Microsoft SDK for Java

Internet Explorer Zones

Zones are a way of reducing the complexity of system security by assigning security policies to entire groups of sites.

Microsoft® Internet Explorer 4.0 or later divides your Internet world into zones, so you can assign specific security settings to each zone, and then assign Web sites to a zone with a suitable security level. The name of the current zone appears on a status bar in the lower-right corner. Whenever you attempt to open or download content from the Web, Internet Explorer checks the security settings for that Web site's zone. Internet Explorer provides four zones.

Zones

Local Intranet Addresses that don't require a proxy server (those listed in the Proxy Settings as not requiring a proxy server). The addresses included in this zone are defined by the system administrator in the Internet Explorer Administrator's Kit (IEAK). The default security level for the Corporate Intranet zone is Low.
Trusted Sites Sites you trust enough to require low security before downloading or running files from the Internet. You can assign sites to this zone. By default, the security level for the Trusted Sites zone is Low.
Restricted Sites Sites you don't trust, requiring medium or high security before downloading or running files from the Internet. You can assign sites to this zone. By default, the security level for the Restricted Sites zone is High.
Internet By default, the Internet is anything not on your computer, the Intranet, or assigned to any other zone. The default security level for the Internet zone is Medium.

Each zone can be set to a specific security level. The security level applies to all code downloaded from sites within the zone.

Security levels

High security Java applets will run in the sandbox without intervention from the user. Any requests beyond the sandbox will query the user. ActiveX controls will never be allowed to run.
Medium security A zone set for Medium security will allow applets to have up to 1 MB of scratch space on the client computer, if it is requested in the cabinet file signature. Any requests beyond those restrictions will cause the user to be queried. ActiveX controls will also prompt the user before running.
Medium-low security Available in Internet Explorer 5.0 only. This level is the same as Medium security, but runs most content without querying the user. Unsigned ActiveX controls will not be downloaded.
Low security A zone set for Low security will allow applets to run fully trusted, if they request to do so in their signature. ActiveX controls will prompt the user before running.
Custom security The user or the administrator defines Custom security levels. They may also allow ActiveX Controls to run without prompting, whereas the predefined zones do not have that option.

For more information on how zones are configured and used, see the online Help for Internet Explorer. The Microsoft SDK for Java includes a custom permissions editor, cprmedit, that enables you to set Java permissions for specific security zones using a graphical user interface. These permissions are recognized by Internet Explorer 4.0 and later. For more information, see Defining Permission Sets Using Cprmedit.

© 1999 Microsoft Corporation. All rights reserved. Terms of use.