Internet Explorer Blocks JavaScript

Discussion in 'Javascript' started by Doug van Vianen, Jun 8, 2006.

  1. Hi,

    I often like to include some JavaScript coding in my web pages to make them
    more interesting. Unfortunately, even when this coding is as simple as a
    check to see what the display width is in pixels so that pictures on the
    page can be adjusted to better fit the display, Internet Explorer detects
    the coding and blocks it. Of course the user can click on the message
    displayed above the web page to allow "the active component" but many of the
    people who receive my pages are seniors and/or are not computer
    sophistocated enough to feel comfortable doing this. They think that the
    JavaScript coding might be some virus or whatever.

    I have been using JavaScript for several years and may be using outdated
    coding. Could this be causing the problem? Is there some way to use
    JavaScript within a web page without having the security problem pop up?

    An example of the coding I use is in the page at

    Thank you.

    Doug van Vianen, Jun 8, 2006
    1. Advertisements

  2. Doug van Vianen

    Randy Webb Guest

    Tony said the following on 6/8/2006 4:52 PM:
    It's not even that difficult. It makes a huge difference when you test
    it from a server as opposed to testing it locally.
    Randy Webb, Jun 8, 2006
    1. Advertisements

  3. Doug van Vianen

    Randy Webb Guest

    Tony said the following on 6/8/2006 9:06 PM:
    Security Zone that the document is in.
    Randy Webb, Jun 9, 2006
  4. Doug van Vianen

    TC Guest

    Your page works fine when run from the web (under default IE security

    When you run it *from disk*, IE runs it under the security settings for
    the "Local Computer" zone. These days, those settings are usually
    *more* severe, not *less* severe, than the settings for the Internet
    zone. Hence the warnings you're referring to.

    To test you page locally, ie. running it from your hard dsk, you need
    to tell IE to run it under the Internet zone security settings, not the
    Local Computer zone settings. To do that, just add the following line
    to the top of the file, and leave it in there permanently:

    <!-- saved from url=(0014)about:internet -->

    This is called, the "mark of the web" or MOTW. Google those terms for
    more information.

    Some people mistakenly think that the MOTW is a security problem.
    That's not true, it shows a misunderstanding of how the security
    features work. It's not a security hole of any description.

    If you reply to this post, please note that l will not be in a position
    to read this thread again for several days.

    TC (MVP MSAccess)
    TC, Jun 9, 2006
  5. Hi Tony,

    Thank you for your response.

    Yes, I understand that it is the Internet Explorer. But it is not my
    Internet Explorer that I am worried about. It is the Internet Explorer of
    the people who view my web pages. Many are seniors or others that are not
    too computer literate and even some that are somewhat afraid of
    computers--especially of the viruses etc. that they hear about all the time.
    These people often have their settings set to block anything except the very
    innocuous material. Perhaps it is the people they purchase their computers
    from who do not want to be bothered by having to remove viruses or other
    malicious things.

    But I was hoping that perhaps there were some things I could do in the
    JavaScript coding to help matters. I guess not.

    Thank you for your comments.

    Doug van Vianen, Jun 9, 2006
  6. Dear Sir,
    And yet the Security Zone is used for blocking or allowing access to
    Cookies, not JavaScript.
    To the Original Poster:
    Dear Sir,
    You may be able to use VBScript instead, as most browsers do not
    currently block VBScript, and VBScript is fairly similar to JavaScript
    in it's functions. Otherwise, you can't pass the security blocking of
    MSIE or other browsers unless the client specifies in their settings
    that they want to allow JavaScript, or if they allow JavaScript on that
    page through the security pop-up, but from your explanation of the
    people who use your site, "seniors", probably would not know how to do
    this, nor why they would do this.
    By the way, that was pretty funny.

    I have the honor to remain your most humble and Ob't Sv't in our war
    against the King.
    pegasusflightresources, Jun 10, 2006
  7. Doug van Vianen

    Randy Webb Guest

    said the following on 6/10/2006 11:35 AM:
    I will give you two to one that you didn't bother testing that as what
    you say is patently false. The Security Zone can be totally opposite
    from the Local Zone and the Internet Zone and is used for scripting as
    well as cookies or any other setting in IE.
    VBScript is IE only but that aside, if you block Javascript you block
    VBScript as well. The setting is not to disable Javascript, it is to
    disable Scripting.
    And everything you said applies to VBScript as well on a webpage, other
    than that VBScript is IE only so it wont work in any other browser
    anyway no matter *what* the security settings are.
    Randy Webb, Jun 10, 2006
  8. Doug van Vianen

    TaraC Guest

    I have a similar problem. I tried putting the Mark of the Web code in
    when testing locally. Yes, the annoying warning goes away but it seems
    to disable links to pages outside the one with the code inserted.
    Next, I tried editing the Internet Explorer (v6) settings to allow
    scripting by setting 'enable' on anything to do with scripts in both
    the local and internet zone. It still blocks any javascript as if I
    hadn't even changed the settings. -and yes, I tried from the
    Administrator account too. This problem came up when I had my
    workstation changed from 2000 to XP. To test the javascript in the
    pages, I have to click the 'allow blocked content' setting every time I
    open the browser again.

    I doubt that your scripts are the cause of the problem. I have pages
    with very simple rollover effects made using Macromedia Dreamweaver 8
    triggering it. Do you think Microsoft is hoping to wipe out javascript
    in the guise of security? Can't IE tell the difference between a
    commonly used javascript and something more harmful?

    Hopefully, IE developers take notice of these issues.
    TaraC, Jun 21, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.