Windows XP SP2 and IE 6.0 security settings -- web pages on local drive

I have a Windows XP Home SP1 system to which I have applied SP2. The
system is completely up-to-date according to Windows Update. I am
using Internet Explorer 6.0 with the default browser security
settings. This problem started after applying SP2.

I have built several web sites on this machine. When these are
uploaded to a server, I can view them with Internet Explorer 6.0
without any problem. (IE 6 show the security zone as "Internet".)

If I try to view the SAME files on my local drive, the "Information
Bar" pops up with the message "To help protect your security, Internet
Explorer has restricted this file from showing active content that
could access your computer. Click here for options...". (IE 6 shows
the security zone as "Local Intranet".)

I have tried every Local Intranet security setting. There doesn't seem
to be any way to display local web pages containing active content
without a security alarm. I've even tried defining the local
directory as a Trusted site.

Other software that generate local HTML that is viewed via Internet
Explorer, Belarc Advisor for example, have the same problem.

It looks to me like it's an Internet Explorer problem. I'm baffled as
to why content from the Internet would be allowed, but the SAME
content from a local drive would be disallowed. (I guess it's because
the pages are reading graphics and other content from the local
drive.)

If anyone knows of browser setting or some other work around that
would eliminate this problem, I would be happy to try them. According
to a friend, it doesn't happen with the Firefox browser. I would like
to continue to use Internet Explorer to verify the sites.

PA
Fri Feb 04 00:05:23 CST 2005

Description of the Internet Explorer Information Bar in Windows XP SP2
http://support.microsoft.com/?kbid=843017

There is a setting in IE Tools>Internet Options>Security>[zone]>Custom where
you can over-ride this behaviour. As doing so is a security risk, I will
not post it here in a public newsgroup. See the following KB articles for
some guidance:

Working with Internet Explorer 6 Security Settings
http://www.microsoft.com/windows/ie/using/howto/security/settings.asp

Use Security and Privacy Features in Internet Explorer 6
http://www.microsoft.com/windowsxp/pro/using/howto/security/ie6.asp

Setting Up Security Zones
http://www.microsoft.com/windows/ie/using/howto/security/setup.asp
--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE) & Security


spam-hater wrote:
> I have a Windows XP Home SP1 system to which I have applied SP2. The
> system is completely up-to-date according to Windows Update. I am
> using Internet Explorer 6.0 with the default browser security
> settings. This problem started after applying SP2.
>
> I have built several web sites on this machine. When these are
> uploaded to a server, I can view them with Internet Explorer 6.0
> without any problem. (IE 6 show the security zone as "Internet".)
>
> If I try to view the SAME files on my local drive, the "Information
> Bar" pops up with the message "To help protect your security, Internet
> Explorer has restricted this file from showing active content that
> could access your computer. Click here for options...". (IE 6 shows
> the security zone as "Local Intranet".)
>
> I have tried every Local Intranet security setting. There doesn't seem
> to be any way to display local web pages containing active content
> without a security alarm. I've even tried defining the local
> directory as a Trusted site.
>
> Other software that generate local HTML that is viewed via Internet
> Explorer, Belarc Advisor for example, have the same problem.
>
> It looks to me like it's an Internet Explorer problem. I'm baffled as
> to why content from the Internet would be allowed, but the SAME
> content from a local drive would be disallowed. (I guess it's because
> the pages are reading graphics and other content from the local
> drive.)
>
> If anyone knows of browser setting or some other work around that
> would eliminate this problem, I would be happy to try them. According
> to a friend, it doesn't happen with the Firefox browser. I would like
> to continue to use Internet Explorer to verify the sites.

Torgeir
Fri Feb 04 05:53:09 CST 2005

spam-hater wrote:

> I have a Windows XP Home SP1 system to which I have applied SP2. The
> system is completely up-to-date according to Windows Update. I am
> using Internet Explorer 6.0 with the default browser security
> settings. This problem started after applying SP2.
>
> I have built several web sites on this machine. When these are
> uploaded to a server, I can view them with Internet Explorer 6.0
> without any problem. (IE 6 show the security zone as "Internet".)
>
> If I try to view the SAME files on my local drive, the "Information
> Bar" pops up with the message "To help protect your security, Internet
> Explorer has restricted this file from showing active content that
> could access your computer. Click here for options...". (IE 6 shows
> the security zone as "Local Intranet".)
Hi

Try this:

In the 'Internet Options', select the Advanced tab.

