Block Internet Explorer 10 shortcuts: source menu (ctrl+u), view downloads (ctrl+j) and history (ctrl+h) RRS feed

  • Question

  • Hello, we have to harden Internet Explorer to use in the kiosk mode (-k). The user should not be able to do a thing besides using the application which is loaded. We have set all the meaningful Group Policys like "View menu: Disable Source menu option" and "Turn off Shortcut menu" under "User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser menus". I cant find a way to disable ctrl+u, ctrl+j and ctrl+h.

    Reagrds, Felino

    Friday, April 25, 2014 1:30 PM

All replies

  • Hi Don,

    There is no option to turn off shortcuts in Internet Explorer.

    You can however configure a Group Policy and disable options for Internet Explorer.

    a)       Press Windows key + R

    b)       Type gpedit.msc and press enter

    c)       Group Policy -> User Configuration > Administrative Templates > Windows Components > Internet Explorer

    Here you can do some configurations which you don’t want users to have access to.

    Karen Hu
    TechNet Community Support

    Monday, April 28, 2014 3:28 AM
  • Hi Karen,

    thanks for the answer.

    Yes there is no working option to turn off shortcuts, even Group Policy says: "To prevent users from viewing the HTML source of a Web page from the shortcut menu, set the 'Turn off Shortcut Menu' policy, which disables the entire shortcut menu" (I know right click context menu is meant in this case).

    But is there a workaround to prevent users from using ctrl+u, ctrl+j and ctrl+h?

    What do all the admins do, who have to provide kiosk systems, which have to be forged?

    Regards, Felino

    Monday, April 28, 2014 6:35 AM
  • Does nobody has an idea? This seems to be a flaw in Security.

    I dont want anybody to see the source code, download manager and history.

    These tools give the user too many options to play around. Back then in IE8 the only thing you could not lock was the history, but then IE9 and 10 came with new options and Microsoft maybe forgot about Group Policy implementation.

    Wednesday, April 30, 2014 6:41 AM
  • Maybe somebody knows how to modify the registry for that?
    • Edited by Don Felino Thursday, January 15, 2015 1:42 PM
    Monday, May 5, 2014 6:11 AM
  • I had the exact same issue. Policies could patch most security holes, except these 3. And don't forget F7, which is also a security issue and can't seem to be disabled by policies.

    Here's how I did it:

    - I installed AutoHotkey on the server, and created a script to disable these keys:





    - I created a script on the server, which runs IE in kiosk mode, and THEN AutoHotkey. The order is important, because AutoHotkey doesn't return, when called from a script or command line.

    - I assigned the script to run at login, in the policies, plus forced the system to show desktop (which is counter intuitive, but it does the right thing).

    Start a program on connection

    Always show desktop on connection

    Friday, November 17, 2017 6:06 PM