关闭

IWebBrowser2内嵌IE控件和标准的IE浏览器处理不同详解

标签: ie浏览器internetsecuritynotificationspasswords
4637人阅读 评论(1) 收藏 举报
分类:

http://msdn.microsoft.com/en-us/library/ee330720(v=vs.85).aspx


Internet Feature Controls (S..T)

2 out of 2 rated this helpful Rate this topic

Updated: April 2011

This article describes feature controls with names that begin with the letter S or T. For links to other feature controls, see Feature Controls.

Save Dialog Button Hiding

The FEATURE_DOWNLOAD_PROMPT_META_CONTROL feature allows web developers to use a the name attribute of a META element to hide buttons on the Save dialog box that appears when you download files using Windows Internet Explorer. When this feature is disabled, the META elements cannot be used to hide buttons in the Save dialog box.

By default, this feature is enabled for Internet Explorer and for applications hosting the WebBrowser Control. To disable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_DOWNLOAD_PROMPT_META_CONTROL

                                   contoso.exe = (DWORD) 00000000

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Script URL Mitigation

Internet Explorer 7 and later. Prior to Internet Explorer 7, href attributes of a objects supported the javascript prototcol; this allowed webpages to execute script when the user clicked a link. For security reasons, this support was disabled in Internet Explorer 7. For more information, see Event 1034 - Cross-Domain Barrier and Script URL Mitigation.

When enabled, the FEATURE_SCRIPTURL_MITIGATION feature allows the href attribute of a objects to support the javascript prototcol.

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_SCRIPTURL_MITIGATION

                                   contoso.exe = (DWORD) 00000000

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Note  When the javascript prototcol is enabled for href attributes, the value of the href attribute is limited to 2047 characters.

Security Certificate Revocation Failure

Internet Explorer 7 and later. In order to confirm the identity of organizations that host secure webpages, certifying authorities issue security certificates. These certificates are validated when you request a secure webpage.

By default, Internet Explorer performs a number of steps in order to validate the security certificate for a secure website. If a certificate is invalid, is out-of-date, or improperly identifies the website in question, Internet Explorer displays a notification to the user.

As an additional verification step, many certifying authorities also provide a service that identifies certificates that have been recently revoked. Earlier versions of Internet Explorer displayed notifications when this service could not be reached.

Because the inability to reach these services does not necessarily indicate that a certificate has been revoked, many users complained that such notifications were "false positives." After considerable negative feedback, these notifications were disabled by default in Internet Explorer 7 and later.

When enabled, the FEATURE_WARN_ON_SEC_CERT_REV_FAILED feature displays notifications when Internet Explorer cannot reach the certificate revocation service published by a certifying authority. By default, this feature is disabled for Internet Explorer. This feature is not supported for applications hosting the WebBrowser Control.

To enable this feature using the registry, add the name of the Internet Explorer executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_WARN_ON_SEC_CERT_REV_FAILED

                                   iexplore.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Note  Note: Failure to reach the revocation service for a certifying authority does not necessarily mean that a security certificate is invalid or should not be trusted. It simply means that one of several validation steps could not be completed.

SHDOCLC.DLL Resource Loading

Earlier versions of Internet Explorer loaded resources stored in the shdoclc.dll file. For security reasons, Internet Explorer no longer loads resources from this file by default. When enabled, the FEATURE_LOAD_SHDOCLC_RESOURCES feature allows resources to be loaded from the shdoclc.dll file.

By default, this feature is disabled for Internet Explorer and for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_LOAD_SHDOCLC_RESOURCES

                                   contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Note  Because this feature reverses a change designed to improve the security of Internet Explorer, enabling this feature is strongly discouraged.

SSL Security Alert Display

Internet Explorer 7 and later. When the FEATURE_SSLUX feature is enabled, problems with a website's Secure Sockets Layer (SSL) are displayed using descriptive webpages, rather than the security alert dialog boxes seen in earlier versions of Internet Explorer. For more information, see BINDINFO_OPTIONS_IGNORE_SSLERRORS_ONCE.

To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_SSLUX

                                   contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Status Bar Update Frequency

When enabled, the FEATURE_STATUS_BAR_THROTTLING feature limits the frequency of status bar updates to one update every 200 milliseconds.

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_STATUS_BAR_THROTTLING

                                   contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Structured Storage Detection

Internet Explorer 9. Prior to version 7, Internet Explorer opened Microsoft ActiveX documents by launching the registered application for the document within the browser window. For security reasons, this behavior is disabled by default in Internet Explorer 7 and later versions.

When enabled, the FEATURE_RESTRICT_CDL_CLSIDSNIFF feature enables the URLACTION_ALLOW_STRUCTURED_STORAGE_SNIFFING URL Action, which permits ActiveX documents to be opened within the context of a webpage on a zone-by-zone basis.

Note  For security reasons, this feature should not be enabled. Instead, applications that depend on this feature should be redesigned to use more secure approaches.

To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_RESTRICT_CDL_CLSIDSNIFF

                                   contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Tabbed Browsing Shortcuts and Notifications

Internet Explorer 7 or later. When enabled, the FEATURE_TABBED_BROWSING feature enables tabbed browsing navigation shortcuts and notifications. For more information, seeTabbed Browsing for Developers.

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_TABBED_BROWSING

                                   contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Telnet Protocol Support

Internet Explorer 7 or later. When enabled, the FEATURE_DISABLE_TELNET_PROTOCOL feature disables the built-in telnet protocol handler. When this feature is disabled, the "telnet:" protocol is enabled.

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_DISABLE_TELNET_PROTOCOL

                                   contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

UNC File Support for MotW

The FEATURE_UNC_SAVEDFILECHECK feature enables the Mark of the Web (MOTW) for local files loaded from network locations that have been shared by using the Universal Naming Convention (UNC). If the file contains a MOTW, the file is loaded into the security context specified by the MOTW. For more information, see Mark of the Web

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_UNC_SAVEDFILECHECK

                                   contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Usernames and Passwords in URL's

Microsoft Internet Explorer 6 for Windows XP Service Pack 2 (SP2) and later. Internet Explorer no longer allows usernames and passwords to be specified in URLs that use the HTTP or HTTP protocols. URLs using other protocols, such as FTP, still allow usernames and passwords. When disabled, the FEATURE_HTTP_USERNAME_PASSWORD_DISABLE feature allows usernames and passwords to be included in HTTP or HTTPS URLs.

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER) 
     SOFTWARE
          Microsoft
               Internet Explorer
                    Main
                         FeatureControl
                              FEATURE_HTTP_USERNAME_PASSWORD_DISABLE

                                   contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

1
0

猜你在找
【直播】机器学习&数据挖掘7周实训--韦玮
【套餐】系统集成项目管理工程师顺利通关--徐朋
【直播】3小时掌握Docker最佳实战-徐西宁
【套餐】机器学习系列套餐(算法+实战)--唐宇迪
【直播】计算机视觉原理及实战--屈教授
【套餐】微信订阅号+服务号Java版 v2.0--翟东平
【直播】机器学习之矩阵--黄博士
【套餐】微信订阅号+服务号Java版 v2.0--翟东平
【直播】机器学习之凸优化--马博士
【套餐】Javascript 设计模式实战--曾亮
查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:744560次
    • 积分:9208
    • 等级:
    • 排名:第1980名
    • 原创:111篇
    • 转载:376篇
    • 译文:0篇
    • 评论:111条
    文章分类
    最新评论