Under Security, enable
"Allow active content to run in files on My Computer"

If the above is of no help:

Adding "Mark of the Web" to your html files may help:

http://groups.google.co.uk/groups?selm=O0c4HUVoEHA.692%40TK2MSFTNGP12.phx.gbl

More here as well:
http://www.phdcc.com/xpsp2.htm



--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx

spam-hater
Fri Feb 04 17:14:59 CST 2005

On Fri, 4 Feb 2005 01:05:23 -0500, "PA Bear" <PABearMVP@gmail.com>
wrote:

>Description of the Internet Explorer Information Bar in Windows XP SP2
>http://support.microsoft.com/?kbid=843017
>
>There is a setting in IE Tools>Internet Options>Security>[zone]>Custom where
>you can over-ride this behaviour. As doing so is a security risk, I will
>not post it here in a public newsgroup. See the following KB articles for
>some guidance:
>
>Working with Internet Explorer 6 Security Settings
>http://www.microsoft.com/windows/ie/using/howto/security/settings.asp
>
>Use Security and Privacy Features in Internet Explorer 6
>http://www.microsoft.com/windowsxp/pro/using/howto/security/ie6.asp
>
>Setting Up Security Zones
>http://www.microsoft.com/windows/ie/using/howto/security/setup.asp
>--
>~Robear Dyer (PA Bear)
>MS MVP-Windows (IE/OE) & Security

Thanks for the links. I don't think IE 6 can be configured to run a
local page, and still be safe for surfing. I'm going to use the
global option. I'll have to use one setting for local web page test
and another for surfing.
>
>
>spam-hater wrote:
>> I have a Windows XP Home SP1 system to which I have applied SP2. The
>> system is completely up-to-date according to Windows Update. I am
>> using Internet Explorer 6.0 with the default browser security
>> settings. This problem started after applying SP2.
>>
<SNIP>

spam-hater
Fri Feb 04 17:17:00 CST 2005

On Fri, 04 Feb 2005 12:53:09 +0100, "Torgeir Bakken \(MVP\)"
<Torgeir.Bakken-spam@hydro.com> wrote:

>spam-hater wrote:
>
>> I have a Windows XP Home SP1 system to which I have applied SP2. The
>> system is completely up-to-date according to Windows Update. I am
>> using Internet Explorer 6.0 with the default browser security
>> settings. This problem started after applying SP2.
>>
>> I have built several web sites on this machine. When these are
>> uploaded to a server, I can view them with Internet Explorer 6.0
>> without any problem. (IE 6 show the security zone as "Internet".)
>>
>> If I try to view the SAME files on my local drive, the "Information
>> Bar" pops up with the message "To help protect your security, Internet
>> Explorer has restricted this file from showing active content that
>> could access your computer. Click here for options...". (IE 6 shows
>> the security zone as "Local Intranet".)
>Hi
>
>Try this:
>
>In the 'Internet Options', select the Advanced tab.
>
>Under Security, enable
>"Allow active content to run in files on My Computer"
>
>If the above is of no help:
>
>Adding "Mark of the Web" to your html files may help:
>
>http://groups.google.co.uk/groups?selm=O0c4HUVoEHA.692%40TK2MSFTNGP12.phx.gbl
>
>More here as well:
>http://www.phdcc.com/xpsp2.htm

Thanks for the excellent links. The last one really explains the
problem in detail. It was more than I had hoped for.

PA
Fri Feb 04 20:02:52 CST 2005

<wink> You got it!
--
~PA Bear

spam-hater wrote:
> On Fri, 4 Feb 2005 01:05:23 -0500, "PA Bear" <PABearMVP@gmail.com>
> wrote:
>
> > Description of the Internet Explorer Information Bar in Windows XP SP2
> > http://support.microsoft.com/?kbid=843017
> >
> > There is a setting in IE Tools>Internet Options>Security>[zone]>Custom
> > where you can over-ride this behaviour. As doing so is a security
> > risk, I will not post it here in a public newsgroup. See the following
> > KB articles for some guidance:
> >
> > Working with Internet Explorer 6 Security Settings
> > http://www.microsoft.com/windows/ie/using/howto/security/settings.asp
> >
> > Use Security and Privacy Features in Internet Explorer 6
> > http://www.microsoft.com/windowsxp/pro/using/howto/security/ie6.asp
> >
> > Setting Up Security Zones
> > http://www.microsoft.com/windows/ie/using/howto/security/setup.asp
> > --
> > ~Robear Dyer (PA Bear)
> > MS MVP-Windows (IE/OE) & Security
>
> Thanks for the links. I don't think IE 6 can be configured to run a
> local page, and still be safe for surfing. I'm going to use the
> global option. I'll have to use one setting for local web page test
> and another for surfing.
> >
> >
> > spam-hater wrote:
> > > I have a Windows XP Home SP1 system to which I have applied SP2. The
> > > system is completely up-to-date according to Windows Update. I am
> > > using Internet Explorer 6.0 with the default browser security
> > > settings. This problem started after applying SP2.
> > >
> <SNIP>