以编程方式将可信站点添加到Internet Explorer

时间:2009-06-09 20:33:30

标签: .net internet-explorer automation watin trusted-sites

我正在使用WatiN进行IE自动化项目。

单击要下载的文件时,我会在Internet Explorer信息栏中看到以下内容:

  

为了保护您的安全,   Internet Explorer阻止了这一点   网站从您下载文件   计算机。

为了下载报告,我可以手动将站点添加到Internet Explorer的受信任站点列表中,但我更愿意在.NET中以编程方式检查该站点是否可信并将其添加到列表中(如果是不。

仅供参考,我目前正在使用IE7。

7 个答案:

答案 0 :(得分:13)

查看this

基本上看起来你只需要在

中创建注册表项
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\DOMAINNAME

然后是名为“http”的REG_DWORD值,其值为== 2

答案 1 :(得分:10)

这是我在.NET中编写注册表项所实现的实现。

感谢你让我朝着正确的方向前进,Ben。

using System;
using System.Collections.Generic;
using Microsoft.Win32;


namespace ReportManagement
{
    class ReportDownloader
    {
        [STAThread]
        static void Main(string[] args)
        {

            const string domainsKeyLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains";
            const string domain = @"newsite.com";
            const int trustedSiteZone = 0x2;

            var subdomains = new Dictionary<string, string>
                                 {
                                     {"www", "https"},
                                     {"www", "http"},
                                     {"blog", "https"},
                                     {"blog", "http"}
                                 };

            RegistryKey currentUserKey = Registry.CurrentUser;

            currentUserKey.GetOrCreateSubKey(domainsKeyLocation, domain, false);

            foreach (var subdomain in subdomains)
            {
                CreateSubdomainKeyAndValue(currentUserKey, domainsKeyLocation, domain, subdomain, trustedSiteZone);
            }

            //automation code
        }

        private static void CreateSubdomainKeyAndValue(RegistryKey currentUserKey, string domainsKeyLocation, 
            string domain, KeyValuePair<string, string> subdomain, int zone)
        {
            RegistryKey subdomainRegistryKey = currentUserKey.GetOrCreateSubKey(
                string.Format(@"{0}\{1}", domainsKeyLocation, domain), 
                subdomain.Key, true);

            object objSubDomainValue = subdomainRegistryKey.GetValue(subdomain.Value);

            if (objSubDomainValue == null || Convert.ToInt32(objSubDomainValue) != zone)
            {
                subdomainRegistryKey.SetValue(subdomain.Value, zone, RegistryValueKind.DWord);
            }
        }
    }

    public static class RegistryKeyExtensionMethods
    {
        public static RegistryKey GetOrCreateSubKey(this RegistryKey registryKey, string parentKeyLocation, 
            string key, bool writable)
        {
            string keyLocation = string.Format(@"{0}\{1}", parentKeyLocation, key);

            RegistryKey foundRegistryKey = registryKey.OpenSubKey(keyLocation, writable);

            return foundRegistryKey ?? registryKey.CreateSubKey(parentKeyLocation, key);
        }

        public static RegistryKey CreateSubKey(this RegistryKey registryKey, string parentKeyLocation, string key)
        {
            RegistryKey parentKey = registryKey.OpenSubKey(parentKeyLocation, true); //must be writable == true
            if (parentKey == null) { throw new NullReferenceException(string.Format("Missing parent key: {0}", parentKeyLocation)); }

            RegistryKey createdKey = parentKey.CreateSubKey(key);
            if (createdKey == null) { throw new Exception(string.Format("Key not created: {0}", key)); }

            return createdKey;
        }
    }
}

答案 2 :(得分:6)

很高兴我遇到了你的帖子。我唯一可以添加到优秀贡献的是,只要URI包含IP地址,即地址不是完全限定的域名,就会使用不同的注册表项。

在这种情况下,您必须使用替代方法:

想象一下,我希望为受信任的站点添加一个IP地址:比如10.0.1.13,我不关心什么协议。

  

在HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings \ ZoneMap \ Ranges下,我创建了一个密钥,例如: “Range1”和创建以下值的内部:

     

名称为“*”且值为0x2的DWORD(适用于所有协议(*)和受信任的站点(2))     名为“:Range”的字符串,其值为“10.0.1.13”

答案 3 :(得分:3)

使用powershell非常容易。

#Setting IExplorer settings
Write-Verbose "Now configuring IE"
#Add http://website.com as a trusted Site/Domain
#Navigate to the domains folder in the registry
set-location "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
set-location ZoneMap\Domains

#Create a new folder with the website name
new-item website/ -Force
set-location website/
new-itemproperty . -Name * -Value 2 -Type DWORD -Force
new-itemproperty . -Name http -Value 2 -Type DWORD -Force
new-itemproperty . -Name https -Value 2 -Type DWORD -Force

答案 4 :(得分:2)

除了adding the domain to the Trusted Sites list之外,您还可能需要更改“受信任的站点”区域的“自动提示文件下载”设置。要以编程方式执行此操作,请修改键/值:

  

HKCU \软件\微软\的Windows \ CurrentVersion \互联网   设置\区\ 2 @ 2200

将值从 3 (禁用)更改为 0 (启用)。这里有一些C#代码:

public void DisableForTrustedSitesZone()
{
    const string ZonesLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones";
    const int TrustedSiteZone = 2;

    const string AutoPromptForFileDownloadsValueName = @"2200";
    const int AutoPromptForFileDownloadsValueEnable = 0x00;     // Bypass security bar prompt

    using (RegistryKey currentUserKey = Registry.CurrentUser)
    {
        RegistryKey trustedSiteZoneKey = currentUserKey.OpenSubKey(string.Format(@"{0}\{1:d}", ZonesLocation, TrustedSiteZone), true);
        trustedSiteZoneKey.SetValue(AutoPromptForFileDownloadsValueName, AutoPromptForFileDownloadsValueEnable, RegistryValueKind.DWord);
    }
}

