Internet Explorer Blocks JavaScript

Discussion in 'Javascript' started by Doug van Vianen, Jun 8, 2006.

  1. Hi,

    I often like to include some JavaScript coding in my web pages to make them
    more interesting. Unfortunately, even when this coding is as simple as a
    check to see what the display width is in pixels so that pictures on the
    page can be adjusted to better fit the display, Internet Explorer detects
    the coding and blocks it. Of course the user can click on the message
    displayed above the web page to allow "the active component" but many of the
    people who receive my pages are seniors and/or are not computer
    sophistocated enough to feel comfortable doing this. They think that the
    JavaScript coding might be some virus or whatever.

    I have been using JavaScript for several years and may be using outdated
    coding. Could this be causing the problem? Is there some way to use
    JavaScript within a web page without having the security problem pop up?

    An example of the coding I use is in the page at

    http://members.shaw.ca/burdick/checkup/checkup.htm

    Thank you.

    Doug
    Doug van Vianen, Jun 8, 2006
    #1
    1. Advertising

  2. Doug van Vianen

    Randy Webb Guest

    Tony said the following on 6/8/2006 4:52 PM:
    > Doug van Vianen wrote:
    >> Hi,
    >>


    <snip>

    >>
    >> An example of the coding I use is in the page at
    >>
    >> http://members.shaw.ca/burdick/checkup/checkup.htm
    >>
    >> Thank you.

    >
    > The problem isn't the Javascript - it's in your browser settings. It
    > works fine for me.


    It's not even that difficult. It makes a huge difference when you test
    it from a server as opposed to testing it locally.

    --
    Randy
    comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
    Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
    Randy Webb, Jun 8, 2006
    #2
    1. Advertising

  3. Doug van Vianen

    Randy Webb Guest

    Tony said the following on 6/8/2006 9:06 PM:
    > Randy Webb wrote:
    >> Tony said the following on 6/8/2006 4:52 PM:
    >>>
    >>> The problem isn't the Javascript - it's in your browser settings. It
    >>> works fine for me.

    >>
    >> It's not even that difficult. It makes a huge difference when you test
    >> it from a server as opposed to testing it locally.

    >
    > How so? I just downloaded the page & ran it - seemed to work the same.
    > Perhaps I missed something, but how would running from a server make any
    > difference with how javascript works?


    Security Zone that the document is in.

    --
    Randy
    comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
    Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
    Randy Webb, Jun 9, 2006
    #3
  4. Doug van Vianen

    TC Guest

    Doug van Vianen wrote:

    > Is there some way to use JavaScript within a web page
    > without having the security problem pop up?


    Your page works fine when run from the web (under default IE security
    settings).

    When you run it *from disk*, IE runs it under the security settings for
    the "Local Computer" zone. These days, those settings are usually
    *more* severe, not *less* severe, than the settings for the Internet
    zone. Hence the warnings you're referring to.

    To test you page locally, ie. running it from your hard dsk, you need
    to tell IE to run it under the Internet zone security settings, not the
    Local Computer zone settings. To do that, just add the following line
    to the top of the file, and leave it in there permanently:

    <!-- saved from url=(0014)about:internet -->

    This is called, the "mark of the web" or MOTW. Google those terms for
    more information.

    Some people mistakenly think that the MOTW is a security problem.
    That's not true, it shows a misunderstanding of how the security
    features work. It's not a security hole of any description.

    If you reply to this post, please note that l will not be in a position
    to read this thread again for several days.

    HTH,
    TC (MVP MSAccess)
    http://tc2.atspace.com
    TC, Jun 9, 2006
    #4
  5. Hi Tony,

    Thank you for your response.

    Yes, I understand that it is the Internet Explorer. But it is not my
    Internet Explorer that I am worried about. It is the Internet Explorer of
    the people who view my web pages. Many are seniors or others that are not
    too computer literate and even some that are somewhat afraid of
    computers--especially of the viruses etc. that they hear about all the time.
    These people often have their settings set to block anything except the very
    innocuous material. Perhaps it is the people they purchase their computers
    from who do not want to be bothered by having to remove viruses or other
    malicious things.

    But I was hoping that perhaps there were some things I could do in the
    JavaScript coding to help matters. I guess not.

    Thank you for your comments.

    Doug.

