Category: At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1

This policy setting allows you to manage dynamic binary and script behaviors: components that encapsulate specific functionality for HTML elements to which they were attached. If you enable this policy setting binary and script behaviors are available. If you select Administrator approved in the drop-down box only behaviors listed in the Admin-approved Behaviors under Binary Behaviors Security Restriction policy are available. If you disable this policy setting binary and script behaviors are not available unless applications have implemented a custom security manager. If you do not configure this policy setting binary and script behaviors are not available unless applications have implemented a custom security manager.

This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO). If you enable this policy setting users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. If you select Prompt in the drop-down box users are queried to choose whether to allow a page to be loaded in the zone that uses MSXML or ADO to access data from another site in the zone. If you disable this policy setting users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone. If you do not configure this policy setting users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone.

This policy setting allows you to manage whether script code on pages in the zone is run. If you enable this policy setting script code on pages in the zone can run automatically. If you select Prompt in the drop-down box users are queried to choose whether to allow script code on pages in the zone to run. If you disable this policy setting script code on pages in the zone is prevented from running. If you do not configure this policy setting script code on pages in the zone is prevented from running.

This policy setting allows you to manage whether a user’s browser can be redirected to another Web page if the author of the Web page uses the Meta Refresh setting (tag) to redirect browsers to another Web page. If you enable this policy setting a user’s browser that loads a page containing an active Meta Refresh setting can be redirected to another Web page. If you disable this policy setting a user’s browser that loads a page containing an active Meta Refresh setting cannot be redirected to another Web page. If you do not configure this policy setting a user’s browser that loads a page containing an active Meta Refresh setting cannot be redirected to another Web page.

This policy setting allows you to manage whether Web sites from less privileged zones such as Internet sites can navigate into this zone. If you enable this policy setting Web sites from less privileged zones can open new windows in or navigate into this zone. The security zone will run without the added layer of security that is provided by the Protection from Zone Elevation security feature. If you select Prompt in the drop-down box a warning is issued to the user that potentially risky navigation is about to occur. If you disable this policy setting the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control. If you do not configure this policy setting the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control.