Disabling IE Scripting in a Useful Manner?

Posted by Cliff on Thursday August 29, 2002 @07:35AM from the better-security-controls dept.

hwyguy2 asks: "Do any Slashdot readers have any insight or pointers on how companies deal with ActiveX in the IE browser? At the company I'm with, they have taken a conservative approach, and have the browser configured to only allow ActiveX to internal corporate servers and disallow it anywhere else. Of course, locking that down also locks things like javascript, which the company choses to prompt. This creates many practical problems and user frustrations. It also makes it a pain for programs that use ActiveX innocously (such as HoTMetal, which seems to like to use an Active X control to get an open file dialog box). Given the number of sites out there that now only work with IE (boo!), this tight configuration is getting harder and harder to support. Are there any good ways to address the ActiveX concerns (maybe filtering servers to block ActiveX or other mobile code concerns)?"

2 of 31 comments (clear)

Min score:

Reason:

Sort:

Need more info by Jerf · 2002-08-29 07:48 · Score: 3, Interesting

We'd really need more info to answer this.

Are there any ActiveX controls you actually need, or are you just covering your bases by allowing ActiveX inside the company?

What do you need that Mozilla doesn't do?

Why not use Netscape 7 for external access, possibly with the pop-up blocking enabled, and IE for internal use only? Given the continuous security problems found in IE anyhow, using IE on the external internet is a liability anyhow.
In case you haven't tried it recently, ... by mellon · 2002-08-29 08:28 · Score: 3, Interesting

Try Mozilla again. I've removed Internet Explorer from my system, and I have no regrets. I still run into the occasional incompatibility, but no showstoppers. The one inconvenience is that some advertising pops up in the wrong place. Personally, I'm willing to live with it, but of course your milage may vary... :'}