Programmatically add trusted sites to Internet Explorer

Question

I'm doing an IE automation project using WatiN.

When a file to be downloaded is clicked, I get the following in the Internet Explorer Information bar:

To help protect your security, Internet Explorer has blocked this site from downloading files to you computer.

In order to download the report, I can manually add the site to Internet Explorer's list of trusted sites, but I would prefer to check programmatically in .NET to see if the site is trusted and add it to the list if it is not.

FYI, I'm currently using IE7.

Answer 1

Have a look at this

Basically it looks as if all you have to do is create registry key in

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\DOMAINNAME

then a REG_DWORD value named "http" with value==2

Answer 2

Here's the implementation that I came up with for writing the registry keys in .NET.

Thanks for setting me in the right direction, Ben.

using System;
using System.Collections.Generic;
using Microsoft.Win32;


namespace ReportManagement
{
    class ReportDownloader
    {
        [STAThread]
        static void Main(string[] args)
        {

            const string domainsKeyLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains";
            const string domain = @"newsite.com";
            const int trustedSiteZone = 0x2;

            var subdomains = new Dictionary<string, string>
                                 {
                                     {"www", "https"},
                                     {"www", "http"},
                                     {"blog", "https"},
                                     {"blog", "http"}
                                 };

            RegistryKey currentUserKey = Registry.CurrentUser;

            currentUserKey.GetOrCreateSubKey(domainsKeyLocation, domain, false);

            foreach (var subdomain in subdomains)
            {
                CreateSubdomainKeyAndValue(currentUserKey, domainsKeyLocation, domain, subdomain, trustedSiteZone);
            }

            //automation code
        }

        private static void CreateSubdomainKeyAndValue(RegistryKey currentUserKey, string domainsKeyLocation, 
            string domain, KeyValuePair<string, string> subdomain, int zone)
        {
            RegistryKey subdomainRegistryKey = currentUserKey.GetOrCreateSubKey(
                string.Format(@"{0}\{1}", domainsKeyLocation, domain), 
                subdomain.Key, true);

            object objSubDomainValue = subdomainRegistryKey.GetValue(subdomain.Value);

            if (objSubDomainValue == null || Convert.ToInt32(objSubDomainValue) != zone)
            {
                subdomainRegistryKey.SetValue(subdomain.Value, zone, RegistryValueKind.DWord);
            }
        }
    }

    public static class RegistryKeyExtensionMethods
    {
        public static RegistryKey GetOrCreateSubKey(this RegistryKey registryKey, string parentKeyLocation, 
            string key, bool writable)
        {
            string keyLocation = string.Format(@"{0}\{1}", parentKeyLocation, key);

            RegistryKey foundRegistryKey = registryKey.OpenSubKey(keyLocation, writable);

            return foundRegistryKey ?? registryKey.CreateSubKey(parentKeyLocation, key);
        }

        public static RegistryKey CreateSubKey(this RegistryKey registryKey, string parentKeyLocation, string key)
        {
            RegistryKey parentKey = registryKey.OpenSubKey(parentKeyLocation, true); //must be writable == true
            if (parentKey == null) { throw new NullReferenceException(string.Format("Missing parent key: {0}", parentKeyLocation)); }

            RegistryKey createdKey = parentKey.CreateSubKey(key);
            if (createdKey == null) { throw new Exception(string.Format("Key not created: {0}", key)); }

            return createdKey;
        }
    }
}

Answer 3

could you plz send me the source code as downloadable

Answer 4

Glad I came across your postings. The only thing I can add to the excellent contributions already is that a different registry key is used whenever the URI contains an IP address i.e. the address isn't a fully qualified domain name.

In this instance you have to use an alternative approach:

Imagine I wish to add an IP address to the trusted sites: say 10.0.1.13 and I don't care what protocol.

Under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges, I create a key e.g. "Range1" and the inside that create the following values:

A DWORD with name "*" and value 0x2 (for all protocols(*) and trusted site(2)) A string with name ":Range" with value "10.0.1.13"

Answer 5

If a website could add itself to the trusted sites, now that would be bad.

I don't quite agree- as long as the browser asks the user for permission, the ability of a site to add itself to trusted sites can greatly simplify the user experience, where the user trusts the domain and wants correct page display.

The alternative is the user must manually go into internet options to add the domain, which is, for my users, not viable.

i'm looking for a php or javascript method for the site to add itself, either through some IE api, or through the registry as you've so helpfully explained above!

have found these possible solutions so far:

• php via shell
• others i'm not allowed to list here because i don't have enough points

Answer 6

hi,

I am still facing the download issue even after doing regitry modifications.... Can some1 advice on this

Answer 7

In addition to adding the domain to the Trusted Sites list, you may also need to change the setting "Automatically prompt for file downloads" for the Trusted Sites zone. To do so programatically, you modify the key/value:

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2@2200

Change the value from 3 (Disable) to 0 (Enable). Here's some C# code to do that:

public void DisableForTrustedSitesZone()
{
    const string ZonesLocation = @"Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones";
    const int TrustedSiteZone = 2;

    const string AutoPromptForFileDownloadsValueName = @"2200";
    const int AutoPromptForFileDownloadsValueEnable = 0x00;     // Bypass security bar prompt

    using (RegistryKey currentUserKey = Registry.CurrentUser)
    {
        RegistryKey trustedSiteZoneKey = currentUserKey.OpenSubKey(string.Format(@"{0}\{1:d}", ZonesLocation, TrustedSiteZone), true);
        trustedSiteZoneKey.SetValue(AutoPromptForFileDownloadsValueName, AutoPromptForFileDownloadsValueEnable, RegistryValueKind.DWord);
    }
}