<script language="javascript" FOR=window EVENT=onhelp>
alert
(
"Internet Explorer 6.0 Trusted Zone Helper Plugin" + "\n\n" +
"Author: Nathan Evans" + "\n" +
"Date/Version: 19-01-2005" + "\n\n" +
"Thank you for using this software."
);
</script>
<script language="javascript">
/* Internet Explorer 6.0 Trusted Zone Helper Plugin
*
* Purpose: Provides user with an easy to reach interface to add and remove domains to and from the Truzted Zone.
* Usage: Install plugin as a "MenuExt" Internet Explorer extention. Right-click on web page and choose menu item "Change domain trust...".
* Tested On: IE 6.0 SP2 (should work fine on IE5.5+ though)
* Author: Nathan Evans
* Initial Release: 14-01-2005
* Date/Version: 19-01-2005
* Changes: Fixed icon sizing bug - ex: 16x16 icons now display properly, instead of being rescaled to 32x32.
* Fixed option button selection not firing when clicking the option's text.
*/
window.dialogHeight = "235px";
window.dialogWidth = "458px";
var wsh = new ActiveXObject("WScript.Shell");
var sRegLocation = "HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\";
var sCurrentURL = new String(external.menuArguments.document.URL);
var bShiftKey = external.menuArguments.event.shiftKey;
var myDomain = new Object();
myDomain.domain = "";
myDomain.subdomain = "";
myDomain.hostname = "";
myDomain.reg_domain = ""; // IE doesn't recognise some rare SLD's (such as org.uk, com.au) so some trickery is required
myDomain.reg_subdomain = ""; // ^^
myDomain.reg_subdomainEx = ""; // used for unknown SLDs that require a wildcard, ex: "*.adslguide.org.uk"
myDomain.reg_mode = 0; // 0 = domain is not trusted at all, 1 = only specific subdomains are trusted, 2 = this specific subdomain is trusted, 3 = whole domain is trusted
if ( parseDomain(sCurrentURL, myDomain) ) {
// no error
// check to see if any part of this domain is already trusted (so the UI can be presented correctly):
// bRegChk1 will be TRUE if the domain is present.
if ( sldCheck(myDomain.reg_domain, "unknown") == true )
bRegChk1 = false;
else
var bRegChk1 = RegExist(sRegLocation + myDomain.reg_domain + "\\", false);
// bRegChk2 will be TRUE if the domain's sub-domain is present.
var bRegChk2 = RegExist(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + ((myDomain.reg_subdomain.length>0) ? "\\*" : "*"), true);
if (bRegChk2 == false) bRegChk2 = RegExist(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + ((myDomain.reg_subdomain.length>0) ? "\\http" : "http"), true);
if (bRegChk2 == false) bRegChk2 = RegExist(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + ((myDomain.reg_subdomain.length>0) ? "\\https" : "https"), true);
if (bRegChk2 == false) bRegChk2 = RegExist(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + ((myDomain.reg_subdomain.length>0) ? "\\ftp" : "ftp"), true);
// bRegChk3 will be TRUE if the domain doesn't contain sub-domains.
