, domain),
subdomain.Key, true);
object objSubDomainValue = subdomainRegistryKey.GetValue(subdomain.Value);
if (objSubDomainValue == null || Convert.ToInt32(objSubDomainValue) != zone)
{
subdomainRegistryKey.SetValue(subdomain.Value, zone, RegistryValueKind.DWord);
}
}
}
public static class RegistryKeyExtensionMethods
{
public static RegistryKey GetOrCreateSubKey(this RegistryKey registryKey, string parentKeyLocation,
string key, bool writable)
{
string keyLocation = string.Format(@"{0}\{1}", parentKeyLocation, key);
RegistryKey foundRegistryKey = registryKey.OpenSubKey(keyLocation, writable);
return foundRegistryKey ?? registryKey.CreateSubKey(parentKeyLocation, key);
}
public static RegistryKey CreateSubKey(this RegistryKey registryKey, string parentKeyLocation, string key)
{
RegistryKey parentKey = registryKey.OpenSubKey(parentKeyLocation, true); //must be writable == true
if (parentKey == null) { throw new NullReferenceException(string.Format("Missing parent key: {0}", parentKeyLocation)); }
RegistryKey createdKey = parentKey.CreateSubKey(key);
if (createdKey == null) { throw new Exception(string.Format("Key not created: {0}", key)); }
return createdKey;
}
}
}
回答by Dunkv
Glad I came across your postings. The only thing I can add to the excellent contributions already is that a different registry key is used whenever the URI contains an IP address i.e. the address isn't a fully qualified domain name.
很高兴看到你的帖子。我可以添加到优秀贡献中的唯一一件事是,只要 URI 包含 IP 地址,即该地址不是完全限定的域名,就会使用不同的注册表项。
In this instance you have to use an alternative approach:
在这种情况下,您必须使用替代方法:
Imagine I wish to add an IP address to the trusted sites: say 10.0.1.13 and I don't care what protocol.
想象一下,我希望向受信任的站点添加一个 IP 地址:比如 10.0.1.13,我不在乎什么协议。
Under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges, I create a key e.g. "Range1" and the inside that create the following values:
A DWORD with name "*" and value 0x2 (for all protocols(*) and trusted site(2)) A string with name ":Range" with value "10.0.1.13"
在 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges 下,我创建了一个键,例如“Range1”和创建以下值的内部:
名称为“*”且值为 0x2 的 DWORD(对于所有协议(*)和受信任的站点(2))名称为“:Range”且值为“10.0.1.13”的字符串
回答by Remy van Tour
Using powershell it is quite easy.
使用powershell很容易。
#Setting IExplorer settings
Write-Verbose "Now configuring IE"
#Add http://website.com as a trusted Site/Domain
#Navigate to the domains folder in the registry
set-location "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
set-location ZoneMap\Domains
#Create a new folder with the website name
new-item website/ -Force
set-location website/
new-itemproperty . -Name * -Value 2 -Type DWORD -Force
new-itemproperty . -Name http -Value 2 -Type DWORD -Force
new-itemproperty . -Name https -Value 2 -Type DWORD -Force
回答by hemp
In addition to adding the domain to the Trusted Sites list, you may also need to change the setting "Automatically prompt for file downloads" for the Trusted Sites zone. To do so programatically, you modify the key/value:
除了将域添加到受信任站点列表之外,您可能还需要更改受信任站点区域的“自动提示文件下载”设置。要以编程方式执行此操作,请修改键/值:
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2@2200
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2@2200
Change the value from 3(Disable) to 0(Enable). Here's some C# code to do that:
将值从3(禁用)更改为0(启用)。下面是一些 C# 代码来做到这一点:
public void DisableForTrustedSitesZone()
{
const string ZonesLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones";
const int TrustedSiteZone = 2;
const string AutoPromptForFileDownloadsValueName = @"2200";
const int AutoPromptForFileDownloadsValueEnable = 0x00; // Bypass security bar prompt
using (RegistryKey currentUserKey = Registry.CurrentUser)
{
RegistryKey trustedSiteZoneKey = currentUserKey.OpenSubKey(string.Format(@"{0}\{1:d}", ZonesLocation, TrustedSiteZone), true);
trustedSiteZoneKey.SetValue(AutoPromptForFileDownloadsValueName, AutoPromptForFileDownloadsValueEnable, RegistryValueKind.DWord);
}
}
回答by Nelvin kay
Here is the implementation of adding trusted sites programmatically to IE - based on Even Mien's code. It supports domain name and IP address as well. The limitation is no specific protocol could be defined, instead it simply uses "*" for all protocols.
