How to ScriptX-enable a document

A ScriptX-enabled client-side document is defined as one on which the MeadCo Security Manager and ScriptX object blocks appear in the <body> of the document. For example, the following enables the evaluation license:

<!-- MeadCo Security Manager -->
<object style="display:none"
  classid="clsid:5445be81-b796-11d2-b931-002018654e2e"
  codebase="http:// [your path here]/smsx.cab#Version=8,0,0,56 ">
  <param name="GUID" value="{C4DB5D29-BE52-46B9-9DDF-46A167170F81} " />
  <param name="Path" value="http://licenses.meadroid.com/download/{C4DB5D29-BE52-46B9-9DDF-46A167170F81} /mlf" />
  <param name="Revision" value="0" />
  <param name="PerUser" value="true" />
 </object>

<!-- MeadCo ScriptX -->
<object id=factory style="display:none"
  classid="clsid:1663ed61-23eb-11d2-b92f-008048fdd814">
</object>

The Security Manager object refers to two files: smsx.cab and sxlic.mlf (referred to above by "http://licenses.meadroid.com/download/{C4DB5D29-BE52-46B9-9DDF-46A167170F81} /mlf").

Nothing should be 'installed' on your servers ... they are simply used as file storage for smsx.cab (the binaries) and sxlic.mlf (your unique publishing license)

About the smsx.cab file

smsx.cab is a digitally signed cabinet file which contains the ScriptX and Security Manager binaries. The most recent version of smsx.cab is always available from the latest ScriptX Resource Kits which may be downloaded from the Knowledge Bank.

For ease of system maintenance it is often preferable to a have single copy of smsx.cab located centrally. The file does not have to reside at a licensed address so long as all your ScriptX-enabled documents are allowed to 'see' it.

The on-document Security Manager object locates smsx.cab with the Codebase attribute, for example:

 codebase="http://intranet01/bins/smsx.cab#Version=8,0,0,56 "

The Version part of the codebase string must refer to the version number of your current copy of smsx.cab. The current release version of ScriptX is (8,0,0,56 ).

Installing the ScriptX software

Installation of the ScriptX software is automatic. The first-ever time a user visits a ScriptX-enabled document, smsx.cab is downloaded and the user is prompted to accept the ScriptX and Security Manager controls by Internet Explorer's standard Authenticode security mechanism.

If the users accept the prompt - and if Internet Explorer on the client machine has been set up correctly to accept and run 'safe' digitally-signed ActiveX content and if the user has permission to do so * - the binaries will be installed and ScriptX-enabled content will then run on that machine.

Alternatively the binaries can be PRE-installed via ScriptX.msi. Both of these digitally signed packages - smsx.cab and ScriptX.msi - can be found in the freely-available Client Resource kit.

* In both cases, MANDATORY local admin privileges are required for a successful installation.

About the publishing license

sxlic.mlf is your client-side Security Manager publishing license, issued to you in the form of an unique .MLF file of c. 6Kb.

For ease of system maintenance it is often preferable to a have single current copy of sxlic.mlf located centrally. The file does not have to reside at a licensed address so long as all your ScriptX-enabled documents are allowed to 'see' it.

Your publishing license clearly identifies your organisation and the 'active' content you are offering (in this case, advanced printing) in a completely unambiguous way. Except on an intranet - where the 'Silent' cost-option is available - it is the user who is given the option to accept or decline to view the content validated by your license.

Your publishing license will work with every existing and future version of ScriptX. It does not have to be updated when the ScriptX software is updated with a new version of smsx.cab.

All Security Manager publishing licenses are renewable and valid for one or more years.

About address binding

Your client-side publishing license will be 'bound' to the URL addresses FROM on or under which you want to serve ScriptX-enabled content. An MLF license file can list dotted and dotless names and numeric IPs in any combination, but it must list *all* the addresses from on or under which ScriptX-enabled content is to be served - including development and QA - in whatever form your users can access them.

Unless otherwise requested, a ScriptX publishing license will by default validate root addresses for both http:// and https:// protocols and for custom and default (80) ports. All ScriptX-enabled content served from on or under those roots will inherit the licensing.

Note that you can serve licensed ScriptX-enabled content to as many users as you have. There is no concept of 'per-seat' costing with MeadCo's Security Manager publishing license schema.

Neither are publishing license address validation lists 'cast in stone'. They can be revised to maintain synch with your changing deployment requirements whenever necessary, usually within a few hours of receipt of a modification request (GMT permitting).

