Problem: Opening any of the html sample pages of FCKEditor from the filesystem in IE7 gives an "Access Denied" error coming from file fckeditor\editor\js\fckeditorcode_ie.js on line 62 with the code: "B.open("GET",A,false);".
The source for this can be found under fckeditor\editor\filemanager\browser\default\js\fckxml.js. Here is the function being called
FCKXml.prototype.LoadUrl = function( urlToCall, asyncFunctionPointer )
{
var oFCKXml = this ;
var bAsync = ( typeof(asyncFunctionPointer) == 'function' ) ;
var oXmlHttp = this.GetHttpRequest() ;
oXmlHttp.open( "GET", urlToCall, bAsync ) ; // offending line
if ( bAsync )...
A, or urlToCall, is "file:///C:/Documents and Settings/Administrator/Desktop/FCKeditor_2.6.2/fckeditor/fckstyles.xml"
I've noticed however that version 2.4.2 of FCKEditor can run on the filesystem. Proof of this has been demonstrated Corbin Hoenes in this blog http://hoenes.blogspot.com/2007/04/fckeditor-running-on-desktop.html . Many of us in this blog are interested in running FCKeditor in a winapp form, but for this to be possible it has to be runnable by ie on the filesystem.
In particular, here is html that works for 2.4.2 but NOT on 2.6.2. Also note, place this code in the same folder that contains the fckeditor folder.
<html> <head> <script type="text/javascript" src="fckeditor/fckeditor.js"></script> </head> <body> <script type="text/javascript"> var sBasePath = 'fckeditor/' var oFCKeditor = new FCKeditor( 'FCKeditor1' ) ; oFCKeditor.BasePath = sBasePath; oFCKeditor.Height = '100%'; oFCKeditor.Width = '100%'; oFCKeditor.Value = 'This is some <strong>sample text<\/strong>. You are using <a href="http://www.fckeditor.net/">FCKeditor<\/a> in a <b>WinForms</b> application.' ; oFCKeditor.Create() ; </script> </body> </html>
AND....
I just barely solved this issue after more debugging...
Basically the native IE7 XmlHttpRequest Object appears to not allow requests on the filesystem. Here is the offending code causing the issues: (file fckeditor\editor\_source\internals\fcktools_ie.js)
FCKTools.CreateXmlObject = function( object )
{
var aObjs ;
switch ( object )
{
case 'XmlHttp' :
// Try the native XMLHttpRequest introduced with IE7.
try { return new XMLHttpRequest() ; } catch (e) {} // bad for use on local filesystem
aObjs = [ 'MSXML2.XmlHttp', 'Microsoft.XmlHttp' ] ; // use this instead for local filesystem
break ;
case 'DOMDocument' :
aObjs = [ 'MSXML2.DOMDocument', 'Microsoft.XmlDom' ] ;
break ;
}
for ( var i = 0 ; i < 2 ; i++ )
{
try { return new ActiveXObject( aObjs[i] ) ; }
catch (e)
{}
}
if ( FCKLang.NoActiveX )
{
alert( FCKLang.NoActiveX ) ;
FCKLang.NoActiveX = null ;
}
return null ;
}
Re: IE7 Access Denied - Local Filesystem
A customer has a very locked down IT system and have recently changed their policy regards 'new ActiveXObject' javascript method call.
Their new security policy is being rolled out gradually across their organisation.
Individual PCs have reported FCKEditor working one day and not working the next, there is space reserved on the form for FCKEditor, but it never appears.
This was first reported about a month ago, but so many people are now affected that the whole organisation is contemplating stopping using our web application.
Obviously this is now the No 1 priority item on my development list !!!!
Their security change is as follows:
They used to prevent the browser from executing the method - we tweaked FCKEditor to catch the exception and do something sensible.
Now they scan the js file and prevent the file from being cached - it is downloaded, then discarded by the client.
Hence, any javascript file with 'new ActiveXObject' in it is unavailable to the client.
I'm in the process of moving the offending 'new ActiveXObject' code into a separate js file so FCKEditor can continue operating when the offending file is blocked.