‘Security through obscurity’ or simply ‘Security incompetence’?

If you use a WebControl in a Windows Presentation Framework application that access to local JS files, it show this warning:
x

If i add
x
at the top of index.html,
IE 11 think is loaded from about:internet and will not display the Security warning. Currently i don’t know if is also a security issue.

Tested with Windows 10 – IE 11.

One thought on “‘Security through obscurity’ or simply ‘Security incompetence’?”

  1. I thought this was bad too back when I saw it. It’s been around for a while though. I encountered it when helping a Tech Writer figure out how to bypass that warning in his help text/documentation for a software product that was using an old version of RoboHelp (if I recall correctly…).

    If you look here you will see Microsoft even mentions the bypassing:
    https://msdn.microsoft.com/en-us/library/ms537628(v=vs.85).aspx

    A quick look says it’s been around since at least 2011, probably earlier… Didn’t look in to it too much.

    Keep up the good exploring. 😉

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.