Some VS2005 and VS2008 Wizards Pop Up Script Error.

Some VS2005 and VS2008 Wizards Pop Up Script Error.

Rate This
  • Comments 80

Visual C++ team has discovered that after installing the current release of Internet Explorer (Internet Explorer 8), some VC++ wizards do not function correctly.  The products affected are Visual Studio 2005 and Visual Studio 2008.  Following are the affected wizards:

-          Add Function

-          Add Variable

-          Smart Device – New Project Creation

-          Smart Device – Add Class

 

Invoking any of the above wizards in VS2005 or VS2008 will pop up a script error if IE8 is installed on the machine.  We have a workaround for those who have encountered this error.

 

Please follow the following steps:

-          Open regedit (on a 64-bit OS, open the 32-bit regedit)

 

-          Under “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones”, create a new key called 1000 (if it isn't already there)

 

-          Under 1000, create a DWORD entry with:

o   Name = 1207

o   Type = REG_DWORD

o   Data = 0x000000

 

For the workaround to work on VS2005 however, the VS2005 SP1 (and VS2005 SP1 Update for Windows Vista) has to be installed.

 

Following is a brief explanation of the problem and the workaround:

The VC++ Wizards Engine implements the IInternetSecurityManager interface.  In this implementation it allows or disallows specific actions under certain policies that Internet Explorer queries it about.  In IE8 a custom Security Manager now also gets queried about the URLACTION_ACTIVEX_OVERRIDE_REPURPOSEDETECTION policy which IE previously did not delegate to custom security managers when the engine wasn’t running in the iexplore.exe process.  The IE engine then fails this action because we don’t have a policy entry for it in the custom zone for VC++ Wizards. We are still investigating whether this change in IE8 is by design and will possibly be addressing it by a fix in either the Wizard or IE components depending on the outcome.

 

The above workaround lets the policy 1207 (URLACTION_ACTIVEX_OVERRIDE_REPURPOSEDETECTION) to be allowed in zone 1000 (custom zone of VC++ Wizards engine).  This allows the wizard code to work as intended.

 

We apologize for the inconvenience this issue may have caused you.

 

Thank you

Visual C++ Team

__________________________________________________________________________________________________________________________________________________________

 

 

The Internet Explorer team has released a security update to IE as mentioned in the IE blog:

http://blogs.msdn.com/ie/archive/2009/06/09/ie-june-09-security-update-now-available.aspx

 

This update also fixes the problem that caused some Visual Studio wizards to pop up a script error.  After applying this update, the earlier workaround in the registry is no longer required, and the wizards should work fine.

  • The web browser control basically switched from an unknown zone to another unknown zone after the change... Does this higher or lower the web browser control's security level of other settings?

  • Since these screens apparently function at the whim of Internet Explorer, and (at least the first two) have abysmal performance , design and functionality, why not get rid of them and replace them with ordinary modal dialogs?

    IMHO, the integration of IE with the OS was one of the worst mistakes MS ever made, but there is no need for Visual Studio to buy into it any more than is absolutely necessary.

  • Agree with David completely. And, if they are so commited to using javascript in those dialogs, they should have gone with some sort of signing and making these scripts trusted. How about trusting scripts that are resources in signed binaries? What happens now is hardly acceptable

  • Thanks for providing workaround. I was beginning to bother.

    I feel it's OK that VS uses some kind of HTML-based dialogs. At least this allows for better code covergage of both products.

    I don't really like servicing policy of Visual Studio meaning that VS RTM is in fact of "beta" quality, SP1 is like stable release, but there is no polished SP2. Instead you get buggy RTM of next Visual Studio.

  • Visual C++을 사용하는 개발자 분들이 Internet Explorer 8 설치 후에 겪는 문제에 대해 Visual C++ 팀이 블로그를 통해 우회 방법을 소개했습니다. 방법은

  • @David: Agreed. But it's probably unrealistic to expect them to rework the wizards outside a major product release. ;)

    But HTML, Javascript and embedded IE is definitely a terrible way to implement the project wizards. (Not least because it makes it so needlessly awkward for us to create our own)

  • If you have recently upgraded your Internet Explorer to the latest and greatest final version 8 , apart

  • Internet Explorer 8 Breaks Visual Studio 2008, Update

  • If you have recently upgraded your Internet Explorer to the latest and greatest final version 8 , apart

  • I also agree completely with David Wilkinson.   Replace these IE-dependent dialogs with convention win32 dialogs.  In the meantime, Developers are running IE 8 in some new mystery security zone.

    Is the VS team managing complexity, or just following/adding cool things?

  • Just to emphasize, this workaround impacts no aspect, security or otherwise, of using IE8 as a browser.

    VS already is a custom security host that directly controls all of the IE policy decisions while rendering the wizard code. In addition, VS uses a custom security zone (1000 decimal). It normally delegates no known relevant policy to the defaults for that security zone, but with IE8 the security host gets asked about the one policy detailed in the post. We use the custom security zone mechanism exactly to have a second layer of control when something happens like this.

    Full details about the mechanisms are at: http://msdn.microsoft.com/en-us/library/ms537021%28VS.85%29.aspx

    On the question as to why these are HTML dialogs? That was a decision we made for the VS 2002 product, and in retrospect, it wasn't the right decision. The decision now is whether it is worth the investment to replace these dialogs versus working on other features. So far we have felt we have higher value work we are doing.

    Ronald Laeremans

    Visual C++ Team

  • I know the new zone does not impact IE8, but it does have impact on all webbrowser-based applications like Visual Studio, Outlook/Outlook Express, FireFox's IETab extension, Maxthon, Windows Media Player, Real Player when the URL is not part of other zones.

    I think change moved some URLs from an default zone to a customized 1000 zone for webbrowser-based applications. I am assuming the default zone is more secure since it is more strict. However the different between default setting of other security settings in the new 1000 zone and the default settings in the default zone is not yet known.  

    I would suggest to copy registry entries from a restricted zone like untructed websites to the 1000 zone before relaxing the setting for the 1207 URL action.

  • thax alot for FIX ! As IE 8 released. I got the issue and reported to Microsoft Connect.

    https://connect.microsoft.com/IE/feedback/ViewFeedback.aspx?FeedbackID=425677

  • Wow, Yet again another reason to drop those damn HTML Dialogs and bring back the code for ClassWizard from Visual C++ v6 which the code should be still lying around in Microsoft someplace<ggg>. Is it really since VC 2002 those html dialogs was introduced. Oh well, I have long since given up on those dialogs and just added the message handlers / code manually myself. I've also got to say that performance of those dialogs are abysmal. Three or four seconds to show a simple add function/variable dialog is not acceptable. Surely someone can spent half a day to get this fixed / put back to how it worked in VC 6!. Lets hope this is addressed for VC 10.

  • PJ, I filed bugs about badly formatted Wizard code and misaligned checkboxes in some dialogs. They told me they were too busy to deal with such trivialities. You think they're going to pay attention to this? That would require professional developers with pride in their work.

Page 1 of 6 (80 items) 12345»