var bRegChk3 = RegExist(sRegLocation + myDomain.reg_domain + "\\*", true);
if (bRegChk3 == false) bRegChk3 = RegExist(sRegLocation + myDomain.reg_domain + "\\" + "http", true);
if (bRegChk3 == false) bRegChk3 = RegExist(sRegLocation + myDomain.reg_domain + "\\" + "https", true);
if (bRegChk3 == false) bRegChk3 = RegExist(sRegLocation + myDomain.reg_domain + "\\" + "ftp", true);
// bRegChk4 will be TRUE if the domain is an unknown SLD using a "*." wildcard
var bRegChk4 = RegExist(sRegLocation + myDomain.reg_domain + "\\*." + myDomain.reg_subdomainEx + ((myDomain.reg_subdomainEx.length>0) ? "\\*" : "*"), true);
if (bRegChk4 == false) bRegChk4 = RegExist(sRegLocation + myDomain.reg_domain + "\\*." + myDomain.reg_subdomainEx + ((myDomain.reg_subdomainEx.length>0) ? "\\http" : "http"), true);
if (bRegChk4 == false) bRegChk4 = RegExist(sRegLocation + myDomain.reg_domain + "\\*." + myDomain.reg_subdomainEx + ((myDomain.reg_subdomainEx.length>0) ? "\\https" : "https"), true);
if (bRegChk4 == false) bRegChk4 = RegExist(sRegLocation + myDomain.reg_domain + "\\*." + myDomain.reg_subdomainEx + ((myDomain.reg_subdomainEx.length>0) ? "\\ftp" : "ftp"), true);
if (bRegChk1 == true && bRegChk2 == false && bRegChk3 == false) myDomain.reg_mode = 1;
if (bRegChk1 == true && bRegChk2 == true && bRegChk3 == false) myDomain.reg_mode = 2;
if (bRegChk1 == false && bRegChk2 == true && bRegChk3 == false) myDomain.reg_mode = 2;
if (bRegChk1 == true && bRegChk2 == false && bRegChk3 == true) myDomain.reg_mode = 3;
if (bRegChk1 == true && bRegChk2 == true && bRegChk3 == true) myDomain.reg_mode = 3;
if (bRegChk1 == false && bRegChk3 == false && bRegChk4 == true) myDomain.reg_mode = 3;
//alert(bRegChk1 + ", " + bRegChk2 + ", " + bRegChk3 + ", " + bRegChk4 + ", " + myDomain.reg_mode);
}else{
// error
alert("This domain cannot added to the Trusted Zone.");
window.close();
}
function buttonCancel() {
// user clicked 'Cancel' button
window.close();
}
function buttonApply() {
// user clicked 'Apply' button
var option1 = document.getElementById("option1").checked;
var option2 = document.getElementById("option2").checked;
var option3 = document.getElementById("option3").checked;
var option4 = document.getElementById("option4").checked;
if ( sldCheck(myDomain.reg_domain, "unknown") ) {
// unknown SLD
if (option1 == true) {
// entire domain to be trusted, ex: *.adslguide.org.uk
//alert("ADD: " + sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomainEx + "\\*");
RegWrite(sRegLocation + myDomain.reg_domain + "\\*." + myDomain.reg_subdomainEx + "\\*");
}else{
//alert("REMOVE: " + sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomainEx + "\\*");
RegDelete(sRegLocation + myDomain.reg_domain + "\\*." + myDomain.reg_subdomainEx + "\\*");
RegDelete(sRegLocation + myDomain.reg_domain + "\\*." + myDomain.reg_subdomainEx + "\\http");
RegDelete(sRegLocation + myDomain.reg_domain + "\\*." + myDomain.reg_subdomainEx + "\\https");
RegDelete(sRegLocation + myDomain.reg_domain + "\\*." + myDomain.reg_subdomainEx + "\\ftp");
RegDelete(sRegLocation + myDomain.reg_domain + "\\*." + myDomain.reg_subdomainEx + "\\"); // remove key as well to keep Registry tidy
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomainEx + "\\*");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomainEx + "\\http");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomainEx + "\\https");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomainEx + "\\ftp");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomainEx + "\\"); // remove key as well to keep Registry tidy
if (option3 == true) {
// only subdomain to be trusted, ex: bbs.adslguide.org.uk
//alert("ADD: " + sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\*");
RegWrite(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\*");
}else{
//alert("REMOVE: " + sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\*");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\*");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\http");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\https");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\ftp");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\"); // remove key as well to keep Registry tidy
}
}
}else{
// known SLD
if (option1 == true) {
