问题
Is there a way I can execute my vbscript code directly from my address bar? I am looking for something similar to what we have for JavaScript.
On a side note, isn't running vbscript from browser a major security risk, as it has more privileges while running than JavaScript?
回答1:
Pretty much the same way as Javascript it just doesn't work very well:
vbscript:replace(document.body.innerhtml,"Address Bar","sandwich")
Essentially this navigates to a page that has source equivalent to the returned value of the function call.
Any attempt I've made to do a command that has no return result has caused an error on the page...
As for your side note, not really. The browser limits what scripts can do. For instance, you can automatically create objects using VBS via CreateObject("whatever"), but if run from a browser you will be prompted to allow Active-X controls. (You can do the same thing with Javascript)
回答2:
You can invoke VBScript exactly as you would Javascript and I do mean "exactly". For both VBScript and Javascript, the "command" after the language specifier (javascript: or vbscript:) is "executed" by passing the command string to eval() (of the relevant language). The difference between Javascript and VBScript is that, for VBScript, the argument to eval() must be a valid VBScript expression, while for Javascript, eval() will parse and execute essentially any string that is syntactically valid Javascript, whether or not it is a single Javascript expression, and return the value of the last executed expression statement within that string (or Void if there weren't any). Thus, while
javascript:for(i=0;i<5;++i)alert(i)
is perfectly valid,
vbscript:for i = 0 to 4 : alert i : next
isn't.
Despair not, there is a work around. Both Execute and ExecuteGlobal are defined as "statements" (though they actually behave like predefined procedures, aka Subs) and as such cannot be used as the "expression" passed to eval(), at least not in their usual syntactic form
Execute <some string containing statements>
ExecuteGlobal <some string containing statements>
However, by 'faking it' so that Execute or ExecuteGlobal look like function calls (which are expressions)
Execute(<some string containing statements>)
ExecuteGlobal(<some string containing statements>)
VBScript seems quite happy to "evaluate" them, even though there is no return value, which is mandatory for a true VBScript function (even if the returned "value" is Nothing, Null or Empty). There is no concept of "Void" as there is in Javascript. Note that I include ExecuteGlobal only for completeness. Any "command" executed by eval() from the address bar is already in global scope.
In fact, this 'faking it' is applicable to other procedures. In particular, alert. alert has no return value and is therefore not a VBScript function. It would usually be invoked (within a <script> element) as
alert <some message string>
but can be invoked from the address bar as
vbscript:alert(<some message string>)
Now, alert is not part of VBscript but is a method of the global (in IE, the window) object. Therefore, the strict syntax of VBScript function and procedure calls does not apply but rather a looser implementation that applies to COM object method invocation. Here, a method can be invoked as a Function in an expression (if you want the return value) or as a Sub in a statement (if you don't). If the particular method doesn't return a value (i.e. has return type Void and should always be invoked as a Sub) then invoking it as a Function returns Empty, a perfectly valid expression value. So both of these invocations of WshShell.Exec are valid
<script type="text/vbscript">
dim wsh, oexec
set wsh = createobject("wscript.shell")
wsh.exec "calc"
set oexec = wsh.exec("calc")
</script>
and they work (with a "Do you really want to do this?" warning). Thus, it seems that Execute and ExecuteGlobal (and also Eval BTW) are not really "statements" (or functions) but rather methods of the global object, like alert. They're included in the VBScript reference because every implementation must include them, just like every Javascript implementation must have a Global.parseInt(). But this is good news because it allows us to do things like
vbscript:execute("if left(document.URL,5) <> ""https"" then alert(""NOT SECURE!!!!!"")")
Of course, the biggest caveat in all this is
IT ONLY WORKS IN INTERNET EXPLORER AND THEN ONLY UP TO IE10.
No other browser runs VBScript (even Edge) and it has been completely disabled as of IE11. You can get it to run in IE11 by faking out the page with a compatibility mode, either using developer tools or with a
<meta http-equiv="X-UA-COMPATIBLE" content="IE=7"> (or 8 or 9 or 10)
(Maybe even in Edge by forcing IE mode and then compatibility mode but I haven't tried this.)
So really, this whole answer is largely academic (in 2020). It tells you how to do something that is probably way more difficult (and less versatile) than just putting in the effort to learn Javascript. Why would you be trying to do it in VBScript if you could already use Javascript? Then again, there might be users out there still running IE7 on XP who only know VBScript. I know that I only upgrade when I have no other choice.
If it ain't broke, don't fix it!
Yes, I know that IE7 (IE*) is fairly broken (and XP) but, hey, if you're happy with what you've got then what else would you want?
来源:https://stackoverflow.com/questions/14046872/executing-vbscript-from-ie-address-bar