How to create an assembly that runs with one click from a browser?

Question

0.00/5 (No votes)

See more:

I can get close: by purchasing an EV certificate from Digicert, I can compile my code and put it in a href link on my website. When a user clicks the href link, the file is downloaded. A second click on the downloaded file runs it, with no further ado thanks to the EV certificate. I'd like to cut down the two clicks to one, since eventually I'd like to have students choose among several dozens of demonstrations to run.

What I have tried:

I've tried to use ClickOnce to compile it, but despite the promising-sounding name, it delivers no more than a politician's promise. I get a similar user experience using it, but worse: it still requires two clicks from the user's perspective, but now the user's second click is followed by a wait while the setup program verifies the files present against the manifest.

Is there in fact a way to have the browser download and automatically launch the code, or am I barking up the wrong tree - is this a property of the browser, and therefore unsolvable (since each user will have different browser settings) - does it really require me to reprogram things in JavaScript and embed that in my pages?

Posted 18-Oct-18 20:41pm

jcsquire

Updated 19-Oct-18 11:33am

Add a Solution

4 solutions

Solution 1

You can't.
The whole idea is that nothing - but nothing - runs directly on the client machine unless the user actually tells it to.
Your site has no control over what happens to downloads of any form, it is all down to the browser and how the user instructs it to behave.

Think about it for a moment: WannaCry infected loads of computers becuase users ran it: if it could run without the user having anything to do with it, then a casual or accidental visit to a malicious site could run something like that directly on your computer. How fast and how far do you think WannaCry would have spread then?

Posted 18-Oct-18 20:52pm

OriginalGriff

Solution 2

Quote:
I'd like to cut down the two clicks to one, since eventually I'd like to have students choose among several dozens of demonstrations to run.

You can't because of a silly thing named 'Security'.
Download and execution on client side are client decision.
My browser is set so that it always ask me what to do with a download, execute or store and where to store, no matter the certificate you are using.

Quote:
Is there in fact a way to have the browser download and automatically launch the code

Think about it, it is a dream for any malware maker.

Posted 19-Oct-18 0:05am

Patrice T

Solution 4

Actually, the approach I use with .svgs interprets user clicks, computes a dynamically-calculated phasor, and then calculates a dynamically-calculated Fourier reconstruction and plots that in an animated fashion. I can make it do a lot more than just drawing static data from a file! I suppose that, or raw JavaScript, is what I'll need to convert all my demonstrations into.

Fair dinkum. Was hoping a similar option was available in a language that's typesafe...svg coding and JavaScript coding (and Flash, back in the day) is ugly in comparison. Thanks all.

Posted 19-Oct-18 11:34am

jcsquire

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

jcsquire · Accepted Answer · 2018-10-19T01:43:00

I agree with the above comments that the ability to auto-run code from a website that can read to or write from the user's drive poses a major security risk. Yet, I don't think my question is naive. I currently have an interactive program on my pages inside a .svg container that executes on the client machine without the user doing anything other than visiting the page, for instance.

I would think there would be some option to allow one to do the same in a C# app, perhaps by limiting code privileges as a "partially-trusted" option, reserved for non-reflective code that has no access to drives. It indeed may be impossible to do so, but I don't see how such a limited-trust program would be any more a malware writer's dream than an .svg that provides the same functionality as my screen-write-only programs.

It sounds like I may have to move away from C# and recode everything in JavaScript or .svg's that provide the functionality I seek. I just prefer writing complex code in a type-safe language.