Security pop-up on homemade page

Discussion in 'Internet Explorer' started by - Bobb -, Nov 27, 2008.

  1. - Bobb -

    - Bobb - Guest

    I made an html file:
    C:\Documents and Settings\Bobb\Desktop\My Stuff.mht

    and all it is , is about 20 of my common favorites so I can click that file
    and then go to - most of family everyday URL's. Stuff like:

    Local Town Events Info
    Local Weather
    Movies on Yahoo
    Yahoo Mail
    Google
    etc

    It works fine but I have one question, please:
    When I open the file I get an info bar pop-up:
    "To help protect your security, Internet Explorer has restricted this file
    from showing active content that could access your computer. Click here for
    options..."

    I can click " allow" and the pop-up goes away, but WHY do I get that? I
    turned on my firewall to see "what's trying to access the network? " turn on
    firewall, click ALLOW, and nothing in event log so nothing is REALLY trying
    to "show active content".

    I wrote the page - nothing but text with hyperlinks.
    WHY would any of those links be TRYING to go anywhere ?
    I figured I'd add to trusted sites ... it doesn't like " My Computer"
    How to avoid the pop-up message every time I open the file ?
    Thanks
     
    - Bobb -, Nov 27, 2008
    #1
    1. Advertisements

  2. - Bobb -

    Kelly Guest

    Kelly, Nov 27, 2008
    #2
    1. Advertisements

  3. - Bobb -

    - Bobb - Guest

    Hi Kelly,
    I had clicked on the info pop-up and then "Info Bar Help" and it tells me
    about the messages, but not what TRIGGERED it. So, I know what the message
    means: I just don't know how to PREVENT it.
    My pop-up detail explains:
    "In Windows XP SP2, when the active content is blocked from running in the
    Local Computer zone, the Information Bar will appear."

    WHAT active content ? that's my question.
    There are no ASP's , java, etc

    If I turn on firewall, then OPEN page, there are no events, so there is NO
    "active content" until I click a link, right ?
    Just text associated with a URL.
     
    - Bobb -, Nov 27, 2008
    #3
  4. - Bobb -

    sgopus Guest

    it's possible your web site has gotten hijacked, and someone has planted some
    active X script thereon, would you happen to have a copy of this stashed
    away, from it did work properly? I suggest if you do, then wipe the web site
    and start again.
     
    sgopus, Nov 27, 2008
    #4
  5. - wrote on Wed, 26 Nov 2008 19:34:03 -0500:

    Are you sure that there is no javascript anywhere in the file, even in the
    links?

    Why are using a MHT extension for this? If it's just hyperlinks, make it a
    ..HTM or .HTML file. It's possible that you're getting that warning simply
    because you've named the file with the MHT extension.

    Looking at the firewall settings is a waste of time - this is an IE "Local
    Machine Zone Lockdown" issue, it's a setting to prevent a HTM/MHT file
    containing script or activex components from running in the context of the
    Local Machine zone which could potentially allow a malicious script to make
    changes to your system. You can't add My Computer to the Trusted Sites list
    either - it's not a site, it's the local Windows.

    One way around this would be to add a "mark of the web" to the file (see
    http://msdn.microsoft.com/en-us/library/ms537628(VS.85).aspx ) which makes
    IE use the appropriate zone settings for the file content, ie if you add a
    "mark of the web" indicating the file was saved from a site in the Trusted
    Sites zone then it will run in the security context of the Trusted Sites
    zone, if you add one that is for a non-Trusted site then it will run in the
    security settings for the Internet Zone.
     
    Daniel Crichton, Nov 27, 2008
    #5
  6. Try adding a "mark of the web" code to your .mht.
    Google: "mark of the web" and/or MOTW



    --
    ~~~~~~~~~~~~~~~~~~
    Rob Giordano
    Microsoft MVP Expression
     
    Rob Giordano [MS MVP], Nov 27, 2008
    #6
  7. Please state your IE version and full Windows version (e.g., WinXP SP3;
    Vista SP1) when posting to this newsgroup.
     
    PA Bear [MS MVP], Nov 27, 2008
    #7
  8. - Bobb -

    - Bobb - Guest

    Thanks, but it's not a "website", just a file on my local/isolated pc. It
    didn't get 'corrupted'. Right after saving it, first time I opened it, I
    got the pop-up. I could see getting a warning once I CLICK on "a URL" but I
    don't. It's when the file opens. In Word, I typed a bunch of stuff, then
    created hyperlinks for each item.

    For example:

    "Weekly Sale Circulars"

    Best Buy
    Circuit City
    CompUSA
    Home Depot
    Lowe’s
    Office Depot
    Office Max (click on "weekly ad" link)
    Staples
    Sales Circulars – search by Product Type – not store.
    Techbargains.com

    Each line is a hyperlink. I open this one file and in this part of it, I
    can click around to see what's on sale. So I click Lowe's and it brings me
    to Lowe's webpage. There ARE two links that point to content WHEN I click on
    the link, like: ( specifies a store - had to pick a store the first time -
    to save link)
    http://bestbuy.shoplocal.com/bestbu...siteid=156&adref=header&h=488&storeID=2412805
    but the page itself was a new file when I started.
    The others point simply to
    www.homedepot.com etc

     
    - Bobb -, Nov 30, 2008
    #8
  9. - Bobb -

    - Bobb - Guest

    In two of the LINKS there is java - I thought would only apply once I
    clicked on the link .. so that's the problem !
    I had tried .mht first - same thing
    I read about MOTW and it sounds just like what I need. I've got XP SP2 all
    security/required updates (except IE7 and SP3). I opened the mht - saved
    as htm. Edited the .htm file ( with WORD not frontpage).
    I entered
    <!-- saved from url=(0014)about:internet -->
    at top of doc - Save as webpage.
    That text now appears as text in the file now, so obviously not coded. Is
    that syntax correct ? Any simple way to imbed that, or do I need to use Web
    Editor app ? I do have Frontpage 2000 on Cd but haven't used it in years.
    Thanks
     
    - Bobb -, Nov 30, 2008
    #9
  10. - wrote on Sun, 30 Nov 2008 07:48:16 -0500:

    Do the links start with something like "javascript:". If so, that's java
    script that runs in the browser when you click the link, not once you've got
    to the site.
    I assume you meant to write .htm there
    It's a comment - so it needs to be in the source of the HTML, not just typed
    into Word (which will convert it so that it's displayed in the page like
    other content). You could just open the .mht file in Notepad and add it at
    the top. However, now you've mentioned that you used Word that might explain
    why this .mht file is triggering the warning - Word creates awful HTML files
    full of XML and VML and the VML parts might well be treated as "active"
    content, hence the warning. Given the options of Word or Frontpage I'd
    choose FP for creating HTML files. However, personally I use a text editor
    because Frontpage also tends to create very messy HTML files. You'd be much
    better off taking a look at Visual Web Express which you can download free
    from the MS web site and is a much better HTML creator/editor than
    Frontpage.
     
    Daniel Crichton, Dec 1, 2008
    #10
  11. - Bobb -

    - Bobb - Guest

    I THOUGHT Word was making things easy for me ...
    Perfect ! I edited with notepad - inserted that line - bingo - no pop-up.
    When I get some time I'll have to download /play with Visual Web Express.
    Thanks to all.
     
    - Bobb -, Dec 2, 2008
    #11
  12. - Bobb -

    - Bobb - Guest

    Dan,

    I ran into same problem again - couldn't find answer online, but I then
    remembered the source of the fix last time.

    I had this saved in OE - my 'Newsgroup tips' folder
    Thanks AGAIN.
    ..
     
    - Bobb -, Aug 9, 2010
    #12
  13. - Bobb -

    VanguardLH Guest

    <snipped the old thread dated way back in Nov 2008>

    You thought Dan was still monitoring the 20-month old thread? You
    needed to share your diary entry about the success of your newsgroups
    search or looking in your notes or saved posts?

    Using MOTW (Mark of the Web) in your HTML file is just one solution. If
    you are going to run more HTML files that are local and have active
    content then you might want to consider disabling the security feature
    in IE that generates the infobar popup that you want to avoid.

    Internet Options -> Advanced tab
    Security section
    "Allow active content ..." (2 options)

    Enable those options (to disable the warning infobar). Of course, not
    putting scripts in your local HTML files would work, too.
     
    VanguardLH, Aug 9, 2010
    #13
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.