- For x86 systems or for 32-bit processes on x64 systems
Go to the HKEY_LOCAL_MACHINE/SOFTWARE/MICROSOFT/.NETFramework registry key and change the EnableIEHosting value to 1.
- For x64 systems or for 64-bit processes on x64 systems
Go to the HKEY_LOCAL_MACHINE/SOFTWARE/Wow6432Node/.NETFramework registry key and change the EnableIEHosting value to 1.
Note Running parts of an application in this mode is a well-known security vulnerability. Customers should be aware of the risks that are described in this article. There are no tested and documented ways to reduce the risks. There are many alternatives, such as Microsoft ClickOnce applications, XAML browser applications (XBAPs), and Microsoft Silverlight, that can provide you better security and scalability.
From the .NET Framework 4, we remove the IEHost.dll file for the following reasons:
- IEHost/HREF-EXE-style controls are exposed to the Internet. This poses a high security risk, and most customers who install the Framework are benefiting very little from this security risk.
- Managed hosting controls and invoking random ActiveX controls may be unsafe, and this risk cannot be countered in the .NET Framework. Therefore, the ability to host is disabled. We strongly suggest that IEHost should be disabled in any production environment.
- Potential security vulnerabilities and assembly versioning conflicts in the default application domain. By relying on COM Interop wrappers to load your assembly, it is implicitly loaded in the default application domain. If other browser extensions do the same function, they have the risks in the default application domain such as disclosing information, and so on. If you are not using strong-named assemblies as dependencies, type loading exceptions can occur. You cannot freely configure the common language runtime (CLR), because you do not own the host process, and you cannot run any code before your extension is loaded.
ID članka: 2996039 - Poslednji pregled: 23.09.2014. - Verzija: 1