Admin-approved behaviors

For each zone the Binary and Scripted Behavior security restrictions may be configured to allow only a list of admin-approved behaviors. This list may be configured here and applies to all processes which have opted in to the behavior and to all zones. (Behaviors are components that encapsulate specific functionality or behavior on a page.)If you enable this policy setting this sets the list of behaviors permitted in each zone for which Script and Binary Behaviors is set to 'admin-approved'. Behaviors must be entered in #package#behavior notation e.g. #default#vml.If you disable this policy setting no behaviors will be allowed in zones set to 'admin-approved' just as if those zones were set to 'disable'.If you do not configure this policy setting only VML will be allowed in zones set to 'admin-approved'.Note. If this policy is set in both Computer Configuration and User Configuration both lists of behaviors will be allowed as appropriate.

Policy path: 

Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction

Scope: 

Machine

Supported on: 

At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1

Registry settings: 

HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!ListBox_Support_AllowedBehaviors; HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedBehaviors

Filename: 

inetres.admx

Related content