URL Security Zones
The URL security zones API allows developers to manage URL security zones and create custom URL security zone managers.
A URL action is an action that a browser can take that might pose a security risk to the local computer. These include actions such as running a Java language applet (URLACTION_JAVA_PERMISSIONS in this case) or a Microsoft ActiveX® control (URLACTION_ACTIVEX_RUN in this case).
A URL policy determines what permission or trust level is set for a particular URL action. These include setting the safety level for Java language to high (URLPOLICY_JAVA_HIGH in this case).
A URL security zone is a group of URL namespaces that are assigned an equal level of permission or trust. Each URL action for the zone has an appropriate URL policy assigned to it that reflects the level of trust given to the URL namespaces in that zone.
The following table shows the default URL security zones in Internet Explorer 6.0.
Zone | Description |
---|---|
Local intranet zone | Content located on a company's intranet. Because the servers and information would be within a company's firewall, a user or company could assign a higher trust level to the content on the intranet. |
Trusted sites zone | Content located on Web sites that are considered more reputable and/or trustworthy than other sites on the Internet. Users can map the URLs of these Web sites into this zone to reduce the number of authentication requests. |
Internet zone | Web sites on the Internet that do not belong to another zone. The default settings would cause the user to be prompted whenever potentially unsafe content was about to be downloaded. Web sites that are not mapped into other zones automatically fall into this zone. |
Restricted sites zone | Web sites that contain content that could cause, or could have previously caused, problems when downloaded. Users can map the URLs of these Web sites into this zone to be prompted every time potentially unsafe content was about to be downloaded or to prevent that content from being downloaded. |
My Computer zone | Files located on the user's device. |
There are two situations where you as a developer would use the URL security zone interfaces:
- Applications that are hosting either the WebBrowser Control or MSHTML and want to implement their own security manager to handle security zones.
- Controls that are hosted by MSHTML and want to get information about a security setting.
Applications can manage the default URL security zone settings by using the IInternetZoneManager interface. Any changes made using IInternetZoneManager will not be static because the user could override them. In most cases, applications that need to control the URL security zone settings should create an application that hosts the WebBrowser Control or MSHTML and implement their own security manager.
For more information about implementing security managers and managing the default URL security zone settings, see the URL Security Zones SDK documentation from this Microsoft Web site.
See Also
Local Intranet Zone Settings | Trusted Sites Zone Settings | Internet Zone Settings | Restricted Sites Zone Settings | My Computer Zone Settings
Last updated on Saturday, April 10, 2004
© 1992-2003 Microsoft Corporation. All rights reserved.