The Security Zone Policy
By default, whether a document is opened by an
arbortext-editor or
arbortext-editor-embed protocol link is determined by the Microsoft
URL security zone policy. When a link using the protocol is invoked from a web browser,
Arbortext Editor first determines the zone of the encoded resource path. The link is then allowed or denied according to this policy:
• Local Machine zone — allow
• Local Intranet zone — allow
• CMS zone — allow
This a new zone not in the default Microsoft URL security zones. If Arbortext Editor determines that the encoded path is the Logical ID for an object stored in a content management system, then it is considered to be in the CMS zone. Refer to the Content Management Guide for more information about Logical IDs.
• Trusted Sites zone — allow
• Internet zone — deny
• Restricted Sites zone — deny
If the link is denied, then a message is displayed saying that the request has been denied for security purposes. The use of URL security zones is controlled by the webzonepolicy preference.