FYI - "Fixing" javascript events with .NET Framework 1.1 and SP1

For those of you who are using or were using javascript events prior to SP1 with the .NET Framework and are having issues - there exists a fairly straight forward workaround.

Steps to take:
1. Do not use standard Javascript event syntax or object.attachEvent(...) - Both of these raise SecurityDemands for the UnmanagedCode permission - which will fail in IE unless you are trusting by zone (which we are not).

2. Convert your existing script tag or function declaration in javascript to a standard method
From this:
<script for="myControl" event="MyEvent">
alert("Did MyEvent on myControl!");
</script>
To This:
<script>
function myControl_OnMyEvent() {
  alert("Did MyEvent on myControl!");
}
</script>

3. Add a method like the following to your control
public void AddEventListener(mshtml.DispHTMLObjectElement target, string eventName, object callback)
{
  new SecurityPermission(SecurityPermissionFlag.UnmanagedCode).Assert();
  target.attachEvent(eventName, callback);
  SecurityPermission.RevertAssert();
}

4. In javascript call your new method (we respond to the control event Load to make sure things are really there)
myControl.AddEventListener(myControl, "MyEvent", myControl_OnMyEvent);

That's it... I'm typing this quick - if it is unclear - tell me where and why and I'll explain if I can.  If I'm a tool and could have done this some automagic way - let me know that as well...

ze

Answer this question

FYI - "Fixing" javascript events with .NET Framework 1.1 and SP1

360tester
thanks for the swift reply - I will experiment but my feeling is that it probably needs to stay in order for the events to propogate to IE as you say.
PC Webman
You will still require the security permissions to run unmanaged code. The difference is that you will be able to give "FullTrust" access right just for the control, instead of the whole zone.
Syed Aziz ur Rahman
Updated method for attaching events (loose the Microsoft.mshtml.dll reference):

Change the signature of the AddEventListener on your Windows control to accept an object instead of the strongly typed "mshtml.DispHtmlObjectElement".

public void AddEventListener(object target, string eventName, object callback)
{

   // assert permission
   new SecurityPermission(SecurityPermissionFlag.UnmanagedCode).Assert();

   // obtain IHTMLObjectElement type by GUID
   Type type = Type.GetTypeFromCLSID(
           new Guid("{3050F24F-98B5-11CF-BB82-00AA00BDCE0B}"));

   // invoke attachEvent
   type.InvokeMember(
                              "attachEvent",
                              BindingFlags.InvokeMethod,
                              null,
                              target,
                              new object[] {eventName, callback}
                              );

   // revert permission assertion
   SecurityPermission.RevertAssert();

}
Mickw
Quick question - do you need to keep the old COMEvents interface with DispIds which used to be required to bind to the 'for' code on the page
NameDon
It sounds like you are talking about an ASP.NET server control.

A few more details would be helpful (sample code, etc).

ze
JohnAH
True, true.

You must have the unmanaged code privelege to interoperate with JS AND SP1. It is odd but the way that the permission applied seems to have changed directions (or added another dimension) with SP1.
Abhi Khune
I've been running into the same wall.

I have a .net form control that's able to post events to javascript perfectly fine on IE 6.0.2800 on a Win2000 machine, but the control never gets the registration on my XpPro machine running IE 6.0.2900. The event handler is always NULL, no matter how I try to register the event with javascript/JScript/whatever. In my situation, I cannot force the user to change their security settings in order to use my controls. My assemblies are strongly signed and have my digital certificate signed to them. Extremely annoying.

To me, this is a serious lack of functionality. I could see some minor annoyances a .Net control in an IE browser could do to the browser, but the need to be able to post events back to the browser greatly outweigh any of these issues, IMO.

Not to mention that .Net controls won't run in other browsers...

I would greatly perfer writting .Net forms controls instead of using Flash or Java Applets, but being able to interact with the browser is a requirement for me.
Zhiqiang Feng
Note: The mshtml.DispHTMLObjectElement comes from a reference to the Primary Interop mshtml.dll from the Framework - don't forget to add this reference!
ddimitrov
To be honest I'm not sure, and I don't have an easy "near by" example to suss through the details of the thing... If I remember correctly though I ran into other issues without the supporting I[ClassName]COMEvents interface... Such as the events don't get to IE.

So without being any help at all I would say - pull them off - if it doesn't work - put them back. Hooray for science and only understanding my perspective of the world.

Sorry I couldn't put together a definitive answer and example...
steve1977
Hi,

How do i raise the event that i hooked it up in the server control.
I coded as you mentioned.

Thanks in advance
JusTiN_BiS

Sorry for the confusion.
I want to call a javascript function from a User control hosted inside IE.
I don't know how to call the javascript function from UserControl

Thanks.
FYI - "Fixing" javascript events with .NET Framework 1.1 and SP1

Answer this question