
























[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
\Internet Explorer\Main\FeatureControl
\FEATURE_WINDOWS_RESTRICTIONS] iexplore.exe=1
Once a process has been configured to use a security feature, the security feature is running and security zone settings can be applied for more precision, if implemented for that feature. In the Security Settings tab of Internet Options, the user can adjust these settings for many of the new Windows XP SP2 feature controls. If you select Enable, it lowers the security settings and allows the behavior to run less securely, or in the same manner as it did in Windows XP Service Pack 1. For example, if Windows Restriction is set to Enable in the Intranet zone, Windows Restrictions will not be applied — script-initiated windows can be opened as freely as in Windows XP SP1. The Windows XP SP2 restrictions can be applied again by setting the security zone setting to Disable, which blocks the less-secure behavior while the feature control is enabled for that process.
For example, if the feature is turned on for Windows Restrictions, this feature:
| • |
Forces the status bar to be present in script-initiated Internet Explorer windows with the title bar [those that were created with window.open()]. |
| • |
Constrains the size and positioning of script-initiated Internet Explorer windows that have title and status bars to ensure that the title bar and the status bar in these windows is always visible to the user. |
我特意将关键的话语加粗变红,原来这是Windows XP SP2的新安全特性Windows Restrictions security feature(WRSF),为了安全,SP2特意强制将弹出的标题栏和状态栏都显示,让浏览者知道自己正在访问哪个地址哪个网页,防止恶意欺骗。此特性对Internet区域有效,而对本地的Intramet区域无效,就是说在XP SP2下使用代码status=no控制窗口无状态栏已经无效了。解决方法除了上述的修改客户端注册表键值关闭WRSF特性,或者还有一种解决方法就是在客户端上将系统的站点地址加入IE属性“安全”选项中的“本地Intranet”区域。不过这样好像就失去了B/S系统的最大优点,客户端这么多,不可能要求每个使用系统的人都这样设置,所以只能继续让状态栏显示。
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。