Internet Explorer Blocks JavaScript

Doug van Vianen wrote:

Hi,

I often like to include some JavaScript coding in my web pages to make them
more interesting. Unfortunately, even when this coding is as simple as a
check to see what the display width is in pixels so that pictures on the
page can be adjusted to better fit the display, Internet Explorer detects
the coding and blocks it. Of course the user can click on the message
displayed above the web page to allow "the active component" but many of the
people who receive my pages are seniors and/or are not computer
sophistocated enough to feel comfortable doing this. They think that the
JavaScript coding might be some virus or whatever.

I have been using JavaScript for several years and may be using outdated
coding. Could this be causing the problem? Is there some way to use
JavaScript within a web page without having the security problem pop up?

An example of the coding I use is in the page at

http://members.shaw.ca/burdick/checkup/checkup.htm

Thank you.

The problem isn't the Javascript - it's in your browser settings. It
works fine for me.
--
"The most convoluted explanation that fits all the available and made-up
facts is the most likely to be believed by conspiracy theorists"

Tony said the following on 6/8/2006 4:52 PM:

Doug van Vianen wrote:

Hi,

<snip>

An example of the coding I use is in the page at

http://members.shaw.ca/burdick/checkup/checkup.htm

Thank you.

The problem isn't the Javascript - it's in your browser settings. It
works fine for me.

It's not even that difficult. It makes a huge difference when you test
it from a server as opposed to testing it locally.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

Randy Webb wrote:

Tony said the following on 6/8/2006 4:52 PM:

The problem isn't the Javascript - it's in your browser settings. It
works fine for me.

It's not even that difficult. It makes a huge difference when you test
it from a server as opposed to testing it locally.

How so? I just downloaded the page & ran it - seemed to work the same.
Perhaps I missed something, but how would running from a server make any
difference with how javascript works?
--
"The most convoluted explanation that fits all the available and made-up
facts is the most likely to be believed by conspiracy theorists"

Tony said the following on 6/8/2006 9:06 PM:

Randy Webb wrote:

Tony said the following on 6/8/2006 4:52 PM:

The problem isn't the Javascript - it's in your browser settings. It
works fine for me.

It's not even that difficult. It makes a huge difference when you test
it from a server as opposed to testing it locally.

How so? I just downloaded the page & ran it - seemed to work the same.
Perhaps I missed something, but how would running from a server make any
difference with how javascript works?

Security Zone that the document is in.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

Doug van Vianen wrote:

Is there some way to use JavaScript within a web page
without having the security problem pop up?

Your page works fine when run from the web (under default IE security
settings).

When you run it *from disk*, IE runs it under the security settings for
the "Local Computer" zone. These days, those settings are usually
*more* severe, not *less* severe, than the settings for the Internet
zone. Hence the warnings you're referring to.

To test you page locally, ie. running it from your hard dsk, you need
to tell IE to run it under the Internet zone security settings, not the
Local Computer zone settings. To do that, just add the following line
to the top of the file, and leave it in there permanently:

<!-- saved from url=(0014)about:internet -->

This is called, the "mark of the web" or MOTW. Google those terms for
more information.

Some people mistakenly think that the MOTW is a security problem.
That's not true, it shows a misunderstanding of how the security
features work. It's not a security hole of any description.

If you reply to this post, please note that l will not be in a position
to read this thread again for several days.

HTH,
TC (MVP MSAccess)
http://tc2.atspace.com

Hi Tony,

Thank you for your response.

Yes, I understand that it is the Internet Explorer. But it is not my
Internet Explorer that I am worried about. It is the Internet Explorer of
the people who view my web pages. Many are seniors or others that are not
too computer literate and even some that are somewhat afraid of
computers--especially of the viruses etc. that they hear about all the time.
These people often have their settings set to block anything except the very
innocuous material. Perhaps it is the people they purchase their computers
from who do not want to be bothered by having to remove viruses or other
malicious things.

But I was hoping that perhaps there were some things I could do in the
JavaScript coding to help matters. I guess not.

Thank you for your comments.

Doug.

