Windows Internet Explorer Application Compatibility
This document is designed to be a companion to the Microsoft Application Compatibility Toolkit (ACT) (which is part of the Internet Explorer Compatibility Test Tool). The Windows Internet Explorer Compatibility Test Tool logs information about your browsing session in Internet Explorer.
As you browse webpages, Internet Explorer logs events that indicate potential application compatibility issues for Windows Internet Explorer 8. The Internet Explorer Compatibility Test Tool logs the name of each event along with a short description. Each description also contains a link to this documentation. The intention is that users of the Internet Explorer Compatibility Test Tool use this document to find out more about each event and what they can do to remediate the identified compatibility issue.
The remainder of this section contains a topic page for each of the events that can be logged by the Internet Explorer Compatibility Test Tool. After the user has navigated to this document, the intention is that the table of contents will be used to link directly to the event that the user is interested in. The section for each event contains the following information:
- Logged Message– This is a copy of the event description that you will see in the Internet Explorer Compatibility Test Tool.
- What is it?– This is an elaboration of the logged message explaining what the event is. Additional references are provided when available.
- When is this event logged?– This is a short description of what has to happen in your webpage for this event to be logged in the Internet Explorer Compatibility Test Tool.
- Example– Most events include examples that demonstrate how to make the corresponding event create a log entry in the compatibility tool. These examples help make the description of the event more concrete.
- Remediation– Guidance on what you can do to eliminate the incompatibility from your website.
The Remediation section for each event has been written to be as complete as possible. Be aware that sometimes this guidance is short; there is not always a workaround. Therefore, some guidance is intended to simply educate you about the issue so that you can design your site appropriately.
In many cases remediation guidance includes steps to disable a particular feature. It's important to understand that the first and best option is always to redesign your application to eliminate the compatibility issue. Disabling a feature (many of which are security related) may fix a particular compatibility issue, but it may also open a vulnerability in your browser. Disabling a feature is mainly useful during troubleshooting to observe behavior in an enabled versus disabled state. But on an on-going basis, disabling features should only be used as a last resort—and even then only as a short term solution.
When security issues come up they will be called out with the label Security Alert. Be sure to pay special attention to these warnings.
Internet Explorer Policy Settings
Starting with Windows XP Service Pack 2 (SP2), Windows Internet Explorer provides enhanced management capabilities through Group Policy. Prior to Windows XP SP2, many of the Internet Explorer security-related settings could only be managed by setting user preferences. This approach provided limited manageability because users could change their preference settings by using the Internet Explorer user interface or the registry.
Starting with Windows XP SP2, Internet Explorer settings can be managed by using .adm policy settings. These are referred to as "true policies." In Windows XP SP2 or later, you can manage all Internet Explorer security settings for both computer and user configurations with these new policy settings, making true policies secure and set only by an administrator.
Some of the events in this document include a discussion of how to enable or disable feature using either Group Policy or a registry setting. It's important to understand that there is a precedent in making a setting in one place or another. Internet Explorer looks for a policy setting in the following order:
- HKEY_LOCAL_MACHINE policy hive
- HKEY_CURRENT_USER policy hive
- HKEY_CURRENT_USER preference hive
- HKEY_LOCAL_MACHINE preference hive
The settings are applied as follows:
- Computer policies are applied when the computer starts.
- After computer policies, the user policies are applied when the user logs on.
- If neither computer nor user policy settings have been specified, user preferences are applied.
Generally, user policy settings override computer policy settings. And a particular setting on the local machine (set in the registry) is only applied if the same setting is not set in Group Policy.
For a more complete discussion of this issue, please see Internet Explorer Policy Settings.
- Event 1021 - MIME Handling Restrictions
- Event 1022 - Windows Restrictions
- Event 1023 - Zone Elevation Restrictions
- Event 1024 - Binary Behaviors Restrictions
- Event 1025 - Object Caching Protection
- Event 1026 - ActiveX Blocking
- Event 1027 - Pop-Up Blocking
- Event 1028 - Automatic Download Blocking
- Event 1030 - Local Machine Zone Lockdown (LMZL)
- Event 1031 - Centralized URL Parsing
- Event 1032 - Internationalized Domain Names (IDN) Support
- Event 1033 - Secure Sockets Layer (SSL)
- Event 1034 - Cross-Domain Barrier and Script URL Mitigation
- Event 1035 - Anti-Phishing
- Event 1036 - Manage Add-ons
- Event 1037 - Protected Mode
- Event 1040 - Cascading Style Sheet (CSS Fixes)
- Event 1041 - UIPI Extension Blocked
- Event 1042 - UIPI Cross Process Window Message
- Event 1046 - Cross-Site Scripting Filter
- Event 1047 - Intranet at Medium Integrity Level
- Event 1048 - DEP/NX Crash Recovery
- Event 1049 - Standards Mode
- Event 1056 - File Name Restriction
- Event 1058 - Codepage Sniffing
- Event 1059 - Ajax Navigation
- Event 1061 - Application Protocol
- Event 1062 - Windows Reuse Navigation Restriction
- Event 1063 - MIME Restrictions - Authoritative Content Type Handling
- Event 1064 - MIME Sniffing Restrictions - No Image Elevation to HTML
- Event 1065 - Web Proxy Error Handling Changes
- Event 1073 - Certificate Filtering