If you use a WebControl in a Windows Presentation Framework application that access to local JS files, it show this warning:
If i add
at the top of index.html,
IE 11 think is loaded from about:internet and will not display the Security warning. Currently i don’t know if is also a security issue.
Tested with Windows 10 – IE 11.
One thought on “‘Security through obscurity’ or simply ‘Security incompetence’?”
I thought this was bad too back when I saw it. It’s been around for a while though. I encountered it when helping a Tech Writer figure out how to bypass that warning in his help text/documentation for a software product that was using an old version of RoboHelp (if I recall correctly…).
If you look here you will see Microsoft even mentions the bypassing:
A quick look says it’s been around since at least 2011, probably earlier… Didn’t look in to it too much.
Keep up the good exploring. 😉