"Tony" <to****@dslextreme.WHATISTHIS.com> wrote in message
news:12*************@corp.supernews.com...

Doug van Vianen wrote:

Hi,

I often like to include some JavaScript coding in my web pages to make
them more interesting. Unfortunately, even when this coding is as simple
as a check to see what the display width is in pixels so that pictures on
the page can be adjusted to better fit the display, Internet Explorer
detects the coding and blocks it. Of course the user can click on the
message displayed above the web page to allow "the active component" but
many of the people who receive my pages are seniors and/or are not
computer sophistocated enough to feel comfortable doing this. They think
that the JavaScript coding might be some virus or whatever.

I have been using JavaScript for several years and may be using outdated
coding. Could this be causing the problem? Is there some way to use
JavaScript within a web page without having the security problem pop up?

An example of the coding I use is in the page at

http://members.shaw.ca/burdick/checkup/checkup.htm

Thank you.

The problem isn't the Javascript - it's in your browser settings. It works
fine for me.
--
"The most convoluted explanation that fits all the available and made-up
facts is the most likely to be believed by conspiracy theorists"

Randy Webb wrote:

Tony said the following on 6/8/2006 9:06 PM:

Randy Webb wrote:

Tony said the following on 6/8/2006 4:52 PM:

The problem isn't the Javascript - it's in your browser settings. It
works fine for me.

It's not even that difficult. It makes a huge difference when you
test it from a server as opposed to testing it locally.

How so? I just downloaded the page & ran it - seemed to work the same.
Perhaps I missed something, but how would running from a server make
any difference with how javascript works?

Security Zone that the document is in.

Ah - didn't think about that one :) I don't exactly use IE that much
anymore.
--
"The most convoluted explanation that fits all the available and made-up
facts is the most likely to be believed by conspiracy theorists"

Randy Webb wrote:

Tony said the following on 6/8/2006 9:06 PM:

Randy Webb wrote:

Tony said the following on 6/8/2006 4:52 PM:

The problem isn't the Javascript - it's in your browser settings. It
works fine for me.

It's not even that difficult. It makes a huge difference when you test
it from a server as opposed to testing it locally.

How so? I just downloaded the page & ran it - seemed to work the same.
Perhaps I missed something, but how would running from a server make any
difference with how javascript works?

Security Zone that the document is in.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

Dear Sir,
And yet the Security Zone is used for blocking or allowing access to
Cookies, not JavaScript.
To the Original Poster:
Dear Sir,
You may be able to use VBScript instead, as most browsers do not
currently block VBScript, and VBScript is fairly similar to JavaScript
in it's functions. Otherwise, you can't pass the security blocking of
MSIE or other browsers unless the client specifies in their settings
that they want to allow JavaScript, or if they allow JavaScript on that
page through the security pop-up, but from your explanation of the
people who use your site, "seniors", probably would not know how to do
this, nor why they would do this.
By the way, that was pretty funny.

I have the honor to remain your most humble and Ob't Sv't in our war
against the King.

--
Patrick Reilly
1st Coy.
Colonel Seth Warner's Regiment

pe********************@gmail.com said the following on 6/10/2006 11:35 AM:

Randy Webb wrote:

Tony said the following on 6/8/2006 9:06 PM:

Randy Webb wrote:
Tony said the following on 6/8/2006 4:52 PM:
> The problem isn't the Javascript - it's in your browser settings. It
> works fine for me.
It's not even that difficult. It makes a huge difference when you test
it from a server as opposed to testing it locally.
How so? I just downloaded the page & ran it - seemed to work the same.
Perhaps I missed something, but how would running from a server make any
difference with how javascript works? Security Zone that the document is in.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

Dear Sir,
And yet the Security Zone is used for blocking or allowing access to
Cookies, not JavaScript.

