OWASP O2 Platform Blog

O2 Method: Adding sites to IE trusted zones

One of the pains of using WatiN is the fact that IE protected zone will complain for websites that use scripts from other websites. The solution is to make those websites part of the trusted zone. I don’t like this but it seems to be the only way for it to work.

After doing the 4 click process that is adding this in IE, I decided to write add the following methods to O2 so that we can now do this programatically (note parts of this script were based on the solution in this StackOverflow entry):

    //REGISTRY
    public static class RegistryKeyExtensionMethods
    {   
        public static string makeDomainTrusted(this string rootDomain, string subDomain)
        {
            try
            {               
                var ieKeysLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\";
                //var domainsKeyLocation =  ieKeysLocation + "Domains";
                var domainsKeyLocation =  ieKeysLocation + "EscDomains";               
                var trustedSiteZone = 0x2;
                RegistryKey currentUserKey = Registry.CurrentUser;
                currentUserKey.getOrCreateSubKey(domainsKeyLocation, rootDomain, false);
                currentUserKey.createSubDomainKeyAndValue(domainsKeyLocation, rootDomain, subDomain, "http",trustedSiteZone);
                currentUserKey.createSubDomainKeyAndValue(domainsKeyLocation, rootDomain, subDomain, "https",trustedSiteZone);
                var message = "Added as truted the domain: {1}.{0}".format(rootDomain,subDomain);
                return message;
            }
            catch(Exception ex)
            {
                ex.log("in makeDomainTrusted");
                return ex.Message;
            }
        }
   
        public static RegistryKey getOrCreateSubKey(this RegistryKey registryKey, string parentKeyLocation, string key, bool writable)
        {
            string keyLocation = string.Format(@"{0}\{1}", parentKeyLocation, key);
            RegistryKey foundRegistryKey = registryKey.OpenSubKey(keyLocation, writable);
            return foundRegistryKey ?? registryKey.createSubKey(parentKeyLocation, key);
        }

        public static RegistryKey createSubKey(this RegistryKey registryKey, string parentKeyLocation, string key)
        {
            RegistryKey parentKey = registryKey.OpenSubKey(parentKeyLocation, true); //must be writable == true
            if (parentKey == null)
                 throw new NullReferenceException(string.Format("Missing parent key: {0}", parentKeyLocation));
            RegistryKey createdKey = parentKey.CreateSubKey(key);
            if (createdKey == null)
                throw new Exception(string.Format("Key not created: {0}", key));
            return createdKey;
        }
       
        //IE Specific
        public static void createSubDomainKeyAndValue(this RegistryKey currentUserKey, string domainsKeyLocation, string domain, string subDomainKey, string subDomainValue, int zone)
        {
            RegistryKey subdomainRegistryKey = currentUserKey.getOrCreateSubKey(string.Format(@"{0}\{1}", domainsKeyLocation, domain), subDomainKey, true);
            object objSubDomainValue = subdomainRegistryKey.GetValue(subDomainValue);
            if (objSubDomainValue == null || Convert.ToInt32(objSubDomainValue) != zone)           
                subdomainRegistryKey.SetValue(subDomainValue, zone, RegistryValueKind.DWord);          
        }
    }  

This can now be consumed like this (code sample from the updated API_WordPress.cd)

    public static class WordPressAPI_ExtensionMethods_IE_Utils
    {
     public static API_WordPress addRequiredSitesToIETrustedZone(this API_WordPress wordPress)
     {
      "o2platform".makeDomainTrusted("com");
      "stats.wordpress.com".makeDomainTrusted("s");
      "scorecardresearch.com".makeDomainTrusted("b");
      "wp.com".makeDomainTrusted("sp1");
      "wp.com".makeDomainTrusted("s2");
      "wp.com".makeDomainTrusted("s1");
      "wp.com".makeDomainTrusted("s0");
      "quantserve.com".makeDomainTrusted("edge");
      "gravatar.com".makeDomainTrusted("s");      
      return wordPress;
     }
    }

March 4, 2011 - Posted by | IE Automation, WatiN

2 Comments »

  1. […] I was writing the script to Add sites to IE’s trusted zone I found that I needed to have a quick look at the registry. Since opening up RegEdit seemed like […]

    Pingback by O2 Script Sequence: Creating a Windows Registry Viewer « O2Platform.com for Developers | March 4, 2011 | Reply

  2. […] the APIs added here and the Registry Viewer added here, this next script shows a little tool that can be used to add […]

    Pingback by O2 Util: Add sites to IE trusted zone « O2Platform.com for Developers | March 4, 2011 | Reply


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: