Tag: User Configuration
Allow loading of XAML files
This policy setting allows you to manage the loading of Extensible Application Markup Language (XAML) files. XAML is an XML-based declarative markup language commonly used for creating rich user interfaces and graphics that take advantage of the Windows Presentation Foundation. If you enable this policy setting and set the drop-down box to Enable XAML files are automatically loaded inside Internet Explorer. The user cannot change this behavior. If you set the drop-down box to Prompt the user is prompted for loading XAML files. If you disable this policy setting XAML files are not loaded inside Internet Explorer. The user cannot change this behavior. If you do not configure this policy setting the user can decide whether to load XAML files inside Internet Explorer.
Allow loading of XPS files
This policy setting allows you to manage the loading of XPS files. These files contain a fixed-layout representation of paginated content and are portable across platforms devices and applications. If you enable this policy setting and set the drop-down box to Enable XPS files are automatically loaded inside Internet Explorer. The user cannot change this behavior. If you set the drop-down box to Prompt the user is prompted for loading XPS files. If you disable this policy setting XPS files are not loaded inside Internet Explorer. The user cannot change this behavior. If you do not configure this policy setting the user can decide whether to load XPS files inside Internet Explorer.
Show security warning for potentially unsafe files
This policy setting controls whether or not the “Open File – Security Warning” message appears when the user tries to open executable files or other potentially unsafe files (from an intranet file share by using File Explorer for example). If you enable this policy setting and set the drop-down box to Enable these files open without a security warning. If you set the drop-down box to Prompt a security warning appears before the files open. If you disable this policy setting these files do not open. If you do not configure this policy setting the user can configure how the computer handles these files. By default these files are blocked in the Restricted zone enabled in the Intranet and Local Computer zones and set to prompt in the Internet and Trusted zones.
Include local path when user is uploading files to a server
This policy setting controls whether or not local path information is sent when the user is uploading a file via an HTML form. If the local path information is sent some information may be unintentionally revealed to the server. For instance files sent from the user’s desktop may contain the user name as a part of the path. If you enable this policy setting path information is sent when the user is uploading a file via an HTML form. If you disable this policy setting path information is removed when the user is uploading a file via an HTML form. If you do not configure this policy setting the user can choose whether path information is sent when he or she is uploading a file via an HTML form. By default path information is sent.
Turn on SmartScreen Filter scan
This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content. If you enable this policy setting SmartScreen Filter scans pages in this zone for malicious content. If you disable this policy setting SmartScreen Filter does not scan pages in this zone for malicious content. If you do not configure this policy setting the user can choose whether SmartScreen Filter scans pages in this zone for malicious content. Note: In Internet Explorer 7 this policy setting controls whether Phishing Filter scans pages in this zone for malicious content.
Allow websites to prompt for information by using scripted windows
This policy setting determines whether scripted windows are automatically displayed. If you enable this policy setting scripted windows are displayed. If you disable this policy setting the user must choose to display any scripted windows by using the Notification bar. If you do not configure this policy setting the user can enable or disable the Notification bar behavior.
Allow updates to status bar via script
This policy setting allows you to manage whether script is allowed to update the status bar within the zone. If you enable this policy setting script is allowed to update the status bar. If you disable or do not configure this policy setting script is not allowed to update the status bar.
Turn on Protected Mode
This policy setting allows you to turn on Protected Mode. Protected Mode helps protect Internet Explorer from exploited vulnerabilities by reducing the locations that Internet Explorer can write to in the registry and the file system. If you enable this policy setting Protected Mode is turned on. The user cannot turn off Protected Mode. If you disable this policy setting Protected Mode is turned off. The user cannot turn on Protected Mode. If you do not configure this policy setting the user can turn on or turn off Protected Mode.
Allow script-initiated windows without size or position constraints
This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows that include the title and status bars. If you enable this policy setting Windows Restrictions security will not apply in this zone. The security zone runs without the added layer of security provided by this feature. If you disable this policy setting the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process. If you do not configure this policy setting the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process.
Web sites in less privileged Web content zones can navigate into this zone
This policy setting allows you to manage whether Web sites from less privileged zones such as Internet sites can navigate into this zone. If you enable this policy setting Web sites from less privileged zones can open new windows in or navigate into this zone. The security zone will run without the added layer of security that is provided by the Protection from Zone Elevation security feature. If you select Prompt in the drop-down box a warning is issued to the user that potentially risky navigation is about to occur. If you disable this policy setting the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control. If you do not configure this policy setting the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control.