I will give you two to one that you didn't bother testing that as what
you say is patently false. The Security Zone can be totally opposite
from the Local Zone and the Internet Zone and is used for scripting as
well as cookies or any other setting in IE.
To the Original Poster:
Dear Sir,
You may be able to use VBScript instead, as most browsers do not
currently block VBScript, and VBScript is fairly similar to JavaScript
in it's functions.
VBScript is IE only but that aside, if you block Javascript you block
VBScript as well. The setting is not to disable Javascript, it is to
disable Scripting.
Otherwise, you can't pass the security blocking of MSIE or other browsers
unless the client specifies in their settings that they want to allow
JavaScript, or if they allow JavaScript on that page through the security
pop-up, but from your explanation of the people who use your site, "seniors",
probably would not know how to do this, nor why they would do this.
By the way, that was pretty funny.

And everything you said applies to VBScript as well on a webpage, other
than that VBScript is IE only so it wont work in any other browser
anyway no matter *what* the security settings are.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

I have a similar problem. I tried putting the Mark of the Web code in
when testing locally. Yes, the annoying warning goes away but it seems
to disable links to pages outside the one with the code inserted.
Next, I tried editing the Internet Explorer (v6) settings to allow
scripting by setting 'enable' on anything to do with scripts in both
the local and internet zone. It still blocks any javascript as if I
hadn't even changed the settings. -and yes, I tried from the
Administrator account too. This problem came up when I had my
workstation changed from 2000 to XP. To test the javascript in the
pages, I have to click the 'allow blocked content' setting every time I
open the browser again.

I doubt that your scripts are the cause of the problem. I have pages
with very simple rollover effects made using Macromedia Dreamweaver 8
triggering it. Do you think Microsoft is hoping to wipe out javascript
in the guise of security? Can't IE tell the difference between a
commonly used javascript and something more harmful?

Hopefully, IE developers take notice of these issues.
Randy Webb wrote:

pe********************@gmail.com said the following on 6/10/2006 11:35 AM:

Randy Webb wrote:

Tony said the following on 6/8/2006 9:06 PM:
Randy Webb wrote:
> Tony said the following on 6/8/2006 4:52 PM:
>> The problem isn't the Javascript - it's in your browser settings. It
>> works fine for me.
> It's not even that difficult. It makes a huge difference when you test
> it from a server as opposed to testing it locally.
How so? I just downloaded the page & ran it - seemed to work the same.
Perhaps I missed something, but how would running from a server make any
difference with how javascript works?
Security Zone that the document is in.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

Dear Sir,
And yet the Security Zone is used for blocking or allowing access to
Cookies, not JavaScript.

I will give you two to one that you didn't bother testing that as what
you say is patently false. The Security Zone can be totally opposite
from the Local Zone and the Internet Zone and is used for scripting as
well as cookies or any other setting in IE.

To the Original Poster:
Dear Sir,
You may be able to use VBScript instead, as most browsers do not
currently block VBScript, and VBScript is fairly similar to JavaScript
in it's functions.

VBScript is IE only but that aside, if you block Javascript you block
VBScript as well. The setting is not to disable Javascript, it is to
disable Scripting.

Otherwise, you can't pass the security blocking of MSIE or other browsers
unless the client specifies in their settings that they want to allow
JavaScript, or if they allow JavaScript on that page through the security
pop-up, but from your explanation of the people who use your site, "seniors",
probably would not know how to do this, nor why they would do this.
By the way, that was pretty funny.

And everything you said applies to VBScript as well on a webpage, other
than that VBScript is IE only so it wont work in any other browser
anyway no matter *what* the security settings are.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

"TaraC" <ta*******@canada.com> wrote in message
news:11**********************@y41g2000cwy.googlegr oups.com...

... Next, I tried editing the Internet Explorer (v6) settings to allow
scripting by setting 'enable' on anything to do with scripts in both
the local and internet zone. It still blocks any javascript as if I
hadn't even changed the settings. -and yes, I tried from the
Administrator account too. This problem came up when I had my
workstation changed from 2000 to XP. To test the javascript in the
pages, I have to click the 'allow blocked content' setting every time I
open the browser again.

If you are talking about testing locally on your computer as opposed
to files on a server, click Tools>Internet Options>Advanced, scroll
down to the security section, and put a check mark in the box for
"Allow active content to run in files on My Computer".