Link or redirect to file://-URL

[Heinrich Moser]

Hello!

In my intranet web application (running on http://myIntranetServer/ or
http://localhost/) I need the following functionality: The user clicks
on a button, link or image (doesn't matter) and some directory (e.g.
C:\temp) opens up in IE.

This works perfectly fine if the directory is UNC:

<a href="file://server/share/folder/">folder on server/share</a>

If the directory is on the local hard disk (and the web page
containing this link is accessed via http rather than a local file
URL), nothing happens:

<a href="file:///c|/temp/">local temp folder</a>

Trying the latter with JavaScript (window.location = ...) yields an
"access denied" error. Using HTTP redirect shows the same behavior.

It looks like I've run into some kind of IE security feature. Security
zone is "local intranet" and custom security settings are as low as
they can be. Any idea how to solve that problem?

Thanks,
Heinzi

 

[Ramesh, MS-MVP]

"Disable_Local_Machine_Navigate" setting:
http://groups.google.co.in/groups?selm=#y0Jyz6mCHA.2364@TK2MSFTNGP08

 

[Jon Kennedy]

In addition to Ramesh's post, see these articles for more information:

You Can Only Use Trusted Documents to Open Other Documents in the My
Computer Zone
http://support.microsoft.com/default.aspx?scid=kb;en-us;330913
How to Enable the My Computer Security Zone in Internet Options
http://support.microsoft.com/default.aspx?scid=kb;en-us;315933

 

[Ramesh, MS-MVP]

Thanks Jon!

Additional note for Heinzi:

Q330913 states: " Only documents located in the Trusted sites zone or the My
Computer zone can access documents in the My Computer zone "

Note that if you have XP SP2 (IE SP2) installed, access to files in the
local machine zone is not possible _even_ from Trusted sites. It's always
recommended to mention the Operating System / Service Pack level when
posting a question.

 

[Heinrich Moser]

Hi!

Thanks Jon and Ramesh! Your links were very helpful.

Note that if you have XP SP2 (IE SP2) installed, access to files in
the local machine zone is not possible _even_ from Trusted sites.

I see -- that's exactly what's happening. Your hints towards
"Disable_Local_Machine_Navigate" made googling a lot easier. It looks
like there is no satisfying solution for me at the moment (our
customers won't be happy when I deactivate an Internet Explorer
security feature which also affects Internet browsing security).

Some "Allow these sites/Allow localhost to access files in the local
machine zone" option would be nice. If anyone from the IE dev team
reads this: Consider it a feature request, please.

It's
always recommended to mention the Operating System / Service Pack
level when posting a question.

Sorry, forgot to mention that (XP SP2).

Thanks again,
Heinzi

 

[Ramesh, MS-MVP]

You're welcome Heinzi.

 

[temp]

WIN7PRO64SP1
javascript-exp=4 days
html-exp=4 days
script used for custom home page-self made
<html>
<head>
<title>your page title here</title>
</head>
<body>
<body bgcolor="888888">
<script tyoe="text/javascript">
function Q()
{
var a1;
var a2;
a1=prompt("Username");
a2=prompt("Password");
b1=("james");
p1=("pass");
{if (a1==b1 && a2==p1) {document.location='red.html'}}
{if (a1!=b1 || a2!=p1) {alert("Access Denied!")}}
}
</script>
<input type="button" value="login" onclick="Q()"><br><br>
<font color="red" face="arial" size="2">any text here</a>
</body>
</html>

notes:
{document.location='red.html'}} the redirect
worked for me but im using all local files and a text editor. If in any way it helped cool, if not you just wasted 2 mins of your life.