Compiled, reusable software components based on Microsoft’s Component Object Model (COM). ActiveX controls, formerly called OLE controls, can be combined as prefabricated components to aid developers in building new applications.
ActiveX controls can draw themselves in their own windows, respond to events such as mouse clicks, and be managed through properties and methods. An ActiveX control cannot run as a stand-alone program but must be loaded into a control container such as Microsoft Visual Basic or Microsoft Internet Explorer. ActiveX controls typically provide a user interface and are generally designed to run on the client.
ActiveX controls are often used to provide dynamic features for Web pages—for example, a stock ticker control that adds a live stock ticker to a Web page, an advanced user interface navigation tool, and an animation control that adds animation functionality to a page.
ActiveX controls can be embedded into a Hypertext Markup Language (HTML) page by using the HTML <OBJECT> tag. If a user tries to access such a page using a Web browser and the embedded ActiveX control is not installed on his or her system, the control can be automatically downloaded by using the URL specified in the CODEBASE attribute of the <OBJECT> tag. Once the ActiveX control is downloaded and installed on the user’s system, the browser will continue to use the cached control until an updated version becomes available on the server.
Here is an example of a typical <OBJECT> tag that includes a CODEBASE attribute:
<OBJECT ID="BoomButton" WIDTH=225 HEIGHT=35
A malicious ActiveX control can potentially damage software or data on a user’s computer. To help users determine whether an ActiveX control is safe to install, Microsoft has developed a code-signing technology called Authenticode, which identifies the creator of a control using a digital signature issued by a well-known security authority such as VeriSign Inc.