Ant wrote:

> "Sebastian G." wrote:
>
>> Ant wrote:
>>> Error messages (e.g. 404) don't appear in my IE without OK-ing an
>>> ActiveX prompt.
>> Interesting. How did you get such a configuration?
>
> By tweaking the registry values under ...\Internet Settings\Zones\0


And which exactly? I configured everything possible for the Local Zone,
including everything from IE's GUI as well as all group policies.

> Many people would find that a nuisance when performing some normal
> day-to-day operations but I tend not to operate normally.


I know, even the SCM msc applet hicks up when deactivating scripting for the
local zone.

Still I couldn't reproduce your finding that the Help Message Generator COM
Controls from MSIE's internal resource pages could not be instantiated.

>> Instantiation already happens before it tries to apply its policies.
>
> Perhaps limiting ActiveX in *all* zones would stop it.


No, that won't help either: The problem is that the instantiation is done by
the COM Server (typically running in the DCOM Server Service), and it has
its own policies and configuration. And its default policy is to
automatically download, install and update every control it stumbles upon.

> I've yet to see a control instantiated that I haven't explicitly allowed.


LOL? Even the list view in Windows Explorer is implemented by a COM Control.