>> Did the user add the url to trusted sites, as well as having it not 
>> prompt for that zone?

No, all you have to do is enable the "Submit nonencrypted form data" setting 
for that "Internet zone" and the dialog goes away. However, I'm sure if the 
user did put the site into their "Trusted sites zone", this would also fix 
it because the "Submit nonencrypted form data" setting is enabled by default 
for this zone.

Nevertheless, I don't want the user to have to change their security 
settings in order to get rid of the dialog. Any idea why using SSL by 
changing my URL to https won't make the dialog go away?

I can try ServerXmlHttp but I actually switched from it to XMLHTTP a while 
back because of another problem. I'll have to revisit the history of that 
problem to see if it still applies.

-- Tim

"Joe Fawcett" <joefawcett@n...> wrote in message 
news:%236GT3cOaFHA.1152@t......
> "Tim Greenfield" <timg@n...> wrote in message 
> news:%23LzBm$GaFHA.2884@t......
>> If on a machine with the IE security setting "Submit nonencrypted form 
>> data" set to prompt, when I run the following code...
>>
>> Dim HTTPObj As New XMLHTTP40
>> HTTPObj.open "POST", "http://www.something.com/test.asp", False
>> HTTPObj.setRequestHeader "Content-Type", 
>> "application/x-www-form-urlencoded"
>> HTTPObj.send "MyData=" & SomeBigString
>>
>> The user is prompted: "When you send information to the Internet, it 
>> might be possible for others to see that information. Do you want to 
>> continue?"
>>
>> If they say no, I get an "Access is denied" error on my call to .send()
>>
>> Unfortunately, I need to call this code over and over again so I don't 
>> want to ask the user everytime. In fact, I've already got user approval 
>> to be sending this data in my own dialog. So, the question is: how do I 
>> supress this dialog?
>>
>> Changing the method to "GET", dropping the request header, and including 
>> the data in the querystring gets rid of the prompt but gives me a 
>> different error because it's trying to send too much data.
>>
>> I've also tried changing my URL to a valid HTTPS site hoping that this 
>> would render the prompt unneccessary (since the data would then be 
>> encrypted when sent). Unfortunately, that had no affect.
>>
>> I could also find the registry key for this setting, back it up, alter it 
>> as if the user chose to enable sending unencrypted data over the web, 
>> send my data and restore the registry key. I was hoping for a cleaner 
>> solution than temporarily messing with the user's settings.
>>
>> Any other suggestions or ideas!?
>>
> Did the user add the url to trusted sites, as well as having it not prompt 
> for that zone?
> Alternatively try using ServerXmlHttp component.
>
> -- 
>
> Joe (MVP - XML)
>
> https://mvp.support.microsoft.com/profile=8AA9D5F5-E1C2-44C7-BCE8-8741D22D17A5
>