What the user sees

When a ScriptX-enabled document is accessed from Internet Explorer on a client machine, the Security Manager control on the client (previously installed from smsx.cab) 'looks' for the publishing license file (sxlic.mlf) referenced by the on-document Security Manager object and checks these three parameters:

• Is the http*:// address (URL) from which the content is being served identical to one of the addresses listed in the publishing license?
• Is the publishing license current, or has it expired? All Security Manager publishing licenses are renewable and valid for one or more years.
• Has the publishing license been digitally signed with MeadCo's own signing certificate? (Confirmation that the license file itself is original and intact, as issued).


If Security Manager can confirm all three checks, then - if this is the first-ever time that the user is visiting an address validated by your publishing license - a copy of your publishing license will be presented to the user for acceptance.

Once a user has accepted your publishing license they will never again need to see it when they visit your site until your license is next revised or renewed. From a user's perspective this exercise is identical to the acceptance of a Verisign certificate ... something with which most people are thoroughly familiar.

The only exception to this mandatory display/acceptance of a publishing license is where the 'Silent' cost option is enabled.

The 'Silent' cost option

The 'Silent' option defeats the publishing license's mandatory display/acceptance routine which occurs the first-ever time a user visits a licensed address.

This option pays for itself on larger intranets by minimizing calls to Support about "this license thing". With 'Silent' enabled the license is auto-installed, with the user being deemed to have accepted it even though they will never actually see it.

For obvious reasons 'Silent' - which adds $500 p.a. to the cost of a publishing license - is never enabled on those licenses whose validation list includes any publicly-accessible Internet addresses.

Note also that 'Silent' has no affect on the installation of the ScriptX software from smsx.cab. We have no code on a user's machine on their first-ever visit to ScriptX-enabled content, so the download and installation of the ScriptX binaries has to be handled by Internet Explorer's standard Authenticode security mechanism.

Client-side license management

During installation Security Manager will write a Mead & Company program group to a user's Start | Programs menu. From there they will be able to open the MeadCo License Manager, a utility with which they can review and manage the publishing licenses that they have accepted. The address of License Manager is:

Start | Programs | Mead & Company | License Manager
Referencing your publishing license

The attributes of the Security Manager object on each of your ScriptX-enabled documents must correctly reference your publishing license file in three ways:

• The value of the GUID parameter must match the unique GUID value assigned to your organisation by MeadCo at the time of first issue of your publishing license.
• The value of the Revision parameter must match the Revision value of your currently-deployed version of sxlic.mlf, as advised by MeadCo.
• The on-page Security Manager object must be able to correctly locate the license file sxlic.mlf with thePath parameter, for example:

<param name="Path" value="http://intranet01/bins/sxlic.mlf">

 If any of these on-page attributes do not match those of your publishing license or its location, then errors may result when your users access the document and ScriptX printing will be disabled.

Formatting printing attributes and printing

A typical function call to set simple print formatting and print a top-level document client-side could look like this:

<script>
function printWindow() {
  factory.printing.SetMarginMeasure(2); // set inches
  factory.printing.header = "This is MeadCo";
  factory.printing.footer = "Printing by ScriptX";
  factory.printing.portrait = false;
  factory.printing.leftMargin = 1.0;
  factory.printing.topMargin = 1.0;
  factory.printing.rightMargin = 1.0;
  factory.printing.bottomMargin = 1.0;
  factory.printing.copies = 1;
  factory.printing.printBackground = true;
  factory.printing.Print(false);
  factory.printing.WaitForSpoolingComplete();
  // navigate or close browser here //
}
</script>

 Notice that we call all ScriptX functions by reference to the ID of the on-page ScriptX object - usually 'factory'.Please note that you can NOT use the ASP calls CreateObject or new ActiveXObjectto call ScriptX from *any* client-side ScriptX-enabled page.

The full set of ScriptX advanced printing functionality is documented here.

A simple illustration

The best way to illustrate ScriptX printing is for you to have a look at a sample located on another of our servers here.

The evaluation publishing license

Note that the "{C4DB5D29-BE52-46B9-9DDF-46A167170F81} " value of the GUID parameter and the value of the PATH parameter used on the Security Manager object sample at the top of this document identifies the MeadCo evaluation publishing license that authors may use to experiment with advanced printing capabilities. This guid and path will change periodically.

The evaluation publishing license validates ONLY the local website (http://localhost/) content for proving purposes on a single development computer. Registered customers are issued with an unique license identifier and an individually-compiled publishing license file to validate their content urls.