Updated: April 2011
This article describes feature controls with names that begin with the letter S or T. For links to other feature controls, see Feature
Controls.
Save Dialog Button Hiding
The FEATURE_DOWNLOAD_PROMPT_META_CONTROL feature allows web developers to use a the name attribute of a META
element to hide buttons on the Save dialog box that appears when you download files using Windows Internet Explorer. When this feature is disabled, the META elements cannot be used to hide buttons in the Save dialog
box.
By default, this feature is enabled for Internet Explorer and for applications hosting the WebBrowser Control. To disable this
feature by using the registry, add the name of your executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_DOWNLOAD_PROMPT_META_CONTROL
contoso.exe = (DWORD) 00000000
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
Script URL Mitigation
Internet Explorer 7 and later. Prior to Internet Explorer 7, href attributes of a objects
supported the javascript prototcol; this allowed webpages to execute script when the user clicked a link. For security reasons,
this support was disabled in Internet Explorer 7. For more information, see Event 1034 - Cross-Domain Barrier and Script URL Mitigation.
When enabled, the FEATURE_SCRIPTURL_MITIGATION feature allows the href attribute of a objects to support the javascript prototcol.
By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature using the registry, add the name of your executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_SCRIPTURL_MITIGATION
contoso.exe = (DWORD) 00000000
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
Note When the javascript prototcol is enabled for href attributes, the value of the href attribute is limited to 2047 characters.
Security Certificate Revocation Failure
Internet Explorer 7 and later. In order to confirm the identity of organizations that host secure webpages, certifying authorities issue security certificates. These certificates are validated when you request a secure webpage.
By default, Internet Explorer performs a number of steps in order to validate the security certificate for a secure website. If a certificate is invalid, is out-of-date, or improperly identifies the website in question, Internet Explorer displays a notification
to the user.
As an additional verification step, many certifying authorities also provide a service that identifies certificates that have been recently revoked. Earlier versions of Internet Explorer displayed notifications when this service could not be reached.
Because the inability to reach these services does not necessarily indicate that a certificate has been revoked, many users complained that such notifications were "false positives." After considerable negative feedback, these notifications were disabled
by default in Internet Explorer 7 and later.
When enabled, the FEATURE_WARN_ON_SEC_CERT_REV_FAILED feature displays notifications when Internet Explorer cannot reach the certificate revocation service published by a certifying authority. By default, this feature is disabled for Internet Explorer. This
feature is not supported for applications hosting the WebBrowser Control.
To enable this feature using the registry, add the name of the Internet Explorer executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_WARN_ON_SEC_CERT_REV_FAILED
iexplore.exe = (DWORD) 00000001
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
Note Note: Failure to reach the revocation service for a certifying authority does not necessarily mean that a security certificate is invalid or should not be trusted. It simply means that one of several validation steps could not be completed.
SHDOCLC.DLL Resource Loading
Earlier versions of Internet Explorer loaded resources stored in the shdoclc.dll file. For security reasons, Internet Explorer no longer loads resources from this file by default. When enabled, the FEATURE_LOAD_SHDOCLC_RESOURCES feature allows resources
to be loaded from the shdoclc.dll file.
By default, this feature is disabled for Internet Explorer and for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_LOAD_SHDOCLC_RESOURCES
contoso.exe = (DWORD) 00000001
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
Note Because this feature reverses a change designed to improve the security of Internet Explorer, enabling this feature is strongly discouraged.
SSL Security Alert Display
Internet Explorer 7 and later. When the FEATURE_SSLUX feature is enabled, problems with a website's Secure Sockets Layer (SSL) are displayed using descriptive webpages, rather than the security alert dialog boxes seen in earlier versions of Internet Explorer.
For more information, see BINDINFO_OPTIONS_IGNORE_SSLERRORS_ONCE.
To enable this feature by using the registry, add the name of your executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_SSLUX
contoso.exe = (DWORD) 00000001
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
Status Bar Update Frequency
When enabled, the FEATURE_STATUS_BAR_THROTTLING feature limits the frequency of status bar updates to one update every 200 milliseconds.
By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_STATUS_BAR_THROTTLING
contoso.exe = (DWORD) 00000001
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
Structured Storage Detection
Internet Explorer 9. Prior to version 7, Internet Explorer opened Microsoft ActiveX documents by launching the registered application for the document within the browser window. For security reasons, this behavior is disabled by default in Internet Explorer
7 and later versions.
When enabled, the FEATURE_RESTRICT_CDL_CLSIDSNIFF feature enables the URLACTION_ALLOW_STRUCTURED_STORAGE_SNIFFING URL Action, which permits ActiveX documents to be opened within the context of a webpage on a zone-by-zone basis.
Note For security reasons, this feature should not be enabled. Instead, applications that depend on this feature should be redesigned to use more secure approaches.
To enable this feature by using the registry, add the name of your executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_RESTRICT_CDL_CLSIDSNIFF
contoso.exe = (DWORD) 00000001
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
Tabbed Browsing Shortcuts and Notifications
Internet Explorer 7 or later. When enabled, the FEATURE_TABBED_BROWSING feature enables tabbed browsing navigation shortcuts and notifications. For more information, seeTabbed
Browsing for Developers.
By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_TABBED_BROWSING
contoso.exe = (DWORD) 00000001
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
Telnet Protocol Support
Internet Explorer 7 or later. When enabled, the FEATURE_DISABLE_TELNET_PROTOCOL feature disables the built-in telnet protocol handler. When this feature is disabled, the "telnet:" protocol is enabled.
By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_DISABLE_TELNET_PROTOCOL
contoso.exe = (DWORD) 00000001
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
UNC File Support for MotW
The FEATURE_UNC_SAVEDFILECHECK feature enables the Mark of the Web (MOTW) for local files loaded from network locations that have been shared by using the Universal Naming Convention (UNC). If the file contains a MOTW, the file is loaded into the security
context specified by the MOTW. For more information, see Mark of the Web
By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_UNC_SAVEDFILECHECK
contoso.exe = (DWORD) 00000001
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
Usernames and Passwords in URL's
Microsoft Internet Explorer 6 for Windows XP Service Pack 2 (SP2) and later. Internet Explorer no longer allows usernames and passwords to be specified in URLs that use the HTTP or HTTP protocols. URLs using other protocols, such as FTP, still allow usernames
and passwords. When disabled, the FEATURE_HTTP_USERNAME_PASSWORD_DISABLE feature allows usernames and passwords to be included in HTTP or HTTPS URLs.
By default, this feature is enabled for Internet Explorer and disabled for applications hosting the WebBrowser Control. To enable this feature by using the registry, add the name of your executable file to the following setting.
HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
SOFTWARE
Microsoft
Internet Explorer
Main
FeatureControl
FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
contoso.exe = (DWORD) 00000001
The feature is enabled when the value is set to (DWORD) 00000001 and disabled when the value is (DWORD) 00000000.