// entire domain to be trusted, ex: *.overclockers.co.uk
//alert("ADD: " + sRegLocation + myDomain.reg_domain + "\\*");
RegWrite(sRegLocation + myDomain.reg_domain + "\\*");
}else{
//alert("REMOVE: " + sRegLocation + myDomain.reg_domain + "\\*");
RegDelete(sRegLocation + myDomain.reg_domain + "\\*");
RegDelete(sRegLocation + myDomain.reg_domain + "\\http");
RegDelete(sRegLocation + myDomain.reg_domain + "\\https");
RegDelete(sRegLocation + myDomain.reg_domain + "\\ftp");
RegDelete(sRegLocation + myDomain.reg_domain + "\\"); // remove key as well to keep Registry tidy
if (option3 == true) {
// only subdomain to be trusted, ex: forums.overclockers.co.uk
//alert("ADD: " + sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\*");
RegWrite(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\*");
}else{
//alert("REMOVE: " + sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\*");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\*");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\http");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\https");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\ftp");
RegDelete(sRegLocation + myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\"); // remove key as well to keep Registry tidy
}
}
}//if
external.menuArguments.document.URL = external.menuArguments.document.URL; // refresh page
window.close(); // close dialog
}
function updateRadios() {
if ( document.getElementById("option2").checked == true ) {
// enable other radios
document.getElementById("option3").disabled = false;
document.getElementById("option4").disabled = false;
}else{
// disable other radios
document.getElementById("option3").disabled = true;
document.getElementById("option4").disabled = true;
}
}
function RegWrite(regKey) {
try {
wsh.RegWrite(regKey, "2", "REG_DWORD");
return true;
}catch(e){
return false;
}
}
function RegDelete(regKey) {
try {
wsh.RegDelete(regKey);
return true;
}catch(e){
return false;
}
}
function RegExist(regKey, bValue) {
// WScript doesn't have a function to check if a Reg Key exists, so I have to improvise:
try {
wsh.RegRead(regKey);
return true;
}catch(e){
var sTmp = new String(e.description);
if ( bValue == false && sTmp.indexOf("Invalid root in registry key") )
return true; // reg key exists but doesn't have a 'default value'
else if ( bValue == false && sTmp.indexOf("Unable to open registry key") )
return false; // reg key does not exist at all
else
return false;
}
}
function sldCheck(sld, type) {
var KnownSLD = new Array("co.uk", "ac.uk", "me.uk", "id.au");
var UnknownSLD = new Array("org.uk", "net.uk", "sch.uk", "gov.uk", "nhs.uk", "police.uk", "mod.uk", "com.au", "asn.au", "net.au", "org.au", "csiro.au", "gov.au", "edu.au");
if (type == "known") {
for (var i = 0; i < KnownSLD.length; i++) {
if ( KnownSLD[i] == sld ) return true;
}
}else if(type == "unknown") {
for (var i = 0; i < UnknownSLD.length; i++) {
if ( UnknownSLD[i] == sld ) return true;
}
}
return false;
}
function isDigit(num) {
if (num.length > 1) return false;
var string="1234567890";
if (string.indexOf(num) != -1) return true;
return false;
}
function isInteger(val){
for (var i = 0; i < val.length; i++) {
if( !isDigit(val.charAt(i)) )
return false;
}
return true;
}
function parseDomain(sURL, myDomain) {
var posProto = sURL.indexOf("://") + 3;
var posSlash = sURL.indexOf("/", posProto);
var posDomain = 0;
var posRegDomain = 0;
if (!sURL.indexOf("res://") || posProto == 3 || posSlash <= posProto)
// error
return false;
var sHost = sURL.substring(posProto, posSlash);
myDomain.hostname = sHost;
sDomain = sHost.split(".");
if (sDomain.length-1 == 3 && isInteger(sDomain[0]) && isInteger(sDomain[1]) && isInteger(sDomain[2]) && isInteger(sDomain[3]) )
// error (IP addresses aren't supported yet)
return false;
var sldTest = sDomain[sDomain.length - 2] + "." + sDomain[sDomain.length - 1];
if ( sldCheck(sldTest, "known") ) { //( sldTest == "co.uk" || sldTest == "ac.uk" ) {
// treat as an known SLD domain, ex: "domain.co.uk"
posDomain = sDomain.length - 3;
posRegDomain = sDomain.length - 3;
}else if ( sldCheck(sldTest, "unknown") ) { //( sldTest == "org.uk" || sldTest == "net.uk" || sldTest == "com.au" ) {
// treat as an unknown SLD domain, ex: "domain.org.uk"