这是以编程方式将可信站点添加到 IE 的实现 - 基于 Even Mien 的代码。它还支持域名和IP地址。限制是无法定义特定的协议,而是对所有协议简单地使用“*”。
// Source : http://support.microsoft.com/kb/182569
static class IeTrustedSite
{
const string DOMAINS_KEY = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains";
const string RANGES_KEY = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges";
const int TRUSTED_SITE_CODE = 0x2;
const string ALL_PROTOCOL = "*";
const string RANGE_ADDRESS = ":Range";
public static void AddSite(string address)
{
string[] segmentList = address.Split(new string[] {"."}, StringSplitOptions.None);
if (segmentList.Length == 4)
AddIpAddress(segmentList);
else
AddDomainName(segmentList);
}
static void AddIpAddress(string[] segmentList)
{
string ipAddress = segmentList[0] + "." + segmentList[1] + "." + segmentList[2] + "." + segmentList[3];
RegistryKey rangeKey = GetRangeKey(ipAddress);
rangeKey.SetValue(ALL_PROTOCOL, TRUSTED_SITE_CODE, RegistryValueKind.DWord);
rangeKey.SetValue(RANGE_ADDRESS, ipAddress, RegistryValueKind.String);
}
static RegistryKey GetRangeKey(string ipAddress)
{
RegistryKey currentUserKey = Registry.CurrentUser;
for (int i = 1; i < int.MaxValue; i++)
{
RegistryKey rangeKey = currentUserKey.GetOrCreateSubKey(RANGES_KEY, "Range" + i.ToString());
object addressValue = rangeKey.GetValue(RANGE_ADDRESS);
if (addressValue == null)
{
return rangeKey;
}
else
{
if (Convert.ToString(addressValue) == ipAddress)
return rangeKey;
}
}
throw new Exception("No range slot can be used.");
}
static void AddDomainName(string[] segmentList)
{
if (segmentList.Length == 2)
{
AddTwoSegmentDomainName(segmentList);
}
else if (segmentList.Length == 3)
{
AddThreeSegmentDomainName(segmentList);
}
else
{
throw new Exception("Un-supported server address.");
}
}
static void AddTwoSegmentDomainName(string[] segmentList)
{
RegistryKey currentUserKey = Registry.CurrentUser;
string domain = segmentList[0] + "." + segmentList[1];
RegistryKey trustedSiteKey = currentUserKey.GetOrCreateSubKey(DOMAINS_KEY, domain);
SetDomainNameValue(trustedSiteKey);
}
static void AddThreeSegmentDomainName(string[] segmentList)
{
RegistryKey currentUserKey = Registry.CurrentUser;
string domain = segmentList[1] + "." + segmentList[2];
currentUserKey.GetOrCreateSubKey(DOMAINS_KEY, domain);
string serviceName = segmentList[0];
RegistryKey trustedSiteKey = currentUserKey.GetOrCreateSubKey(DOMAINS_KEY + @"\" + domain, serviceName);
SetDomainNameValue(trustedSiteKey);
}
static void SetDomainNameValue(RegistryKey subDomainRegistryKey)
{
object securityValue = subDomainRegistryKey.GetValue(ALL_PROTOCOL);
if (securityValue == null || Convert.ToInt32(securityValue) != TRUSTED_SITE_CODE)
{
subDomainRegistryKey.SetValue(ALL_PROTOCOL, TRUSTED_SITE_CODE, RegistryValueKind.DWord);
}
}
}
static class RegistryKeyExtension
{
public static RegistryKey GetOrCreateSubKey(this RegistryKey registryKey, string parentString, string subString)
{
RegistryKey subKey = registryKey.OpenSubKey(parentString + @"\" + subString, true);
if (subKey == null)
subKey = registryKey.CreateSubKey(parentString, subString);
return subKey;
}
public static RegistryKey CreateSubKey(this RegistryKey registryKey, string parentString, string subString)
{
RegistryKey parentKey = registryKey.OpenSubKey(parentString, true);
if (parentKey == null)
throw new Exception("BUG : parent key " + parentString + " is not exist.");
return parentKey.CreateSubKey(subString);
}
}
回答by johny why
If a website could add itself to the trusted sites, now that would be bad.
如果一个网站可以将自己添加到受信任的站点,那将是糟糕的。
I don't quite agree- as long as the browser asks the user for permission,the ability of a site to add itself to trusted sites can greatly simplify the user experience, where the user trusts the domain and wants correct page display.
我不太同意——只要浏览器请求用户许可,站点将自己添加到受信任站点的能力可以极大地简化用户体验,用户信任域并希望正确显示页面。
The alternative is the user must manually go into internet options to add the domain, which is, for my users, not viable.
另一种方法是用户必须手动进入 Internet 选项才能添加域,这对我的用户来说是不可行的。
i'm looking for a php or javascriptmethod for the site to add itself, either through some IE api, or through the registry as you've so helpfully explained above!
我正在为该站点寻找一种php 或 javascript方法来添加自己,无论是通过一些 IE api,还是通过注册表,正如你上面解释的那样!
have found these possible solutions so far:
到目前为止已经找到了这些可能的解决方案:
- php via shell
- others i'm not allowed to list here because i don't have enough points
- php 通过 shell
- 其他我不允许在这里列出,因为我没有足够的积分
