EV10 Client Security Warning for Search Vaults
Has any see this yet? We believe we have found that a very small change to how the EV10 client creates the EVWebViewRedirect.htm file on the fly when selecting the Search Vaults button in Outlook causes a Security Warning Pop-up for some of our PCs.
EV9 and before create the file without any CRLF ... but EV10 does the following...
<!-- saved from url=(0014)about:internet --><HTML><HEAD><META HTTP-EQUIV=REFRESH CONTENT="0; URL=http://EVPROD002/ .... etc....
but EV10 does the following...
<!-- saved from url=(0014)about:internet -->
<HTML><HEAD><META HTTP-EQUIV=REFRESH CONTENT="0; URL=http://EVPROD002/ ... etc..
If we remove the CRLF, the Security Warning PopUp does not happen... and if we add the CRLF to the EV9 version of the file, it causes the PopUp.
This only happens on particular builds of our PCs so we're digging into what IE security setting this might be (or perhaps an IE version bug). Let me know if anyone else has seen this - or a similar issue where a CRLF causes such behavior - and how to resolve it.
I believe it's meant to be
I believe it's meant to be this way, and use the MOTW, because that's the only way that it will work. Historically there have been some changes in this area. It is probably best to contact Support, and they can dig up the details of the changes, and the why's and whatfor's.
It's my last day in a week, and I don't really have access to this stuff any more :(
Comments
Ignore the 1st "... but EV10
Ignore the 1st "... but EV10 does the following..."
Yes, seen it before. It's
Yes, seen it before. It's called Mark-Of-The-Web..
I also thought that this had been fixed a few times in the recent past. Have you tried a 10.0.1 client and/or a 9.0.3 HF client?
Many Thanks,
Rob
www.quadrotech-it.com - All your EV Tools
PS I hope that the post proves helpful.
Thanks Rob!.. now the
Thanks Rob!.. now the question is why is the web page setting the MOTW as.. <!-- saved from url=(0014)about:internet --> which is the cause of the prompt based on the IE intranet zone setting "Websites in less privileged web content zone can navigate into this zone"? Is the EV client always going to set that .htm file as "about:internet" or can I make it an intranet site if I configure something in EV?
I believe it's meant to be
I believe it's meant to be this way, and use the MOTW, because that's the only way that it will work. Historically there have been some changes in this area. It is probably best to contact Support, and they can dig up the details of the changes, and the why's and whatfor's.
It's my last day in a week, and I don't really have access to this stuff any more :(
Many Thanks,
Rob
www.quadrotech-it.com - All your EV Tools
PS I hope that the post proves helpful.
Was anything else needed on
Was anything else needed on this issue?
Many Thanks,
Rob
www.quadrotech-it.com - All your EV Tools
PS I hope that the post proves helpful.
Would you like to reply?
Login or Register to post your comment.