    "Tony" <> wrote in message
    news:...
    > Doug van Vianen wrote:
    >> Hi,
    >>
    >> I often like to include some JavaScript coding in my web pages to make
    >> them more interesting. Unfortunately, even when this coding is as simple
    >> as a check to see what the display width is in pixels so that pictures on
    >> the page can be adjusted to better fit the display, Internet Explorer
    >> detects the coding and blocks it. Of course the user can click on the
    >> message displayed above the web page to allow "the active component" but
    >> many of the people who receive my pages are seniors and/or are not
    >> computer sophistocated enough to feel comfortable doing this. They think
    >> that the JavaScript coding might be some virus or whatever.
    >>
    >> I have been using JavaScript for several years and may be using outdated
    >> coding. Could this be causing the problem? Is there some way to use
    >> JavaScript within a web page without having the security problem pop up?
    >>
    >> An example of the coding I use is in the page at
    >>
    >> http://members.shaw.ca/burdick/checkup/checkup.htm
    >>
    >> Thank you.

    >
    > The problem isn't the Javascript - it's in your browser settings. It works
    > fine for me.
    >
    >
    > --
    > "The most convoluted explanation that fits all the available and made-up
    > facts is the most likely to be believed by conspiracy theorists"
    Doug van Vianen, Jun 9, 2006
    #5
  6. Doug van Vianen

    Guest

    Randy Webb wrote:
    > Tony said the following on 6/8/2006 9:06 PM:
    > > Randy Webb wrote:
    > >> Tony said the following on 6/8/2006 4:52 PM:
    > >>>
    > >>> The problem isn't the Javascript - it's in your browser settings. It
    > >>> works fine for me.
    > >>
    > >> It's not even that difficult. It makes a huge difference when you test
    > >> it from a server as opposed to testing it locally.

    > >
    > > How so? I just downloaded the page & ran it - seemed to work the same.
    > > Perhaps I missed something, but how would running from a server make any
    > > difference with how javascript works?

    >
    > Security Zone that the document is in.
    >
    > --
    > Randy
    > comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
    > Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/


    Dear Sir,
    And yet the Security Zone is used for blocking or allowing access to
    Cookies, not JavaScript.
    To the Original Poster:
    Dear Sir,
    You may be able to use VBScript instead, as most browsers do not
    currently block VBScript, and VBScript is fairly similar to JavaScript
    in it's functions. Otherwise, you can't pass the security blocking of
    MSIE or other browsers unless the client specifies in their settings
    that they want to allow JavaScript, or if they allow JavaScript on that
    page through the security pop-up, but from your explanation of the
    people who use your site, "seniors", probably would not know how to do
    this, nor why they would do this.
    By the way, that was pretty funny.

    I have the honor to remain your most humble and Ob't Sv't in our war
    against the King.

    --
    Patrick Reilly
    1st Coy.
    Colonel Seth Warner's Regiment
    , Jun 10, 2006
    #6
  7. Doug van Vianen

    Randy Webb Guest

    said the following on 6/10/2006 11:35 AM:
    > Randy Webb wrote:
    >> Tony said the following on 6/8/2006 9:06 PM:
    >>> Randy Webb wrote:
    >>>> Tony said the following on 6/8/2006 4:52 PM:
    >>>>> The problem isn't the Javascript - it's in your browser settings. It
    >>>>> works fine for me.
    >>>> It's not even that difficult. It makes a huge difference when you test
    >>>> it from a server as opposed to testing it locally.
    >>> How so? I just downloaded the page & ran it - seemed to work the same.
    >>> Perhaps I missed something, but how would running from a server make any
    >>> difference with how javascript works?

    >> Security Zone that the document is in.
    >>
    >> --
    >> Randy
    >> comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
    >> Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

    >
    > Dear Sir,
    > And yet the Security Zone is used for blocking or allowing access to
    > Cookies, not JavaScript.


    I will give you two to one that you didn't bother testing that as what
    you say is patently false. The Security Zone can be totally opposite
    from the Local Zone and the Internet Zone and is used for scripting as
    well as cookies or any other setting in IE.

    > To the Original Poster:
    > Dear Sir,
    > You may be able to use VBScript instead, as most browsers do not
    > currently block VBScript, and VBScript is fairly similar to JavaScript
    > in it's functions.


    VBScript is IE only but that aside, if you block Javascript you block
    VBScript as well. The setting is not to disable Javascript, it is to
    disable Scripting.

