none
Get Hyperlink warning with Outlook 2013, why? RRS feed

  • Question

  • Hi,

    I have create a Add-in toolbar for outlook which creates some HTML pages when click on history.

    This HTML pages have some hyperlink, on click they execute respective command.

    But with Outlook 2013 on click of hyperlink it prompt for a security dialog with details and 'Yes' & 'No' .

    I know the responsible registry entry is "HKEY_CURRENT_USER\Software\Microsoft\Office\[OL version]\Common\Security\DisableHyperlinkWarning" with value '1'.

    But my question is with Outlook 2010/2007 this registry automatically created with value '1' for all the users, but with Outlook 2013 this registry does not created automatically, we can create the registry programmatically but this will looks like a breach in Outlook security and after that any of the hyperlink does not prompt for security dialog.

    Can anybody please suggest something?

    Thanks,

    Nikhil

    Tuesday, January 22, 2013 7:23 AM

All replies

  • If disabling this security is imperative to your solution, all you can really do is inform the users of your implementation and hope that it doesn't affect the adoption rate.

    Are you creating HTML emails or are you hosting HTML in a Web Browser control in a Windows Form?  If you're simply generating HTML outside of an Outlook item, perhaps active content in a Web Browser control will bypass the security warnings - I can't remember.

    Eric Legault MVP (Outlook)
    About me...
    Outlook Appins: Store Social Media fields in your Outlook Contacts!

    Tuesday, January 22, 2013 4:36 PM
    Moderator
  • Hi Eric,

    Thanks for your reply. 

    Yes , we already think that we should prompt/inform to user first time, when we create that registry.

    I am creating some HTML pages which is not hosted any other web browser control in windows form, this HTML is hosting in outlook browser window.

    Is this observation is right, that in Outlook 2013 does not create this registry automatically where in Outlook 2010/2007 creates that ? If yes, i did not find any documentation yet anywhere. Can you please verify that at your end as well, if possible?

    Thanks,

    Nikhil

    Wednesday, January 23, 2013 4:33 AM
  • That key does not exist in Outlook 2013, so you'll have to add it.

    Disable the Unsafe Hyperlink Warning when Opening Attachments - Slipstick Systems:
    http://www.slipstick.com/how-to-outlook/disable-unsafe-hyperlink-warning-opening-attachments/#!


    Eric Legault MVP (Outlook)
    About me...
    Outlook Appins: Store Social Media fields in your Outlook Contacts!

    Wednesday, January 23, 2013 4:47 PM
    Moderator
  • Hi Eric,

    Thanks for your help!

    There is an other solution, our hyperlink has a protocol which call when click on the hyperlink, we can add this to the trusted protocol in registry. link is http://support.microsoft.com/kb/982301/en-us  , this is for Outlook 2007 but same can be done for Outlook 2013.

    But the issue is if a non admin user logged in than this registry entry is not accessible, and unable to create registry. Is there any way to add our custom hyperlink protocol in trusted protocols list for the user?

    Thanks

    Nikhil

    Thursday, January 24, 2013 8:24 AM
  • from the link you provided i see that this entry is under HKCU - so in worst case your add-in can check for existance of that entry and create it on the fly - of course it might now be catched by current office app session since it might have already read them and cached, but try it out anyway. Second option would be to use unsupported registry entries that office itself uses to copy to HKCU when new user logs onto the system and uses office.

    Thursday, January 24, 2013 8:37 AM
  • I was going to answer your question and close out this thread that I was helping you on, but Damian has decided that he should do so.  I concur with his assessment - no admin rights are required to write to HKCU so you should be able to add this key with your solution.


    Eric Legault MVP (Outlook)
    About me...
    Outlook Appins: Store Social Media fields in your Outlook Contacts!

    Thursday, January 24, 2013 2:54 PM
    Moderator
  • Hi Eric,

    Thanks for your prompt reply.

    We cannot write/edit registry under "HKCU\Software\Policies" with a non-admin rights(i.e. Standard User, Guest User). Even if i logged in with a standard user and try to add registry manually it gives an error "Cannot create Key:  You do not have the requisite permissions to create a new key under Policies". Can we have any other option for that?

    Any help would be appreciated.

    Thanks,

    Nikhil

    Friday, January 25, 2013 5:43 AM
  • that was suprising but you are right, i'm sorry for proposing non-working solution.

    How do you distribute your add-in? clickonce, msi or something else?

    Friday, January 25, 2013 6:36 AM
  • Hi Damian,

    We distribute our add-in as msi or exe which is created through our custom packaging solution.

    can we do it by applying any custom group policy? I do not know how to do it, this is just click on my mind.
    • Edited by Nikhil_GL Friday, January 25, 2013 9:25 AM
    Friday, January 25, 2013 9:21 AM
  • completly custom? like simple .net exe app?
    Friday, January 25, 2013 9:27 AM
  • Hi,

    Yes this is a simple exe .


    Friday, January 25, 2013 9:47 AM
  • do your users have no admin rights at all? or maybe just they operate under UAC and can elevate? MSI has custom actions that with NoImpersonate bit runs under TrustedInstaller process which has rights to write to HKLM and most probably to that Policies key. When executing that installer users will be asked to evelate that process so from UI point of view it will be very smooth.

    If however users have no admin rights at all, then maybe automatic deployment through GPO advertising is possible? do you deploy your add-in in Active directory based organizations?

    Friday, January 25, 2013 10:34 AM