• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1024
  • Last Modified:

Add a local path to IE Trusted sites

I have a local xml /xsl webpage, which saves data to a backend system via an ActiveX element. The problem is that I always get the microsoft ActiveX security warning despite the page being on the local file system. Normally I would call the file with the path file:///C:/Programme/Mobile/zXML/XMLOutput.xml. However, if I try to add this path to the local intranet security settings (sites), IE won't allow me. Instead it want's me to correct the path to
file:\\localhost\Programme\Mobile\zXML\XMLOutput.xml (127.0.0.1)
but when I try to open this path in IE, it doesn't find it.

I have installed a certificate and signed the code but this hasn't made any difference.

Can anyone tell me where I'm going wrong??
0
jcamaorgan
Asked:
jcamaorgan
  • 3
1 Solution
 
Asta CuCommented:
I'm swamped and at work but hope this will get you started.  Is WindowsUpdate c8urrent for all Microsoft products in use here?
http://www.microsoft.com/windows/ie/using/howto/security/settings.asp
http://www.microsoft.com/windows/ie/using/howto/security/setup.asp
http://search.microsoft.com/search/results.aspx?qu=intranet+xml+%2fxsl+&View=msdn&st=b&c=0&s=1&swc=0
Perhaps the HOSTS file is a solution if normal processes fail; perhaps a redirect from there or adding approved links will help.
http://www.accs-net.com/hosts/what_is_hosts.html
":0) Asta
0
 
jcamaorganAuthor Commented:
This doesn't really help, but thanks anyway. What I've since discovered is that there is another 'hidden' security zone called 'Local Machine'. There it is possible in the registry to reset the URL Action URLACTION_ACTIVEX_OVERRIDE_OBJECT_SAFETY from URLPOLICY_QUERY to  URLPOLICY_ALLOW.

Details on the Security Zones are at:
http://msdn.microsoft.com/library/default.asp?url=/workshop/security/szone/overview/templates.asp

More info on change the registry settings are under:
http://support.microsoft.com/default.aspx?scid=833633

0
 
Asta CuCommented:
If you feel I didn't help you, ask Community Support for a PAQ and Refund, since you posted the solution you feel helped.  This is done via a Zero Point question in the Community Support topic area.
Happy you found what you needed, and sorry my help didn't do it for you.
Asta
0
 
Asta CuCommented:
I do hope you read all the cautions, etc.

This topic provides information about security considerations related to the URL security zones application programming interface (API). This topic doesn't provide all you need to know about security issues—instead, use it as a starting point and reference for this technology area.
Using the Default Implementation
Security Alerts
Related Topics
Using the Default Implementation and more considerations here:  Security Considerations: URL Security Zones API ... Security Alerts
The following table lists features that, if used incorrectly, can compromise the security of your applications (only a "few" concerns)
http://msdn.microsoft.com/library/default.asp?url=/workshop/security/szone/overview/templates.asp
Off to work, best wishes.
Asta

0
 
CetusMODCommented:
PAQed, with points refunded (500)

CetusMOD
Community Support Moderator
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now