views:

430

answers:

5

Does anyone know how IE7 determines what Security Zone to use for a site? I see the basics for IE6 here, but I can't find the equivalent for IE7.

A: 

Not sure what the confusion is. Sites on your intranet are in the intranet zone, web sites are in the internet zone, and sites on your computer are in the local zone, unless you've specifically overridden something in the browser's preferences.

DannySmurf
A: 

I wish it was that simple. I've been researching this most of the day and have found several sources that have part of the puzzle, but couldn't find official documentation. For example, I know that IE looks at all the resources on the page. There are some rules that have to do with your proxy server, but I haven't been able to find specific information.

Andrew Hampton
+2  A: 

I could use a little more information to narrow down my answer, but here is what I have:

Internet Explorer has 5 different security zones be default: Local Machine Zone, Intranet, Internet, Trusted, and Restricted These are determined in urlmon.dll (Url Moniker) More information here: http://msdn.microsoft.com/en-us/library/ms537183(VS.85).aspx

But you can also implement your own custom security zone: http://msdn.microsoft.com/en-us/library/ms537182(VS.85).aspx

The way that IE determines the security zones should not have changes between IE6 and IE7 (or IE8 for that matter)

Intranet sites are determined: 1. By url host names do not have any dots (http://stackoverflow vs http://stackoverflow.com)

  1. Sites from the file:// scheme where the resource is collected from UNC
mbenny
A: 

The way it determines zone between IE6 and IE7 did change. There were bugs in how IE6 did it. Unfortunately I know of no documentation on exactaly how it does it. If you posted the URLs that are giving you trouble, or gave some indication as to the problem you're trying to solve that you think this information would solve for you, we may be able to help in some other way.

+1  A: 

Security Zones are configure, but not limited to, by an ADS stream attached to the file. When IE7 downloads a file from the internet, it attaches an ADS stream that described the zone the file belongs to. Check out the Streams tool from http://technet.microsoft.com/en-us/sysinternals/default.aspx.