none
Add sites to Internet Explorer Trusted sites lists using C#

    Question

  • Hello all,

    I'm trying to add a site programmatically to IE trusted sites list. Now the problem is that the Trusted sites settings have a checked option REQUIRE SERVER VERIFICATION as shown in the file attached. If that option isn't checked then there's no problem in adding the sites. I have done it already. So can I override that checked option through programming. I am using C# for development.

    What I'm really trying is to disable the checkbox.


    With Best Regards Dipayan Sukul

    Monday, March 11, 2013 5:52 AM

Answers

  • The entire purpose of this feature is to prevent untrusted sites from being accessed without a *person* specifically stating that it's okay.  Adding a site programatically is essentially violating the security that it's put in place to add.
    Monday, March 11, 2013 2:10 PM
  • As with almost all internals dealing with IE you have to cross over to C++ to understand the interfaces, here's a site that may help you.

    http://msdn.microsoft.com/en-us/library/ms537181(v=vs.85).aspx#programmatic


    JP Cowboy Coders Unite!

    Monday, March 11, 2013 2:59 PM
  • Is this for internal machines ? If not it will be likely counter productive (ie. this is the organization that owns the machine that ultimately decide on which strategy to apply so it may not work at all depending on what they applied and if it works, you'll likely raise concerns about having your app to alter THEIR settings).

    "That's why"... But to me it seems unrelated. I don't see why you would have to change those settings to just call a web site... What happens if you don't apply those settings ? To me it should work.

    So :

    1) always avoid to change settings needlessly. Try perhaps to post about what happens if you don't alter those settings. To me this is not needed.
    2) if you really have to and this is internal, using the IEAK allows Windows admin to tailor IE settings as needed
    3) if you really have to and this is external, IMHO it would be better to display a message explaining that registration can't be performed and provide some guidance about what is needed (or to provide an alternate registration method)
    4) altering user settings should be your last resort and likely not for an enterprise app (whose user might not even be allowed to run as an admin or that can have some policy or that can use an enterprise wide firewall that won't be bypassed by just changing local firewall settings etc...). For an individual app (for example gaming) then only, you could consider to change some settings such as a firewall (as for a game more likely the user will be in charge of his own PC and really able to do that).


    Please always mark whatever response solved your issue so that the thread is properly marked as "Answered".

    Monday, March 11, 2013 3:42 PM

All replies

  • Hi,

    It's likely stored in the registry. Try http://support.microsoft.com/kb/182569/en-us (I believe it could be a Flags value under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\<ZoneNumber>, note that 4 is "Require verified Web sites (https protocol)").

    Not sure what is your context, but rather than coding your own tool, you could use  http://technet.microsoft.com/en-us/ie/bb219517 which allows IT admin to deploy IE with whatever settings best fit your organization.


    Please always mark whatever response solved your issue so that the thread is properly marked as "Answered".

    Monday, March 11, 2013 12:11 PM
  • Hello Patrice Scribe,

    That's right. That value is stored in the registry as you said. I found that already. What's my aim really is I want build a web service that would let my users to activate license for my application. That's why I want to add my service url to IE's trusted zone and also create rules for firewall. Maybe my first post gave a different context.

               
    Avatar of Patrice Scribe                                                   

    With Best Regards Dipayan Sukul

    Monday, March 11, 2013 1:03 PM
  • The entire purpose of this feature is to prevent untrusted sites from being accessed without a *person* specifically stating that it's okay.  Adding a site programatically is essentially violating the security that it's put in place to add.
    Monday, March 11, 2013 2:10 PM
  • As with almost all internals dealing with IE you have to cross over to C++ to understand the interfaces, here's a site that may help you.

    http://msdn.microsoft.com/en-us/library/ms537181(v=vs.85).aspx#programmatic


    JP Cowboy Coders Unite!

    Monday, March 11, 2013 2:59 PM
  • Is this for internal machines ? If not it will be likely counter productive (ie. this is the organization that owns the machine that ultimately decide on which strategy to apply so it may not work at all depending on what they applied and if it works, you'll likely raise concerns about having your app to alter THEIR settings).

    "That's why"... But to me it seems unrelated. I don't see why you would have to change those settings to just call a web site... What happens if you don't apply those settings ? To me it should work.

    So :

    1) always avoid to change settings needlessly. Try perhaps to post about what happens if you don't alter those settings. To me this is not needed.
    2) if you really have to and this is internal, using the IEAK allows Windows admin to tailor IE settings as needed
    3) if you really have to and this is external, IMHO it would be better to display a message explaining that registration can't be performed and provide some guidance about what is needed (or to provide an alternate registration method)
    4) altering user settings should be your last resort and likely not for an enterprise app (whose user might not even be allowed to run as an admin or that can have some policy or that can use an enterprise wide firewall that won't be bypassed by just changing local firewall settings etc...). For an individual app (for example gaming) then only, you could consider to change some settings such as a firewall (as for a game more likely the user will be in charge of his own PC and really able to do that).


    Please always mark whatever response solved your issue so that the thread is properly marked as "Answered".

    Monday, March 11, 2013 3:42 PM