I would like to open a website in a user's default web browser, however since the url is user-defined I would also like to prevent them from doing anything other than opening a website.
I have seen people use Process.Start(url);
to open a site in the default browser, but since the url is user-defined I want to be sure they don't enter something like a script location and execute it.
I also don't want to use Process.Start("iexplore", url);
since I would rather open the link in the user's default browser.
Is there a way I can open a website in the user's default browser, without letting them launch any other process or command?
EDIT
For example, I don't want users to be able to enter C:\Windows\Notepad.exe
into the Customer's Website field and open Notepad when they click the Website link
EDIT #2
I am not looking for a way to filter user's access online or have this substitute for property security. I am simply looking for a way to prevent users from launching any other application by entering in a bad url. If they enter "google" for a Customer's website, it should not throw an Open With file dialog, but instead launch the user's default web browser with the word "google" in the URL
Best Answer
You could look up the default browser from the registry. It's in several different places, but I think
HKEY_CURRENT_USER\Software\Classes\http\shell\open\command
would be a good place to look.Extract the executable name from that, then
Process.Start
it with the user-entered URL as a parameter.