How to add URL to the trusted zone in Internet Explorer?

StackOverflow https://stackoverflow.com/questions/2470980

Question

How can I add an URL to the trusted site? It seems that there are stored in the registry, but where exactly?
The hints I've googled so far weren't helpfull.

The .net programm will run locally on each client.

Edit clarification: I want to do this programmaticly running C# code.

Was it helpful?

Solution

The following should give you the way to do it in code...

http://blogs.msdn.com/ie/archive/2005/01/26/361228.aspx

OTHER TIPS

It lies indeed in the registry, and it's described right there:

http://msdn.microsoft.com/en-us/library/ms537181%28VS.85%29.aspx

Beware of the UAC in Vista though. It's a real pain to deal with.

Check this solution at CodeGuru forums.

In summary, this code uses the COM library, a library which you did say you wished to avoid. However, there is no workaround this situation. Another thing to mention is that this code is written in C++, as the guy who wrote it, CorithMartin, ported it from C#.

#include "windows.h"
#include "stdafx.h"
#include "urlmon.h"
#using <mscorlib.dll>
#include <atldef.h>
#include <atlconv.h>
using namespace System;
using namespace System::Runtime::InteropServices;
#define MAX_LOADSTRING 100

int _tmain(int argc, _TCHAR* argv[])
{
    // constants from urlmon.h
    const int URLZONE_LOCAL_MACHINE = 0;
    const int URLZONE_INTRANET = URLZONE_LOCAL_MACHINE + 1;
    const int URLZONE_TRUSTED = URLZONE_INTRANET + 1;
    const int URLZONE_INTERNET = URLZONE_TRUSTED + 1;
    const int URLZONE_UNTRUSTED = URLZONE_INTERNET + 1;
    const int URLZONE_ESC_FLAG = 0x100;
    const int SZM_CREATE  = 0;
    const int SZM_DELETE  = 0x1;

    HRESULT hr;
    IInternetSecurityManager *pSecurityMgr;
    LPCWSTR sites = SysAllocString(L"http://*.mydomain.com");

    CoInitialize(NULL);

    hr = CoCreateInstance(CLSID_InternetSecurityManager, NULL, CLSCTX_INPROC_SERVER, IID_IInternetSecurityManager, (void**)&pSecurityMgr);

    pSecurityMgr->SetZoneMapping(URLZONE_TRUSTED, sites, SZM_CREATE);

    pSecurityMgr->Release();

    return 0;
}

Powershell

#Setting IExplorer settings
Write-Verbose "Now configuring IE"
#Add http://website.com as a trusted Site/Domain
#Navigate to the domains folder in the registry
set-location "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
set-location ZoneMap\Domains

#Create a new folder with the website name
new-item website/ -Force
set-location website/
new-itemproperty . -Name * -Value 2 -Type DWORD -Force
new-itemproperty . -Name http -Value 2 -Type DWORD -Force
new-itemproperty . -Name https -Value 2 -Type DWORD -Force

To add a new trusted zone it creates zone registry keys and folders on the path HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains for each domain it creates a new key with domain name ( sample.com) a new key under this one with the subdomain (www) and under this one a new REG_DWORD with name of the scheme (http or https) value 2 on hexadecimal and that is it,you got it done

Here's a way to simplify the process.

  1. Create a .exe to ask for the domain (a textbox), specify the providers (as checkboxes: All, http, https, ftp) click "Add Site to Trusted Sites" to then do the following:
  2. Create a temp folder on C: as "C:\TempTS\"
  3. Create a .bat file ("C:\TempTS\AddTrustedSites.bat") similar to this:

set regFile="C:\TempTS\AddTrustedSiteTS.reg"

ECHO Windows Registry Editor Version 5.00 > %regFile%

ECHO [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\MySecureDomain.com\www] >> %regFile

ECHO "https"=dword:00000002 >> %regFile%

regedit /s %regFile%

DEL %regFile%

The ECHO [HKEY_CURRENT_USER... and ECHO "https"... lines can be repeated for each provider checked. For the "ALL" provider, use an asterisk in place of "https", like such:

ECHO [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\MySecureDomain.com\www] >> %regFile% ECHO "*"=dword:00000002 >> %regFile%

Run the .bat file using this call:

System.Diagnostics.Process.Start("C:\TempTS\AddTrustedSites.bat")

After the .bat file is ran (takes mere microseconds), delete both the bat file and tempTS directory.

MacSpudster

(a.k.a. GNoter, TechStuffBC)

=========================

Credit where credit is due:

regedit /s AddTrustedSite.reg

the "/s" will supress confirm dialog boxes

http://www.computerhope.com/registry.html

also:

see http://www.computing.net/answers/windows-xp/bat-file-to-add-trusted-site-in-ie/139995.html

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top