When a Web page with script loads into the latest version of Internet Explorer
(Service Pack 2), the script won’t immediately execute. Instead, a message
appears across the top of the browser window saying, To protect your
security, Internet Explorer has restricted this file from
showing active content that could access your computer. Click
here for options.Go ahead and click here. Then choose Allow Blocked
Content from the dialog box that appears. Now another warning pops up, just
in case you were delirious or roaring drunk when you made your choice. This
second warning asks you if you’re sure. Go ahead and click Yes. Now, at long
last, you can see the effects of your script. Note that once you allow blocked
content from one Web page, any other pages you surf to are also permitted to
send blocked content. IE only resets itself after you shut it down, and then
restart it. After that, the message about blocked content once again appears
in response to an attempted script load.
You can include more than one script element in a page, but put them up
inside the <head>element.
Using the Right Tools for the Job ..............................................................
For small programming jobs, scripting works just fine. Scripting isprogram-
ming, albeit with a somewhat abbreviated language. Scripting is designed to
get past firewalls, browser security settings, and other security measures. A
script language is quite similar to its parent language (Visual Basic or Java),
but some potentially dangerous commands — mainly those that access the
hard drive, such as those that delete files — are removed from the script
language.
Unfortunately, evil-doers canstill find ways to make scripting dangerous, but
Microsoft has come up with an ingenious solution: Execute your code on the
server, compose an ordinary HTML page after the computation has finished,
and send thatHTML back to the user’s browser. HTML, like a television show,
cannot introduce a virus into your house. It’s the difference between seeing a
picture of someone with a cold, versus sitting next to somebody on a bus
who’s hacking and wheezing.
ASP.NETis the name Microsoft gave to this server-side code execution tech-
nique. It works quite well, allowing programmers to enjoy the full VBA, VB.NET,
or other language rather than simply scripts. For serious, complex Web pro-
gramming solutions (or what is now often called enterprise development), you
will find working with the heavy-duty tools available in the Visual Studio .NET
suite much more efficient.
Chapter 16: Programmatic CSS 283
