This policy setting controls whether or not local path information is sent when the user is uploading a file via an HTML form. If the local path information is sent some information may be unintentionally revealed to the server. For instance files sent from the user's desktop may contain the user name as a part of the path.If you enable this policy setting path information is sent when the user is uploading a file via an HTML form.If you disable this policy setting path information is removed when the user is uploading a file via an HTML form.If you do not configure this policy setting the user can choose whether path information is sent when he or she is uploading a file via an HTML form. By default path information is sent.
Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone
User
At least Internet Explorer 7.0
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2!160A
inetres.admx