FlashCanon Flash Platform stuff from Jason Fincanon


Mark of the Web

A funny thing that I find about this line of work is when I learn about things that have been there all along but went unnoticed. Whether it's an entire section of a framework that you just never had an opportunity to utilize or a single line of code that does a little bit more than you thought. The latter is the subject of this quick post (which I started to write back in March but forgot to finish). The line of code in question here is very simple and it even has a name: "Mark of the Web".

So what is the Mark of the Web? Well, as Microsoft puts it:

The MOTW is a comment added to the HTML markup for a Web page. When a user opens the Web page from their local machine, Internet Explorer references this comment to determine the security zone in which it should run the page.

Here is the line as I most easily recognize it (although it can be modified in several different ways):

  1. <!-- saved from url=(0014)about:internet -->

So why am I writing about it? Because I removed it from the HTML of a project I was working on. After I removed it, I started getting security errors when I tested my project locally in IE. It took me a while to find out what was going on and I hope that maybe this post will help others find it more quickly. So anyway, there it is. The Mark of the Web. I hope this post saves someone a little time tracking down their local security errors in IE.