Re: Updating Internet Options using a Script
From: PA Bear (PABear_at_mvps.org)
Date: 09/29/04
- Next message: dlhoyman: "email pd to read links"
- Previous message: Marty: "Sometimes can't view a picture"
- In reply to: Joe Sodora: "Re: Updating Internet Options using a Script"
- Next in thread: Joe Sodora: "Re: Updating Internet Options using a Script"
- Reply: Joe Sodora: "Re: Updating Internet Options using a Script"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 28 Sep 2004 20:34:23 -0400
Take it up with 'em here:
http://register.microsoft.com/mswish/suggestion.asp
The appropriate MS teams *will* get your message, though you prolly won't
get a reply.
--
~PAB
Joe Sodora wrote:
> Yep. Now you're getting it. And that's our beef with SP2.
> The default out-of-the-box settings allow internet html
> files with JavaScript to run without a warning, but not
> the exact same files if they are stored locally on your
> PC. Of course, you could change the settings and not allow
> internet files with JavaScript to run, but you have to go
> out of your way to make this happen. Local files should be
> treated the same way.
>
> As I stated earlier, this is Microsoft's philosophy "In
> addition, any files already on your local computer are
> assumed to be very safe, so minimal security settings are
> assigned to them." Their actions, however, don't jive with
> this.
>
> Here is a simple html file with JavaScript:
>
> <html>
>
> <head>
> <title>Test JavaScript</title>
> </head>
>
> <body>
>
> <p>JavaScript Test</p>
> <script LANGUAGE="JavaScript">
> <!--
> document.write("Last updated :");
> document.write(document.lastModified);
> // -->
> </script>
>
> </body>
> </html>
>
> Copy this code into Notepad and store it on your PC as an
> html file and run it. If you have not set the two options,
> you will get a security warning. But run this same file
> online -
> http://www.onlinerealtyproducts.com/JavaScriptTest.html
> and you will not get a warning.
>
> Joe
>
>
>> -----Original Message-----
>> Joe Sodora wrote:
>>> Than why do they allow these exact same files to be run
>>> from the internet without giving you an error message? Are
>>> files run from the internet safer than local files on your
>>> computer?
>>>
>>> Try it yourself. Take simple html file and insert
>>> JavaScript. If you ftp that file to a web site, you will
>>> be able to run it from the web with the default browser
>>> settings.
>>
>> "...with the default browser settings" is the rub: You *would* get an
>> error
>> message (or prompt) if the Security Zone in which the file is running
>> (e.g., Internet Zone) were configured to disallow the file or prompt
>> before running it. Try it yourself: Disable (or choose Prompt for) all
>> scripting in IE Tools>Internet Options>Security>Internet>Custom Level and
>> see what happens then.
>> --
>> ~Robear Dyer (PA Bear)
>> MS MVP-Windows (IE/OE)
>>
>> .
- Next message: dlhoyman: "email pd to read links"
- Previous message: Marty: "Sometimes can't view a picture"
- In reply to: Joe Sodora: "Re: Updating Internet Options using a Script"
- Next in thread: Joe Sodora: "Re: Updating Internet Options using a Script"
- Reply: Joe Sodora: "Re: Updating Internet Options using a Script"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
