Skip to main content

Remember Kids, IE Security Settings Affect Firefox Too

I was configuring a new Windows Server VM yesterday, and the first thing I do on a blank Windows server is launch IE once and once only to download Firefox. To avoid what I call the "trusted site dance" with Mozilla's mirrors since IE doesn't let you add a trusted site and then continue the download you started, I go into IE security settings and make the following setting changes to the Internet zone:
  • Enable file downloads
  • "Prompt" for launching applications and unsafe files
  • "Prompt" for launching programs and files in an IFRAME
Note that these are the settings you need to change if you get the "Your current security settings do not allow this file to be downloaded" error.

This time I decided to be a good boy and change these settings back to disabled after I was done, and then I launched Firefox to download Java and some other things I need to install on this server. This probably shouldn't have surprised me, but when I tried to download anything in Firefox, it would download a 0 byte file and the download dialog box would read "Canceled."

I went back into IE's security options and re-enabled file downloads and voila, I could download files again.

I understand the fact that IE's security settings tab is really a shortcut for Internet Options at the OS level, but this is still pretty irritating. What if I want file downloads disabled for IE but enabled for Firefox? Guess you can't do that. Thanks Windows.

Comments

coreygilmore said…
I use the solution you posted a few months ago. I prefer to manage Firefox settings in Firefox, not IE.http://blog.mattwoodward.com/bypassing-windows-security-checks-in-firefox
Matthew Woodward said…
Heh--I forget my own blog posts all the time. Getting old sucks.

Popular posts from this blog

Installing and Configuring NextPVR as a Replacement for Windows Media Center

If you follow me on Google+ you'll know I had a recent rant about Windows Media Center, which after running fine for about a year suddenly decided as of January 29 it was done downloading the program guide and by extension was therefore done recording any TV shows.

I'll spare you more ranting and simply say that none of the suggestions I got (which I appreciate!) worked, and rather than spending more time figuring out why, I decided to try something different.

NextPVR is an awesome free (as in beer, not as in freedom unfortunately ...) PVR application for Windows that with a little bit of tweaking handily replaced Windows Media Center. It can even download guide data, which is apparently something WMC no longer feels like doing.

Background I wound up going down this road in a rather circuitous way. My initial goal for the weekend project was to get Raspbmc running on one of my Raspberry Pis. The latest version of XBMC has PVR functionality so I was anxious to try that out as a …

Setting Up Django On a Raspberry Pi

This past weekend I finally got a chance to set up one of my two Raspberry Pis to use as a Django server so I thought I'd share the steps I went through both to save someone else attempting to do this some time as well as get any feedback in case there are different/better ways to do any of this.

I'm running this from my house (URL forthcoming once I get the real Django app finalized and put on the Raspberry Pi) using dyndns.org. I don't cover that aspect of things in this post but I'm happy to write that up as well if people are interested.

General Comments and Assumptions

Using latest Raspbian “wheezy” distro as of 1/19/2013 (http://www.raspberrypi.org/downloads)We’lll be using Nginx (http://nginx.org) as the web server/proxy and Gunicorn (http://gunicorn.org) as the WSGI serverI used http://www.apreche.net/complete-single-server-django-stack-tutorial/ heavily as I was creating this, so many thanks to the author of that tutorial. If you’re looking for more details on …

The Definitive Guide to CouchDB Authentication and Security

With a bold title like that I suppose I should clarify a bit. I finally got frustrated enough with all the disparate and seemingly incomplete information on this topic to want to gather everything I know about this topic into a single place, both so I have it for my own reference but also in the hopes that it will help others.Since CouchDB is just an HTTP resource and can be secured at that level along the same lines as you'd secure any HTTP resource, I should also point out that I will not be covering things like putting a proxy in front of CouchDB, using SSL with CouchDB, or anything along those lines. This post is strictly limited to how authentication and security work within CouchDB itself.CouchDB security is powerful and granular but frankly it's also a bit quirky and counterintuitive. What I'm outlining here is my understanding of all of this after taking several runs at it, reading everything I could find on the Internet (yes, the whole Internet!), and a great deal…