I accidentally put his in the wrong catagory (Server side scripting-subsection:Other)
So I moved it here...
Title = HyperText Applications, Practical or destructive?
------------------------------------
------------------------------------
------------------------------------

Hi,
I was just wondering why everyone on the web is so freaked out over HTAs
and the so-called security risks involved with such implimentations as the FSO and ActiveX objects when every major programming language allows the implimentation of some form of FSO and ActiveX programming, I would go as far to say that HTA's are safer then the typical C/C++ or VB program (Which in terms of the masses I guess are regarded safest of all applications) because you can open an HTA in a text editor and scope the code out for yourself, it's be easy to detect implimentations of the FSO as well as other activeX objects to see if an HTA is safe, programs can even be written to detect such lines of code in HTAs with the greatest of ease using JScript or VBScript and written into log files with the FSO. As an HTA programmer, someone who understands how they work and wonders why people feel they're at such risk and not with any other downloaded program from an unknown source I felt compelled to ask why people are giving them a bad name... Granted, the ILoveYou virus was a WSH script I read somewhere on the MSDN library, but that's not to say it couldn't have been written in C or VB or Java, Flash, or DOS even...

But anyways, thanks for reading my post. I would greatly appreciate any replies even if just to criticize me on this, If I can learn a thing or two that I don't know I'll be a thing or two smarter .

-wav syntax.



<html>
<head>
<title>HTA Potential Risk Scanner</title>
</head>
<body>
<h4>Just a simple semi-humorous example to sum up my post...</h4>
<textarea style="width:100%;height:75%;" id="test">Copy/Paste the code to an HTA program in here,
and hit the "Test Code" button...
</textarea>
<input type="button" value="Test Code" onclick="test()" />
<script type="text/javascript">
function test(){
var data=document.getElementById("test").value;
if(data.indexOf("createObject")==-1 && data.indexOf("ActiveXObject")==-1){
alert("This program is safe to run, enjoy it\'s highly limited functionality, NOTE: even though this is an HTA it\'s just as limited in any other language.");
}
else{
alert("This program is potentially unsafe, it is recommended that you do not run this or any other programs not created by Microsoft Corperation EVER!!!");
}
}
</script>
</body>
</html>