Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Are there ways to call a Windows command (ie: exe file) from a web application on the browser/client-side? Perhaps by installing a browser plug-in or client-side application? I realize web browsers are sandboxed really well, but this is just an internal app in our department, so this is putting all security risks aside for now. If so, how can this be done?
This is being used to link directly to a Windows application which hosts call tickets from a web application, to the specific call ID.
I believe you have to install a plugin in the browser. That would be an ActiveX object for IE or an NPAPI plugin for all the other browsers.
You can’t just set aside the security implications because it’s an internal app. If you install a browser plugin that lets a page issue arbitrary commands, then you have to worry about other pages trying to take advantage of that plugin. A common precaution is to have the plugin check the domain of the page (e.g., to make sure it’s from your corporate domain) before performing the action. This is commonly called site-locking.
Another security approach is not to have the plugin relay arbitrary commands from the page but rather perform one of a limited set of commands built into the plugin itself. This can reduce the attack surface tremendously.