Information
This policy setting allows you to manage whether Internet Explorer can access data from
another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects
(ADO). The recommended state for this setting is- Enabled-Disable.
*Rationale*
The ability to access data across domains could cause the user to unknowingly access
content hosted on an unauthorized server.
Solution
To establish the recommended configuration via Group Policy, set the following UI path to
Enabled.
Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Internet Control Panel\Security Page\Restricted Sites Zone\Access data
sources across domainsThen set the Access data sources across domains option to Disable.
Impact-If you enable this policy setting, users can load a page in the zone that uses MSXML or ADO
to access data from another site in the zone. If you select Prompt in the drop-down box,
users are queried to choose whether to allow a page to be loaded in the zone that uses
MSXML or ADO to access data from another site in the zone. If you disable this policy
setting, users cannot load a page in the zone that uses MSXML or ADO to access data from
another site in the zone. If you do not configure this policy setting, users cannot load a page
in the zone that uses MSXML or ADO to access data from another site in the zone.
Default Value-Disabled