This might fall into the ‘easily Googled’ category, though thus far I haven’t been able to Google up the answer or figure it out. Basically, what I want to do is to insert essentially a run command into a private Wiki page (being used for network documentation) to allow me have a link on the page to run the customers telnet client with the devices IP address. I already know how to run the telnet client with the proper config file, I just can’t figure out how to create the link in Wiki to allow it to run. I can see how to create a link HTTP and HTTPS, but how do you do it for a different application? Let’s say I want to just use the standard telnet client that comes with windows…how would I create a link to simply run that from the page?
That works for Telnet specifically, and is likely good enough for the OP’s problem, but what he’s asking for in general (a link to run an arbitrary program on the user’s computer) would be a security nightmare.
The Wiki page is only available to the network admins, and the program in question is standard on all their machines, so it’s not an issue of security. The Wiki page itself is secure and requires authentication to get into it as well.
I tried both formats here from psychonaut and friedo, and both worked for launching Telnet. I was able to make a change in Windows so that the default telnet program simply runs the telnet client the customer is using, and I’m sure I can write a script to make that change on all the admin machines, so the problem is solved.
Does anyone know how to run an application other than one of the standard Windows apps? Say you wanted to put in a link to run World of Warcraft or Rome Total War…how would you do that?
BTW, thanks for the help…it’s saved me a ton of time and I leaned some new stuff about Wiki pages I didn’t know. Appreciate it!
This doesn’t have anything to do with wikis in specific; it’s just how browsers react to URLs, which are, after all, Uniform Resource Locators. Any webpage could do the same things.
There is no way of “running” any system application from a web page. You can only provide URLs to resources, and allow the browser to open them as it sees fit, or as configured by the user. A browser may well decide to launch a third-party application for a specific URL, though you as the web developer have no control over which application, if any, gets run. When a web browser sees, say, a telnet: URL, it may launch the system’s default telnet client, or it may launch a certain telnet client configured by the user in the browser settings, or it may ask the user what program it should launch to handle the URL, or it may refuse to handle the URL altogether. It will do one of these four things for any other URI scheme that it doesn’t handle natively, though again, as the web developer, you don’t have any control over that.
There may be some non-standard URI schemes for World of Warcraft or Rome Total War—I very much doubt it, though, since you don’t typically reference a particular named resource when launching a game. Even if there are such URI schemes, no major web browser is going to recognize them out of the box and thus launch the appropriate application for them.
If you just want to launch an arbitrary executable application that you know resides in a fixed location on the user’s local machine, you could always try constructing a URL of the form file:///path/to/executable. However, every sensible web browser is going to refuse to actually execute that file if you point it to that URL. To do otherwise (in the general case) would be a grave security risk—for example, a malicious web developer could provide a link to a command which formats your hard drive. A web browser has no idea whether any given executable file at the end of a link is dangerous, so on principle it will refuse to run any of them.
In this particular case, it’s not an issue of security, but the users’ web browsers don’t know that. If things were set up such that a web browser would run arbitrary code just because a web page told it to, then you’d have malicious folks setting up their own webpages, getting people to look at them, and taking control of computers.
Ah, I see. Well, I’m not a web developer in any way shape or form (nor do I play one on TV), so I didn’t actually know any of that stuff. The customer is using a Wiki instance running on one of their VM’s that has all their network and systems information in it, and they asked me if I could add a link to launch their putty application with the specific IP address of the router, switch or firewall the page refers to. I figured there would just be a way to launch an app directly from the page…didn’t occur to me that there would be security issues involved, though now that it’s been explained it should be obvious. At any rate, the syntax for accessing telnet given in the first two posts definitely works in conjunction with simply changing the default telnet program in windows (not sure if this will work in Windows 7, which doesn’t come with a default telnet program…haven’t tried that yet), so the customer is happy at least.
I appreciate the help AND the more detailed information about the browser and security aspects of the problem and why you can’t and wouldn’t want to do what I was originally thinking the solution would be.
I’m not really good at remembering URL syntax, but I’m suspecting that it should be able to run a specific application if you know the exact path. So, if your people that are accessing this page all have C:\ImBroke.bat, you should be able to launch it (with security warnings, I’m sure) with file:///C:/ImBroke.bat.
Naw, it’s actually working well as it is. I wrote a little VBScript file to change the admin groups default telnet client to be putty, and then add a registry changing script for the program, and it seems to be working perfectly for them. I’ll cross the possible issue with Vista/Windows 7 in the future…they are an XP shop and I doubt they will be changing to either OS any time soon (I’m actually trying to talk them into going with Ubuntu instead anyway…for what they do there is really no need for Windows of any variety, since all the tools they use either work or have alternatives in Linux).
Huh. You mean that browsers will actually refuse the link, and not just put up a security warning saying that the site wants to run an application? (A warning that can be disabled for that site.)