答案 5 :(得分:2)

以下是基于Even Mien代码以编程方式将可信站点添加到IE的实现。它还支持域名和IP地址。限制是不能定义特定协议,而是仅使用“*”表示所有协议。

//  Source : http://support.microsoft.com/kb/182569
static class IeTrustedSite
{
    const string DOMAINS_KEY = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains";
    const string RANGES_KEY = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges";

    const int TRUSTED_SITE_CODE = 0x2;
    const string ALL_PROTOCOL = "*";
    const string RANGE_ADDRESS = ":Range";

    public static void AddSite(string address)
    {
        string[] segmentList = address.Split(new string[] {"."}, StringSplitOptions.None);
        if (segmentList.Length == 4)
            AddIpAddress(segmentList);
        else
            AddDomainName(segmentList);
    }

    static void AddIpAddress(string[] segmentList)
    {
        string ipAddress = segmentList[0] + "." + segmentList[1] + "." + segmentList[2] + "." + segmentList[3];
        RegistryKey rangeKey = GetRangeKey(ipAddress);

        rangeKey.SetValue(ALL_PROTOCOL, TRUSTED_SITE_CODE, RegistryValueKind.DWord);
        rangeKey.SetValue(RANGE_ADDRESS, ipAddress, RegistryValueKind.String);
    }

    static RegistryKey GetRangeKey(string ipAddress)
    {
        RegistryKey currentUserKey = Registry.CurrentUser;
        for (int i = 1; i < int.MaxValue; i++)
        {
            RegistryKey rangeKey = currentUserKey.GetOrCreateSubKey(RANGES_KEY, "Range" + i.ToString());

            object addressValue = rangeKey.GetValue(RANGE_ADDRESS);
            if (addressValue == null)
            {
                return rangeKey;
            }
            else
            {
                if (Convert.ToString(addressValue) == ipAddress)
                    return rangeKey;
            }
        }
        throw new Exception("No range slot can be used.");
    }

    static void AddDomainName(string[] segmentList)
    {
        if (segmentList.Length == 2)
        {
            AddTwoSegmentDomainName(segmentList);
        }
        else if (segmentList.Length == 3)
        {
            AddThreeSegmentDomainName(segmentList);
        }
        else
        {
            throw new Exception("Un-supported server address.");
        }
    }

    static void AddTwoSegmentDomainName(string[] segmentList)
    {
        RegistryKey currentUserKey = Registry.CurrentUser;

        string domain = segmentList[0] + "." + segmentList[1];
        RegistryKey trustedSiteKey = currentUserKey.GetOrCreateSubKey(DOMAINS_KEY, domain);

        SetDomainNameValue(trustedSiteKey);
    }

    static void AddThreeSegmentDomainName(string[] segmentList)
    {
        RegistryKey currentUserKey = Registry.CurrentUser;

        string domain = segmentList[1] + "." + segmentList[2];
        currentUserKey.GetOrCreateSubKey(DOMAINS_KEY, domain);

        string serviceName = segmentList[0];
        RegistryKey trustedSiteKey = currentUserKey.GetOrCreateSubKey(DOMAINS_KEY + @"\" + domain, serviceName);

        SetDomainNameValue(trustedSiteKey);
    }

    static void SetDomainNameValue(RegistryKey subDomainRegistryKey)
    {
        object securityValue = subDomainRegistryKey.GetValue(ALL_PROTOCOL);
        if (securityValue == null || Convert.ToInt32(securityValue) != TRUSTED_SITE_CODE)
        {
            subDomainRegistryKey.SetValue(ALL_PROTOCOL, TRUSTED_SITE_CODE, RegistryValueKind.DWord);
        }
    }
}

static class RegistryKeyExtension
{
    public static RegistryKey GetOrCreateSubKey(this RegistryKey registryKey, string parentString, string subString)
    {
        RegistryKey subKey = registryKey.OpenSubKey(parentString + @"\" + subString, true);
        if (subKey == null)
            subKey = registryKey.CreateSubKey(parentString, subString);

        return subKey;
    }

    public static RegistryKey CreateSubKey(this RegistryKey registryKey, string parentString, string subString)
    {
        RegistryKey parentKey = registryKey.OpenSubKey(parentString, true);
        if (parentKey == null)
            throw new Exception("BUG : parent key " + parentString + " is not exist."); 

        return parentKey.CreateSubKey(subString);
    }
}

答案 6 :(得分:-1)

  

如果某个网站可以将自己添加到受信任的网站,那么现在这样做会很糟糕。

我不太同意 - 只要浏览器要求用户许可,网站将自己添加到受信任网站的能力可以大大简化用户体验,用户信任域名并希望正确显示页面。

另一种选择是用户必须手动进入互联网选项才能添加域名,这对我的用户来说是不可行的。

我正在寻找一个 php或javascript 方法,让网站通过一些IE api或通过注册表添加自己,就像你上面已经如此有用地解释一样!

到目前为止已找到这些可能的解决方案:

  • php via shell
  • 其他我不允许在此列出,因为我没有足够的积分