    > Otherwise, you can't pass the security blocking of MSIE or other browsers
    > unless the client specifies in their settings that they want to allow
    > JavaScript, or if they allow JavaScript on that page through the security
    > pop-up, but from your explanation of the people who use your site, "seniors",
    > probably would not know how to do this, nor why they would do this.
    > By the way, that was pretty funny.


    And everything you said applies to VBScript as well on a webpage, other
    than that VBScript is IE only so it wont work in any other browser
    anyway no matter *what* the security settings are.

    --
    Randy
    comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
    Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
    Randy Webb, Jun 10, 2006
    #7
  8. Doug van Vianen

    TaraC Guest

    I have a similar problem. I tried putting the Mark of the Web code in
    when testing locally. Yes, the annoying warning goes away but it seems
    to disable links to pages outside the one with the code inserted.
    Next, I tried editing the Internet Explorer (v6) settings to allow
    scripting by setting 'enable' on anything to do with scripts in both
    the local and internet zone. It still blocks any javascript as if I
    hadn't even changed the settings. -and yes, I tried from the
    Administrator account too. This problem came up when I had my
    workstation changed from 2000 to XP. To test the javascript in the
    pages, I have to click the 'allow blocked content' setting every time I
    open the browser again.

    I doubt that your scripts are the cause of the problem. I have pages
    with very simple rollover effects made using Macromedia Dreamweaver 8
    triggering it. Do you think Microsoft is hoping to wipe out javascript
    in the guise of security? Can't IE tell the difference between a
    commonly used javascript and something more harmful?

    Hopefully, IE developers take notice of these issues.


    Randy Webb wrote:
    > said the following on 6/10/2006 11:35 AM:
    > > Randy Webb wrote:
    > >> Tony said the following on 6/8/2006 9:06 PM:
    > >>> Randy Webb wrote:
    > >>>> Tony said the following on 6/8/2006 4:52 PM:
    > >>>>> The problem isn't the Javascript - it's in your browser settings. It
    > >>>>> works fine for me.
    > >>>> It's not even that difficult. It makes a huge difference when you test
    > >>>> it from a server as opposed to testing it locally.
    > >>> How so? I just downloaded the page & ran it - seemed to work the same.
    > >>> Perhaps I missed something, but how would running from a server make any
    > >>> difference with how javascript works?
    > >> Security Zone that the document is in.
    > >>
    > >> --
    > >> Randy
    > >> comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
    > >> Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

    > >
    > > Dear Sir,
    > > And yet the Security Zone is used for blocking or allowing access to
    > > Cookies, not JavaScript.

    >
    > I will give you two to one that you didn't bother testing that as what
    > you say is patently false. The Security Zone can be totally opposite
    > from the Local Zone and the Internet Zone and is used for scripting as
    > well as cookies or any other setting in IE.
    >
    > > To the Original Poster:
    > > Dear Sir,
    > > You may be able to use VBScript instead, as most browsers do not
    > > currently block VBScript, and VBScript is fairly similar to JavaScript
    > > in it's functions.

    >
    > VBScript is IE only but that aside, if you block Javascript you block
    > VBScript as well. The setting is not to disable Javascript, it is to
    > disable Scripting.
    >
    > > Otherwise, you can't pass the security blocking of MSIE or other browsers
    > > unless the client specifies in their settings that they want to allow
    > > JavaScript, or if they allow JavaScript on that page through the security
    > > pop-up, but from your explanation of the people who use your site, "seniors",
    > > probably would not know how to do this, nor why they would do this.
    > > By the way, that was pretty funny.

    >
    > And everything you said applies to VBScript as well on a webpage, other
    > than that VBScript is IE only so it wont work in any other browser
    > anyway no matter *what* the security settings are.
    >
    > --
    > Randy
    > comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
    > Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
    TaraC, Jun 21, 2006
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Arjen
    Replies:
    3
    Views:
    419
    Scott Allen
    Feb 27, 2005
  2. cmay
    Replies:
    0
    Views:
    1,110
  3. Ed Hauptman
    Replies:
    7
    Views:
    984
    Ed Hauptman
    Aug 7, 2009
  4. matt
    Replies:
    1
    Views:
    234
    George Ogata
    Aug 6, 2004
  5. John Smith
    Replies:
    1
    Views:
    118
    Evertjan.
    Mar 12, 2005
Loading...

Share This Page