Customizer's Guide > Working with ActiveX Controls > Integrating Arbortext Editor with Web Pages > The Security Zone Policy
  
The Security Zone Policy
By default, whether a document is opened by an arbortext-editor or arbortext-editor-embed protocol link is determined by the Microsoft URL security zone policy. When a link using the protocol is invoked from a web browser, Arbortext Editor first determines the zone of the encoded resource path. The link is then allowed or denied according to this policy:
Local Machine zone — allow
Local Intranet zone — allow
CMS zone — allow
This a new zone not in the default Microsoft URL security zones. If Arbortext Editor determines that the encoded path is the Logical ID for an object stored in a content management system, then it is considered to be in the CMS zone. Refer to the Content Management Guide for more information about Logical IDs.
Trusted Sites zone — allow
Internet zone — deny
Restricted Sites zone — deny
If the link is denied, then a message is displayed saying that the request has been denied for security purposes. The use of URL security zones is controlled by the webzonepolicy preference.