On 30/11/05, Laura Greenwood <[EMAIL PROTECTED]> wrote: > Running XP sp2 and IE 6. current version, and running it from my local > machine. I don't seem to get the message when its run from the web? > but not entirely sure about that.
In SP2, local machine zone by default doesn't allow active scripting (such as JavaScript or JScript/VBScript in the document). The reasoning behind this is that if the local machine zone has higher rights than the internet zone, then a malicious code in a document would automatically be given higher rights just because the user downloaded it. The theory for why this is wrong goes about like this: If the user believes the downloaded file is just a document even when it can contain executable code, then the standard policy for the document part should be full trust, but no trust for executable code. Before SP2, the lack of this policy was one cause for macro viri spread - users opened documents that they thought to be just data, but that contained malicious code that got full rights, something they would never have done if the document had been an executable. So, I would assume you've got JavaScript in the document, and that's what causes that message to be displayed. -- David "liorean" Andersson <uri:http://liorean.web-graphics.com/> ______________________________________________________________________ css-discuss [EMAIL PROTECTED] http://www.css-discuss.org/mailman/listinfo/css-d List wiki/FAQ -- http://css-discuss.incutio.com/ Supported by evolt.org -- http://www.evolt.org/help_support_evolt/
