none
Allow cookies for a specific site using registry on IE8 RRS feed

  • Question

  • Hi all ,

    I need to allow cookies for a specific site using registry on IE8 to my users  
    I found the below key but I don't know how to do the same for a specific site  

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3

    Block All Cookies: 00000003
    High: 00000001
    Medium High: 00000001
    Medium: 00000001
    Low: 00000001
    Accept all Cookies: 00000000


    Thank you

    Monday, July 6, 2015 12:43 PM

Answers

  • Hi,

    Tools>Internet Options>Privacy tab, 'Sites' button.

    mmm.... I can't see where the equivalent setting in GPO is....

    I presume that the registry key is

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\3

    use the * (wildcard character) to map the domain to the Internet Zone... some sites use sub-domains to validate credentials....

    the reg key you quoted appears to be undocumented.... Where (link) did you obtain that information?

    It sounds to me like your users are having trouble logging on to their google, outlook or facebook accounts.... (Please include the addresses of any websites you are having issues with your questions)...

    This is not caused by site cookies per say.

    Tools>Internet Options>Security tab, click "Reset all zones to default".
    Trusted Sites Icon, 'Sites' button...... Remove any public domains from the list....

    sites like Outlook, google or facebook (or any site that uses FB connect, MS Passport or Google Play) validate user credentials on a sub domain... eg. account.google.com

    IE has a security zone setting to "Prevent navigation into a zone of lower integrity"...
    so when a user visits the site they are redirect to the actual validation domain eg. account.google.com which is in a lower security zone)...IE will fail to validate. The symptom of this is that the browser goes into a loop back and forward with the redirects (this may vary).

    The Trusted sites zone is ACTUALLY lower security.... usually enterprises will place the domains of their business partners in there when they know that their partner sites use unsigned ActiveX controls.

    It is best if you don't place public access sites in the Trusted sites zone...https works just as well in all zones (that is the request/response is encrypted)

    File>Properties menu to determine which IE security zone a website maps to....

    Additionally, if you are the system administrator, you may like to use GPO to disable user access to the Security tab of Internet Options, to prevent users placing public access sites into the Trusted Sites list or altering their Intranet zone configurations (allow your developers to do what they must though).

    If possible please include the address of any website (except intranet sites) with your questions... that way we can visit the site/page to do some testing to give you better answers.

    Regards.


    Rob^_^


    Tuesday, July 7, 2015 8:37 AM