Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Microsoft Rich TextBox control does not work in Internet Explorer


View products that this article applies to.

Symptoms

The Microsoft Rich TextBox control (Richtx32.ocx) does not function correctly when hosted in Internet Explorer. The Rich TextBox control fails to display in the Internet Explorer window when the control is installed on the computer.

↑ Back to the top


Cause

The Rich TextBox control is not "safe" when used in Internet Explorer. Microsoft intentionally blocks this control for security reasons.

↑ Back to the top


More information

The Rich TextBox control is not "safe for scripting" because both the LoadFile and SaveFile methods allow a malicious script access to read, write, or change files on a user's local computer.

It is not "safe for initialization" because the Rich Text Format (RTF) specification allows for the embedding of potentially malicious OLE objects. Previous versions of the Rich TextBox control are incorrectly marked safe for scripting and initialization, and are blocked from running in Internet Explorer.

When you use the Rich TextBox control on a Web page, you must first wrap it in another Microsoft ActiveX control that does not expose the unsafe properties and methods. This wrapper control is then marked as safe when it is packaged for distribution.

Workaround

The following are two possible workarounds to achieve rich editing functionality on your Web page:
  • Wrap the Rich TextBox control in another ActiveX control that does not expose the unsafe properties and methods. This wrapper control is marked as safe when it is packaged for distribution.
  • Use the Dynamic Hypertext Markup Language (DHTML) Editing Component, if the RTF support is not necessary.

↑ Back to the top


References

For additional information, please see the following MSDN Web Workshop sites:
Safe initialization and scripting for ActiveX controls
http://msdn2.microsoft.com/en-us/library/Aa751977.aspx

For more information, see the following Webcast:

↑ Back to the top


Properties

Retired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.

↑ Back to the top


Keywords: KB249150, kbsecurity, kbprb, kbctrl

↑ Back to the top

Article Info
Article ID : 249150
Revision : 3
Created on : 12/6/2012
Published on : 12/6/2012
Exists online : False
Views : 418