Condividi tramite


Internet Feature Controls (S..T)

This article describes feature controls with names that begin with the letter S or T. For links to other feature controls, see Feature Controls.

  • Save Dialog Button Hiding
  • Script URL Mitigation
  • Security Certificate Revocation Failure
  • SHDOCLC.DLL Resource Loading
  • Spellcheck and AutoCorrect Support
  • SSL Security Alert Display
  • Status Bar Update Frequency
  • Structured Storage Detection
  • Tabbed Browsing Shortcuts and Notifications
  • Telnet Protocol Support
  • UNC File Support for MotW
  • Usernames and Passwords in URL's
  • Related topics

Save Dialog Button Hiding

The FEATURE_DOWNLOAD_PROMPT_META_CONTROL feature allows web developers to use a the name attribute of a META element to hide buttons on the Save dialog box that appears when you download files using Windows Internet Explorer. When this feature is disabled, the META elements cannot be used to hide buttons in the Save dialog box.

By default, this feature is enabled for Internet Explorer and for applications hosting the WebBrowser Control. To disable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_DOWNLOAD_PROMPT_META_CONTROL
                     contoso.exe = (DWORD) 00000000

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Script URL Mitigation

Windows Internet Explorer 7 and later. Prior to Internet Explorer 7, href attributes of a objects supported the javascript prototcol; this allowed webpages to execute script when the user clicked a link. For security reasons, this support was disabled in Internet Explorer 7. For more information, see Event 1034 - Cross-Domain Barrier and Script URL Mitigation.

When enabled, the FEATURE_SCRIPTURL_MITIGATION feature allows the href attribute of a objects to support the javascript prototcol.

By default, this feature (the mitigation) is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_SCRIPTURL_MITIGATION
                     contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Note  When the javascript prototcol is enabled for href attributes, the value of the href attribute is limited to 2047 characters.

 

Security Certificate Revocation Failure

Internet Explorer 7 and later. In order to confirm the identity of organizations that host secure webpages, certifying authorities issue security certificates. These certificates are validated when you request a secure webpage.

By default, Internet Explorer performs a number of steps in order to validate the security certificate for a secure website. If a certificate is invalid, is out-of-date, or improperly identifies the website in question, Internet Explorer displays a notification to the user.

As an additional verification step, many certifying authorities also provide a service that identifies certificates that have been recently revoked. Earlier versions of Internet Explorer displayed notifications when this service could not be reached.

Because the inability to reach these services does not necessarily indicate that a certificate has been revoked, many users complained that such notifications were "false positives." After considerable negative feedback, these notifications were disabled by default in Internet Explorer 7 and later.

When enabled, the FEATURE_WARN_ON_SEC_CERT_REV_FAILED feature displays notifications when Internet Explorer cannot reach the certificate revocation service published by a certifying authority. By default, this feature is disabled for Internet Explorer. This feature is not supported for applications hosting the WebBrowser Control.

To enable this feature using the registry, add the name of the Internet Explorer executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_WARN_ON_SEC_CERT_REV_FAILED
                     iexplore.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Note  Failure to reach the revocation service for a certifying authority does not necessarily mean that a security certificate is invalid or should not be trusted. It simply means that one of several validation steps could not be completed.

 

SHDOCLC.DLL Resource Loading

Earlier versions of Internet Explorer loaded resources stored in the shdoclc.dll file. For security reasons, Internet Explorer no longer loads resources from this file by default. When enabled, the FEATURE_LOAD_SHDOCLC_RESOURCES feature allows resources to be loaded from the shdoclc.dll file.

By default, this feature is disabled for Internet Explorer and for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_LOAD_SHDOCLC_RESOURCES
                     contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Note  Because this feature reverses a change designed to improve the security of Internet Explorer, enabling this feature is strongly discouraged.

 

Spellcheck and AutoCorrect Support

As of Internet Explorer 10, automatic spellcheck and auto-correction is enabled for certain elements in a webpage, including:

Note  Specific corrections depend on your individual settings and can be influenced by Group Policy and other configuration changes. For more information, see Typing with Speed and Accuracy.