posDomain = sDomain.length - 3;
posRegDomain = sDomain.length - 2;
}else{
// treat as standard TLD domain, ex: "domain.com"
posDomain = sDomain.length - 2;
posRegDomain = sDomain.length - 2;
}
// iterate through domain, breaking it up into two sections: domain and sub-domains
for (var i = 0; i<sDomain.length; i++) {
// user interface version
if (i < posDomain){
// sub-domain
myDomain.subdomain += sDomain[i];
myDomain.subdomain += (i+1<posDomain) ? "." : "";
}else{
// domain
myDomain.domain += sDomain[i];
myDomain.domain += (i+1<sDomain.length) ? "." : "";
}
// IE Registry-friendly version
if (i < posRegDomain){
// sub-domain
myDomain.reg_subdomain += sDomain[i];
myDomain.reg_subdomain += (i+1<posRegDomain) ? "." : "";
if (i+1==posRegDomain) myDomain.reg_subdomainEx = sDomain[i];
}else{
// domain
myDomain.reg_domain += sDomain[i];
myDomain.reg_domain += (i+1<sDomain.length) ? "." : "";
}
}
// success
return true;
}
</script>
<html>
<title>Internet Explorer - Trusted Zone Helper</title>
<body style="padding:.5em; margin:0em; overflow:hidden; background-color:ButtonFace;">
<table width="100%" border="0" cellpadding="0" cellspacing="0" style="font:8pt Tahoma, MS Shell Dlg; color:WindowText; font-weight:normal; padding:.5em;">
<tr>
<td colspan="3" style="font-weight:bold;">How do you want to trust this domain?</td>
</tr>
<tr>
<td rowspan="2">
<div style="width:4em; text-align:center; vertical-align:middle; margin:auto;">
<img src="tzhlp.gif" id="icon" style="margin-right:.0em;" onError="this.src='tzhlp.gif';">
</div>
</td>
<td><div align="right">Domain:</div></td>
<td width="100%"><script language="javascript">document.write(myDomain.hostname)</script></td>
</tr>
<tr>
<td><div align="right">Publisher:</div></td>
<td width="100%">Unknown<script language="javascript">//document.write(myDomain.reg_domain + "\\" + myDomain.reg_subdomain + "\\" + myDomain.reg_subdomainEx)</script></td>
</tr>
<tr>
<td colspan="3">
<input onpropertychange="updateRadios();" name="domainMode" id="option1" type="radio">
<label for="option1">Always trust content from "*.<script language="javascript">document.write(myDomain.domain)</script>"</label>
<br>
<input onpropertychange="updateRadios();" name="domainMode" id="option2" type="radio" checked>
<label for="option2">Never trust content from "*.<script language="javascript">document.write(myDomain.domain)</script>"</label>
<br>
<input name="fullMode" id="option3" type="radio" disabled>
<label for="option3">Always trust content from "<script language="javascript">document.write(myDomain.hostname)</script>"</label>
<br>
<input name="fullMode" id="option4" type="radio" disabled checked>
<label for="option4">Never trust content from "<script language="javascript">document.write(myDomain.hostname)</script>"</label>
</td>
</tr>
<tr align="right">
<td colspan="3">
<input onClick="buttonApply();" name="Apply" id="button1" type="button" value="Apply" style="font:8pt Tahoma, MS Shell Dlg; color:WindowText; font-weight:normal; width:8em; height:2.2em;">
<input onClick="buttonCancel();" name="Cancel" id="button2" type="button" value="Cancel" style="font:8pt Tahoma, MS Shell Dlg; color:WindowText; font-weight:normal; width:8em; height:2.2em;">
</td>
</tr>
</table>
</body>
</html>
<script language="javascript">
// set the icon to the domain's favicon.ico (if it doesn't exist it will revert back to tzhlp.gif)
document.getElementById("icon").src = "http://" + myDomain.hostname + "/favicon.ico";
// set initial option states (read from the Registry)
switch(myDomain.reg_mode) {
case 0: // 0 = domain is not trusted at all
break;
case 1: // 1 = only specific subdomains are trusted
break;
case 2: // 2 = this specific subdomain is trusted
document.getElementById("option1").checked = false;
document.getElementById("option3").checked = true;
break;
case 3: // 3 = whole domain is trusted
document.getElementById("option1").checked = true;
break;
}
// remove the annoying focus-rects:
document.getElementById("option1").hideFocus = true;
document.getElementById("option2").hideFocus = true;
document.getElementById("option3").hideFocus = true;
document.getElementById("option4").hideFocus = true;
document.getElementById("button1").hideFocus = true;
document.getElementById("button2").hideFocus = true;
</script>