Blocked content
I maintain several web sites for non-profit organizations. Their content changes at least weekly. After I make a change, I test it locally on my PC. Invariably I get one of several messages in yellow at the top of the screen indicating that content has been blocked. It gives me the opportunity to unblock it, which I do. Then everything is okay. It's not a biggy, but it's a pain.
When I upload the changed page to the server, no such blocking occurs. I believe it has to do with my security settings, but I haven't been able to get them right.
When I upload the changed page to the server, no such blocking occurs. I believe it has to do with my security settings, but I haven't been able to get them right.
If you're sure no one has injected virii to those sites, why not just add them to your trusted sites list?
ASKER
This doesn't work. These files are not yet web sites. They are HTML files on my computer. Once I upload them and open the site over the net, the problem doesn't occur. It is when I bring up the files on my local omputer that I get messages like:
"In order to help your security, Internet Explorer has restricted running scripts and ActiveX controls that could access hyour computer. For options click here...."
In order to add it to my trusted site, it must have an HTTPS://. . . . It will not accept a path and file, like
C:\petprolife\index.htm
"In order to help your security, Internet Explorer has restricted running scripts and ActiveX controls that could access hyour computer. For options click here...."
In order to add it to my trusted site, it must have an HTTPS://. . . . It will not accept a path and file, like
C:\petprolife\index.htm
You can uncheck the requirement for it to be a secure site to add it to your trusted site list. If you're bringing it up on your local computer, you could also add your local host address in order to pull it up.
Either way, html files shouldn't be setting it off unless you're including javascript in the files themselves. In this case, you may want to look at making it a safer script that doesn't trigger the block (most javascript will not do this, especially from a secure zone). If it's ActiveX, I don't know what to tell you, as my knowledge there is very limited as I try not to ever use ActiveX for anything.
Either way, html files shouldn't be setting it off unless you're including javascript in the files themselves. In this case, you may want to look at making it a safer script that doesn't trigger the block (most javascript will not do this, especially from a secure zone). If it's ActiveX, I don't know what to tell you, as my knowledge there is very limited as I try not to ever use ActiveX for anything.
ASKER
Hi Adam,
you said: "html files shouldn't be setting it off unless you're including javascript in the files themselves.
you may want to look at making it a safer script that doesn't trigger the block .
I absolutely need javascript. I have no ActiveX. How do I make it a safer script?
By the way, these HTML files are a few years old, and I never had this problem until I got this new computer. Both the old and new computers were running XP.
--Charlie
you said: "html files shouldn't be setting it off unless you're including javascript in the files themselves.
you may want to look at making it a safer script that doesn't trigger the block .
I absolutely need javascript. I have no ActiveX. How do I make it a safer script?
By the way, these HTML files are a few years old, and I never had this problem until I got this new computer. Both the old and new computers were running XP.
--Charlie
cbutton,
When you test them locally is this just by clicking the file? Is the browser IE? What is the "zone"?
Browsers have different security settings depending on the type of web page or the "zone" it is in. IE especially works with them. Local files in the more recent versions of IE have tighter security in many ways than Internet page, especially with Javascript, for very important security reasons. It is easier for a clientside script to do damage if it is running as a local file.
The best fix is to not run the files locally (i.e. by clicking on them) but to set up a web server to run on that machine. Many current Windows operating systems have one already to run called IIS. A simple and quick set up, maybe with a little install, will allow you to test the pages as Internet pages. This is better for a number of reasons. First they will be tested in the same way the live pages are tested. This will also make the scripts run just as they would on the main web server. This should fix your problem. If you are developing with this machine then you should set up a web server and not just test locally, which can produce unreliable results.
Let me know if you have any questions or need more information.
b0lsc0tt
When you test them locally is this just by clicking the file? Is the browser IE? What is the "zone"?
Browsers have different security settings depending on the type of web page or the "zone" it is in. IE especially works with them. Local files in the more recent versions of IE have tighter security in many ways than Internet page, especially with Javascript, for very important security reasons. It is easier for a clientside script to do damage if it is running as a local file.
The best fix is to not run the files locally (i.e. by clicking on them) but to set up a web server to run on that machine. Many current Windows operating systems have one already to run called IIS. A simple and quick set up, maybe with a little install, will allow you to test the pages as Internet pages. This is better for a number of reasons. First they will be tested in the same way the live pages are tested. This will also make the scripts run just as they would on the main web server. This should fix your problem. If you are developing with this machine then you should set up a web server and not just test locally, which can produce unreliable results.
Let me know if you have any questions or need more information.
b0lsc0tt
ASKER
I installed IIS, but now I don't know how to use it. Can you help here?
Why not just install an apache server? Hell, just download Instarails, run the program, drop your files into the apache directory, and ignore the whole Rails part. I'm sure there are some instaapache applications, too.
It's really easy to do. Plus with instarails you can just turn it off when you're done. :)
It's really easy to do. Plus with instarails you can just turn it off when you're done. :)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Great! I'm glad it works and I could help. Thanks for the grade, the points and the fun question.
bol
bol
ASKER
Works like a charm!
Thanks Cbutton and Vee_Mod. It is like Christmas morning and you find another present under the tree that had been overlooked. :D Thanks for the added points.
bol
bol