activeX controls not allowed for trusted site

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I'm getting the Information Bar message "Your security settings do not allow
Web sites to use ActiveX controls installed on your computer..." for the
following site:

http://www.ryanwilkins.com/

The site is in my Trusted Sites; the Trusted sites icon displays at the
bottom of the page. In my settings for Trusted Sites I have all of the
ActiveX Controls and Plugins options set either to enable or prompt -- none
are set to disable. I thought that the ones set as prompt would display a
message to which I could respond either "go ahead" or "don't go ahead". Is
the Information Bar message coming up because I have some marked prompt? If
not, is there something else I can do to avoid the message? Are there other
settings, beyond the ones under ActiveX Controls and Plugins, that might
affect this behavior?

TIA,

Phil
 
pwrichcreek said:
I'm getting the Information Bar message "Your security settings do not allow
Web sites to use ActiveX controls installed on your computer..." for the
following site:

http://www.ryanwilkins.com/

The site is in my Trusted Sites; the Trusted sites icon displays at the
bottom of the page. In my settings for Trusted Sites I have all of the
ActiveX Controls and Plugins options set either to enable or prompt -- none
are set to disable. I thought that the ones set as prompt would display a
message to which I could respond either "go ahead" or "don't go ahead". Is
the Information Bar message coming up because I have some marked prompt? If
not, is there something else I can do to avoid the message? Are there other
settings, beyond the ones under ActiveX Controls and Plugins, that might
affect this behavior?
Click to expand...


Yes. You are showing a protocol on that URL which is not normally
used with trusted sites. If you want to try using non-secure HTTP
you also need to *uncheck* /Require server verification (https:)
for all sites in this zone/ (in the Trusted Sites' Trusted sites dialog)
and probably remove https:// from the list entry too.

TIA,

Phil
Click to expand...


HTH

Robert Aldwinckle
---
 
Thanks for your reply Robert.

What you say makes sense and, in fact, I DO have the /Require server
verification (https:) for all sites in this zone/ UNCHECKED.

I wonder if it's possible that it's simply a bogus message. That is, even
though the message is displayed, I can and do execute ActiveX controls on the
site? The reason I say this is that the screen display, except for the info
bar message, seems to be complete; I don't see empty spaces in the page that
would suggest that some sort of display that might require ActiveX is not
being shown. When I hover over certain part of the screen where the hint
shows "Click to activate and use this control", clicking does seem to bring
up the appropriate screen. If activeX was in fact disabled, I would expect
NOTHING to happen when the control is clicked.

Thanks,

Phil
 
Thanks for your reply, Robert.

I DO have /Require server verification (https:) for all sites in this zone/
UNCHECKED.

I wonder if it's just a bogus message? I mean, maybe ActiveX controls are
not actually being blocked. I don't find any controls on the screen that,
when I click them, NOTHING happens.

Thanks,

Phil
 
pwrichcreek said:
Thanks for your reply, Robert.

I DO have /Require server verification (https:) for all sites in this zone/
UNCHECKED.

I wonder if it's just a bogus message? I mean, maybe ActiveX controls are
not actually being blocked. I don't find any controls on the screen that,
when I click them, NOTHING happens.
Click to expand...


It doesn't matter if they don't do anything. What matters is that they are coded.

For example, what is this for:

<extract mod="lineends inserted to aid wrapping>

<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000"
codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0"
width="750" height="217" align="middle">
<param name="allowScriptAccess" value="sameDomain" />
<param name="movie" value="fla/header.swf" /><param name="wmode" value="transparent" />
<param name="quality" value="high" /><param name="bgcolor" value="#2a4249" />
<embed src="fla/header.swf" quality="high" bgcolor="#2a4249" width="750" wmode="transparent" height="217"
name="header" align="middle" allowScriptAccess="sameDomain" type="application/x-shockwave-flash"
pluginspage="http://www.macromedia.com/go/getflashplayer" />
</object>

</extract>


Evidently it's Macromedia Flash to implement the menu under the picture.
It seems to be working. Right-click on it and you'll see
a Macromedia Flash menu. What may be problematic about it
is the other site which is now associated with this "trusted site".
E.g. perhaps it would be necessary to "trust" it too?
(particularly since it is providing the "codebase" for the ActiveX control
Thanks,

Phil
Click to expand...



Good luck

Robert
---
 
Robert, thanks for your reply.
What may be problematic about it is the other site which is now
associated with this "trusted site".E.g. perhaps it would be necessary to
"trust" it too?
Click to expand...

I don't have any expertise in this type of code, but I see where you are
going. I've seen cases where a trusted site "goes to" another, not-trusted
site, and I get a warning message giving me the option to block or not-block
going to the not-trusted site. In the present case, I don't see any such
message, which is a bit puzzling.

Phil
 
pwrichcreek said:
Robert, thanks for your reply.


I don't have any expertise in this type of code, but I see where you are
going. I've seen cases where a trusted site "goes to" another, not-trusted
site, and I get a warning message giving me the option to block or not-block
going to the not-trusted site. In the present case, I don't see any such
message, which is a bit puzzling.
Click to expand...


Not really. If they only have the chance to issue one message
I would expect the more important message to be issued instead
of the less important one. E.g. otherwise they would have to prompt:
"trusted site refers to content from non-trusted site" and then:
"by the way, the untrusted site's content may not be allowed anyway".
E.g. they couldn't satisfy both prompts with only one, so they
create one with the effect of disabling both.

What happens if you try *enabling* (not prompting for) Active Scripting,
ActiveX Controls and Allow ActiveX controls in Scripts instead:
do you get the prompt about the non-trusted site then?


Good luck

Robert
---
 
Back
Top