URL Action Flags
A version of this page is also available for
4/8/2010
This topic lists the values and actions that are available in a URL security zone.
The following table shows the values associated with the actions that can be taken in a URL security zone.
| Constant | Description |
|---|---|
URLACTION_ACTIVEX_CONFIRM_NOOBJECTSAFETY |
The user can decide whether to load and script a Microsoft® ActiveX® control that is not safe. |
URLACTION_ACTIVEX_OVERRIDE_DATA_SAFETY |
Determines if ActiveX safety for untrusted data can be overridden. |
URLACTION_ACTIVEX_OVERRIDE_OBJECT_SAFETY |
Determines if the ActiveX control object safety is overridden or enforced for pages in the URL security zone. Object safety should be overridden only if all ActiveX Controls and scripts that might interact with them on pages in the zone can be trusted not to breach security. This is an aggregate of URLACTION_ACTIVEX_OVERRIDE_DATA_SAFETY and URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY. |
URLACTION_ACTIVEX_OVERRIDE_SCRIPT_SAFETY |
Determines whether ActiveX safety for scripting is overridden. |
URLACTION_ACTIVEX_RUN |
Manages the execution of ActiveX Controls and plug-ins from HTML pages in the zone. |
URLACTION_COOKIES |
Determines if HTTP persistent cookies are allowed. This flag is used only when Platform for Privacy Preferences (P3P) is not included in your OS design. |
URLACTION_COOKIES_ENABLED |
Determines if HTTP cookies can be set and retrieved. This flag is used when P3P is included in your OS design. |
URLACTION_COOKIES_SESSION |
Determines if HTTP session cookies are allowed. This flag is used only when P3P is not included in your OS design. |
URLACTION_COOKIES_SESSION_THIRD_PARTY |
Determines if third party HTTP session cookies are allowed. This flag is used only when P3P is not included in your OS design. |
URLACTION_COOKIES_THIRD_PARTY |
Determines if third party HTTP persistent cookies are allowed. This flag is used only when P3P is not included in your OS design. |
URLACTION_CREDENTIALS_USE |
Determines how the user's credentials are used over the network. |
URLACTION_CROSS_DOMAIN_DATA |
Determines if the resource is allowed to access data sources across domains. |
URLACTION_DOWNLOAD_CURR_MAX |
The maximum value of the URL action download flags. |
URLACTION_HTML_CURR_MAX |
The current maximum value of the URL action HTML flags. |
URLACTION_HTML_FONT_DOWNLOAD |
Determines if HTML font downloads are allowed. |
URLACTION_HTML_JAVA_RUN |
Determines if Java language applets are allowed to run. |
URLACTION_HTML_META_REFRESH |
Determines if the HTML content on the Web page is refreshed. |
URLACTION_HTML_MIXED_CONTENT |
Determines if unsecured content download is allowed on a secure Web page. |
URLACTION_HTML_SUBFRAME_NAVIGATE |
Determines if subframes are allowed to navigate across different domains. This value was introduced for Microsoft Internet Explorer 5. |
URLACTION_HTML_SUBMIT_FORMS |
Determines if HTML forms on pages in the URL security zone, or submitted to servers in the zone, are allowed. Aggregate of the URLACTION_HTML_SUBMIT_FORMS_FROM and URLACTION_HTML_SUBMIT_FORMS_TO flags. |
URLACTION_HTML_SUBMIT_FORMS_FROM |
Determines if form submissions from pages in the security zone are allowed. This flag is part of the URLACTION_HTML_SUBMIT_FORMS aggregate flag. |
URLACTION_HTML_SUBMIT_FORMS_TO |
Determines if form submissions to a server in the security zone are allowed. This flag is part of the URLACTION_HTML_SUBMIT_FORMS aggregate flag. |
URLACTION_HTML_USERDATA_SAVE |
Determines if user data persistence is enabled. This value was introduced for Internet Explorer 5. |
URLACTION_SCRIPT_JAVA_USE |
Determines whether script code on HTML pages in the URL security zone is allowed to use Java language applets if the properties, methods, and events of the applet are exposed to scripts. |
URLACTION_SCRIPT_OVERRIDE_SAFETY |
Do not use ActiveX safety for objects created by scripts. |
URLACTION_SCRIPT_PASTE |
Determines if scripts can do paste operations. This value was introduced for Internet Explorer 5. |
URLACTION_SCRIPT_RUN |
Determines if script code on the pages in the URL security zone is run. |
URLACTION_SCRIPT_SAFE_ACTIVEX |
Determines if scripting of safe ActiveX Controls is allowed. |
URLACTION_SHELL_FILE_DOWNLOAD |
Determines if file downloads are permitted from the URL security zone of the HTML page with the link that is causing the download. |
URLACTION_SHELL_INSTALL_DTITEMS |
Determines if desktop items can be installed. |
URLACTION_SHELL_MOVE_OR_COPY |
Determines if move or copy operations are allowed. |
URLACTION_SHELL_VERB |
Determines if launching of applications and files is permitted from the URL security zone. |
URLACTION_SHELL_WEBVIEW_VERB |
Determines if executable files and HTML pages can be launched from WebView. There is no user interface that affects this URL action. |
Cookies are disallowed when the URLPOLICY_QUERY policy flag is applied to the following policies. For more information about policy flags, see URL Policy Flags.
- URLACTION_COOKIES
- URLACTION_COOKIES_ENABLED
- URLACTION_COOKIES_SESSION
- URLACTION_COOKIES_SESSION_THIRD_PARTY
- URLACTION_COOKIES_THIRD_PARTY
Requirements
| Header | urlmon.h, urlmon.idl |
| Windows Embedded CE | Windows CE .NET 4.0 and later |
| Windows Mobile | Windows Mobile Version 5.0 and later |