Peenie Wallie

Those of you who use Internet Explorer 7 may have come across a message in the Information Bar similar to the one posted below (with screen capture) whenever you visit a site or page that makes use of a Javascript dialog box (or scripted window as IE likes to call it). I'm using Google Adsense as an example, since the behaviour occurs whenever a user attempts to add an ad channel into their list of ad channels:

Google Adsense scripted window

The full text reads: "This website is using a scripted window to ask you for information. If you trust this website, click here to allow for scripted windows..." If you click on the information bar, you will be given the option to "Temporarily Allow Scripted Windows", as per the screen capture below:

Temporarily Allow Scripted Windows option

This will provide a temporary fix, and will allow access to any scripted windows on the site in question. The temporary period, from what I can gather, lasts the duration of a browser session (or a login session in the case of Google Adsense). However, there is a very simple means of allowing scripted windows to show up for a particular website, and this tutorial will outline the steps for you.

Caveat

This solution will lower security levels for any sites that you choose to apply this method to, and therefore may subject you to unwanted problems that stem from the aforementioned security reduction. A site such as Google Adsense can be trusted, and ir is one of the reasons I have chosen to use it for this particular example. However, I strongly recommend that you exercise caution and good judgement and reserve this technique strictly for sites that you know and trust.
The Steps

1. With the site containing the scripted windows open, select Tools -> Internet Options from the Menu Bar. If your menu bar is not available, right-click on one of your other toolbars and select the Menu Bar option.

Tools --> Internet Options
2. Select the "Security" tab, then the "Trusted Sites" icon. We will be adding a Site to the Trusted sites section, so click the "Sites" button as well.

Trusted Sites, Internet Explorer 7
3. If you kept the site containing the scripted windows open, as per Step 1, you should see it in the "Add this website to the zone:" dialog box. If not, you will have to type the site URL in, including the http:// or https:// prefix. Once the site containing the scripted windows is contained within the 'Add this website to the zone:" dialog box, click "Add", then "Close", then "OK".

Add Trusted Site, Internet Explorer 7
4. If you still see the yellow Information Bar on the site in question, close and then reopen the site. You may also need to close all open IE7 browser windows, but that shouldn't be necessary.

That's it! You're done! The Information Bar should no longer show up for the offending site, and you should be able to use any containing Scripted Windows.

2 Responses to "How To Permanently Allow Scripted Windows on Select Sites in Internet Explorer 7"

May 13th, 2007 at 1:37 pm
1. Catmoves Says:

Um, good advice, but I prefer not to allow first time visits to web sites the privilege of using web scripts on my computer. I think I'm on pretty good ground there, because so many gurus advise against it. (GRC, Fred Langa, etc., etc.)

What I have done is download a package for IE called CallingID. Placing my cursor over any web site address causes a pop up to appear as it investigates a web site. It's not perfect, but I use it as a supplement. Your web sites, for instance are qualified as "Low Risk." Google blogs are "Verified," and the third class is a real "warning" that the site should not be visited unless you don't mind nasties on your computer. this program is available from GRC. He points out it isn't the be all and end all, but I like it.

May 13th, 2007 at 2:49 pm

2. Adam Says:

This won't allow first-time visits to web sites the privilege, which is precisely the idea behind it. Selected websites get the opportunity to bypass the script, but only selected websites.

It's actually the reason I posted this particular item; most of the advice given on this subject advocate precisely what you spoke out against (and quite correctly); allowing all sites web site scripts privilege. I would agree with any security guru that advises against it as well.

GRC's a good site. I like a lot of what Steve Gibson does. I don't agree with all of it, but I believe he's got people's best interests at heart, and that puts GRC above 99.9% of sites out there (that, and I love his port scanner tool.)

Good comment though; it allowed me the opportunity to clarify something, and that's always cool in my book.