|re: "2. I want to embed excel file\worksheet in a webpage, that's why I'm saving it as html format."|
re: 1. I dont know where you get the idea of that I would put malicious code in it.
You completely missed my point.
Are you familiar with the term "hypothetical situation"?
When I said "Think about the security issues. Let's say you decided to put malicious code in a Workbook_Open macro" the "Let's say" means, hypothetically speaking, you (or even me) could put malicious code in a Workbook_Open macro that would run as soon as the user opened it.
Since Excel has an option that allows the user that is opening the workbook from within Excel to choose how embedded macros are handled (the Macro Security setting) the user has accepted the responibility of anything bad that happens to his system should he decide to let macro's run automatically.
A browser has no such option, so the user would be at risk if the html file that he opened inside a browser had malicious code embedded in it. Heck, it doesn't even have to be "malicious code". It could even be well-intentioned code that perhaps renames a file or creates a directory that the user would not want to happen if given the choice.
Since a browser doesn't give the user the option to choose whether macros will be enabled or not, it is my speculation that Excel protects the user by preventing macros from being saved or being run when the html file format is used.
I did some web searching and everything I found says that you can not run a macro in a Excel sheet saved as an html file when that file is opened inside a browser. You can only run the macros when the file is opened within Excel - assuming the user has chosen to allow macros to run.
From there, I speculated that the reason for that is to protect the user who opens the file within a browser from unknowing allowing macros to run - because he wasn't given the choice to disable them or not.
Click Here Before Posting Data or VBA Code ---> How To Post Data or Code.