Microsoft KB Archive/926134

From BetaArchive Wiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Knowledge Base


A link does not open in Internet Explorer 6 on a computer that is running Windows XP Service Pack 2 or Windows Server 2003 Service Pack 1

Article ID: 926134

Article Last Modified on 5/11/2007



APPLIES TO

  • Microsoft Internet Explorer 6.0
  • Microsoft Windows Server 2003 Service Pack 1
  • Microsoft Windows XP Service Pack 2
  • Microsoft Windows XP Professional x64 Edition



SYMPTOMS

Consider the following scenario. You try to open a link by using Microsoft Internet Explorer 6. The computer is running Microsoft Windows XP Service Pack 2 (SP2) or Microsoft Windows Server 2003 SP1. In this scenario, the link does not open. Additionally, Internet Explorer does not prompt you to open or to save the file.

RESOLUTION

To resolve this problem, make sure that downloads that are hosted on the Web site do not open a file download automatically. Start file downloads on a Web site through HTML hyperlinks or through HTML buttons that require direct user action so that the user must click a link on the Web page to access the file download. If you use a script to move to the resource, the script must run synchronously within the context of the OnClick event handler for the link.

WORKAROUND

Important These steps may increase your security risk. These steps may also make the computer or the network more vulnerable to attack by malicious users or by malicious software such as viruses. We recommend the process that this article describes to enable programs to operate as they are designed to or to implement specific program capabilities. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this process in your particular environment. If you decide to implement this process, take any appropriate additional steps to help protect the system. We recommend that you use this process only if you really require this process.To work around this problem, disable the Automatic prompting for file downloads setting. To do this, follow these steps:

  1. In Internet Explorer 6, click the Tools menu, and then click Internet Options.
  2. Click the Security tab, click Internet under Select a Web content zone to specify its security settings, and then click Custom Level.
  3. Under Downloads, click Disable for the Automatic prompting for file downloads setting, and then click OK.
  4. Click OK to close the Internet Options dialog box.

You can also work around this problem by adding the Web site to the Trusted sites zone when the Automatic prompting for file downloads setting has been disabled. To do this, follow these steps:

  1. In Internet Explorer 6, click the Tools menu, and then click Internet Options.
  2. Click the Security tab, click Trusted sites under Select a Web content zone to specify its security settings, and then click Sites.
  3. In the Add box, type the Web site's URL, click Add, and then click OK.
  4. Click OK to close the Internet Options dialog box.

In addition to automatic download blocking, Internet Explorer 6 for Windows XP SP2 offers more protection against executable files that are downloaded. Internet Explorer 6 checks for a digital signature on files that can be digitally signed. Publishers should sign files by using Microsoft Authenticode Technology. Common examples of files that can be signed include files that have the following extensions:

  • .exe
  • .dll
  • .cab
  • .ocx
  • .msi

This change in Internet Explorer 6 brings consistency and clarity to the experience of downloading files and code to a computer. The publisher check provides important information when a signature is found in a file. The publisher check also provides a systematic way to block files from suspicious publishers that may compromise the security of a computer. When the Automatic prompting for file downloads setting is disabled, malicious sites can overwhelm you with file download prompts. You may accidentally accept file downloads, and you may accidentally run unwanted software on a computer. We recommend that you disable the Automatic prompting for file downloads setting only if you understand the security risks that are involved. Additionally, developers must not rely on users disabling this setting.

MORE INFORMATION

Important These steps may increase your security risk. These steps may also make the computer or the network more vulnerable to attack by malicious users or by malicious software such as viruses. We recommend the process that this article describes to enable programs to operate as they are designed to or to implement specific program capabilities. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this process in your particular environment. If you decide to implement this process, take any appropriate additional steps to help protect the system. We recommend that you use this process only if you really require this process.

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

In Internet Explorer 6 for Windows XP SP2, automatic download blocking suppresses file download dialog boxes that are not the result of a user action, such as a mouse click or a keystroke. When a file download dialog box is automatically blocked, an Information Bar appears at the top of the window. The Information Bar displays the following text:

To help protect your security, Internet Explorer blocked this site from downloading files to a computer. Click here for more options.

You can enable blocked downloads by clicking the security element on the Information Bar. By moving download prompts to the Information Bar, a developer can avoid installing unwanted code on a computer. Previously, Web sites could overwhelm you with file download prompts, and you could accidentally run unwanted software on a computer. With this change, file download prompts that are started automatically are more likely to be the result of a deliberate click and not an accidental action.

Applications that host the WebBrowser control can take advantage of the tighter restrictions on file downloads. The restrictions are managed through a security feature control registry key that is named FEATURE_RESTRICT_FILEDOWNLOAD. By default, the Iexplorer.exe process and the Explorer.exe process run under this feature control. To add the FEATURE_RESTRICT_FILEDOWNLOAD registry key and your process to the registry, follow these steps:

  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate one of the following registry keys:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl

  3. Right-click FeatureControl, click New, and then click Key.
  4. Type FEATURE_RESTRICT_FILEDOWNLOAD, and then press ENTER.
  5. Right-click FEATURE_RESTRICT_FILEDOWNLOAD, click New, and then click DWORD Value.
  6. Type explorer.exe, and then press ENTER.
  7. Right-click explorer.exe, and then click Modify.
  8. Type 1, and then click OK.
  9. Right-click FEATURE_RESTRICT_FILEDOWNLOAD, click New, and then click DWORD Value.
  10. Type iexplorer.exe, and then press ENTER.
  11. Right-click iexplorer.exe, and then click Modify.
  12. Type 1, and then click OK.
  13. Right-click FEATURE_RESTRICT_FILEDOWNLOAD, click New, and then click DWORD Value.
  14. Type ProcessName, and then press ENTER.
  15. Right-click ProcessName, and then click Modify.
  16. Type 1, and then click OK.
  17. On the File menu, click Exit.

Applications that host the WebBrowser control can take advantage of this security feature control by adding the application process to the registry. You can do this by using the CoInternetSetFeatureEnabled function. You can add the application process to the registry by using the CoInternetSetFeatureEnabled function.If an application does not run under this security feature control, the WebBrowser control behaves the same as in Internet Explorer 6 SP1. When a process is running the security feature control for file download restrictions, the URLACTION_AUTOMATIC_DOWNLOAD_UI URL action flag determines whether the Information Bar is used for file downloads.

Note You may want to update Web sites that contain an image of the download dialog box to reflect the new download dialog box for Windows XP SP2 users. Use the userAgent property to determine the correct version of the browser.

REFERENCES

For more information, visit the following Microsoft Developer Network (MSDN) Web sites:

Fine-tune your Web site for Windows XP Service Pack 2
http://msdn2.microsoft.com/en-us/library/ms997645.aspx


Signing code with Microsoft Authenticode Technology
http://msdn2.microsoft.com/en-us/library/ms537358.aspx


The CoInternetSetFeatureEnabled function
http://msdn2.microsoft.com/en-us/library/ms537168.aspx


Keywords: kbtshoot kbprb KB926134