Internet Explorer 4 and later support similarly configurable security policies for different Web sites, but permit less control than Mozilla. Sites are categorized into one of five groups (known as zones to IE):
Local Intranet Pages fetched from local servers, generally inside your companyís firewall.
Trusted Sites Sites youíre willing to grant extended capabilities to.
Internet The default zone for all pages fetched from the Web.
Restricted Sites Sites you specifically indicate as untrustworthy.
Local Machine Pages loaded from your hard disk. This zone is implicit, meaning you canít configure it manually. Content loaded from disk always runs with extended privileges.
You can manage which sites appear in which zones by selecting Tools | Internet Options in Internet Explorer, and selecting the Security tab. Click the Sites button shown in Figure 22-2 to add or remove sites from each zone.
Each zone has an associated security policy governing what sites falling into the zone can do. Internet Explorer has default security settings for each zone but also allows users to customize the settings. The default settings are called templates, and are known (from least secure to most paranoid) as Low, Medium-Low, Medium, and High. You can see in Figure 22-3 that the default setting for the Trusted Sites zone in Internet Explorer 6 is Low.
FIGURE 22-2 Categorizing sites into security zones with Internet Explorer
FIGURE 22-3 Most security zones have a default security template .
Clicking the Custom Level button (shown in Figure 22-3) for each security zone enables you to configure specific capabilities that sites in that zone have. Figure 22-4 shows a sample of these options. Although a complete discussion of each option is outside the scope of this book, an awareness of those that apply to scriptable ActiveX controls can be useful. For a more complete introduction to IEís security zones, see http://msdn.microsoft.com/library/default.asp?url=/workshop/security/szone/overview/overview.asp.
FIGURE 22-4 Customizing security zone properties