 

For Windows 8 and later, the FEATURE_SPELLCHECKING feature controls this behavior for Internet Explorer and for applications hosting the web browser control (WebOC). When fully enabled, this feature automatically corrects grammar issues and identifies misspelled words for the conditions described earlier.

To manage this feature by using the registry, add the name of your executable file to the following setting and set the value to correspond to the desired support level.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_SPELLCHECKING
                     iexplore.exe = (DWORD) 00000001

The following values are supported:

  • (DWORD) 00000000 - Features are disabled.
  • (DWORD) 00000001 - Features are enabled for the conditions described earlier. (This is the default value.)
  • (DWORD) 00000002 - Features are enabled, but only for elements that specifically set the spellcheck attribute to true.

SSL Security Alert Display

Internet Explorer 7 and later. When the FEATURE_SSLUX feature is enabled, problems with a website's Secure Sockets Layer (SSL) are displayed using descriptive webpages, rather than the security alert dialog boxes seen in earlier versions of Internet Explorer. For more information, see BINDINFO_OPTIONS_IGNORE_SSLERRORS_ONCE.

To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_SSLUX
                     contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Status Bar Update Frequency

When enabled, the FEATURE_STATUS_BAR_THROTTLING feature limits the frequency of status bar updates to one update every 200 milliseconds.

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_STATUS_BAR_THROTTLING
                     contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Structured Storage Detection

Windows Internet Explorer 9. Prior to version 7, Internet Explorer opened Microsoft ActiveX documents by launching the registered application for the document within the browser window. For security reasons, this behavior is disabled by default in Internet Explorer 7 and later versions.

When enabled, the FEATURE_RESTRICT_CDL_CLSIDSNIFF feature enables the URLACTION_ALLOW_STRUCTURED_STORAGE_SNIFFING URL Action, which permits ActiveX documents to be opened within the context of a webpage on a zone-by-zone basis.

Note  For security reasons, this feature should not be enabled. Instead, applications that depend on this feature should be redesigned to use more secure approaches.

 

To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_RESTRICT_CDL_CLSIDSNIFF
                     contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Tabbed Browsing Shortcuts and Notifications

Internet Explorer 7 or later. When enabled, the FEATURE_TABBED_BROWSING feature enables tabbed browsing navigation shortcuts and notifications. For more information, see Tabbed Browsing for Developers.

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_TABBED_BROWSING
                     contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Telnet Protocol Support

Internet Explorer 7 or later. When enabled, the FEATURE_DISABLE_TELNET_PROTOCOL feature disables the built-in telnet protocol handler. When this feature is disabled, the "telnet:" protocol is enabled.

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_DISABLE_TELNET_PROTOCOL
                     contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

UNC File Support for MotW

The FEATURE_UNC_SAVEDFILECHECK feature enables the Mark of the Web (MOTW) for local files loaded from network locations that have been shared by using the Universal Naming Convention (UNC). If the file contains a MOTW, the file is loaded into the security context specified by the MOTW. For more information, see Mark of the Web

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_UNC_SAVEDFILECHECK
                     contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Usernames and Passwords in URL's

Microsoft Internet Explorer 6 for Windows XP Service Pack 2 (SP2) and later. Internet Explorer no longer allows usernames and passwords to be specified in URLs that use the HTTP or HTTP protocols. URLs using other protocols, such as FTP, still allow usernames and passwords. When disabled, the FEATURE_HTTP_USERNAME_PASSWORD_DISABLE feature allows usernames and passwords to be included in HTTP or HTTPS URLs.

By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Internet Explorer
            Main
               FeatureControl
                  FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
                     contoso.exe = (DWORD) 00000001

The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.

Conceptual

Internet Feature Controls (A)

Internet Feature Controls (B..C)

Internet Feature Controls (D..H)

Internet Feature Controls (I..L)

Internet Feature Controls (M..R)

Internet Feature Controls (U..Y)

Internet Feature Controls (Z)

Obsolete Feature Controls

Feature Control Registry Index