I found a solution! This behavior only happens with XMLHTTP40. If I instead 
create a new XMLHTTP, XMLHTTP26, XMLHTTP30, XMLHTTP50, or XMLHTTP60 object, 
it never prompts (regardless of whether I use SSL or not).

FYI: ServerXMLHTTP40 had the same behavior as XMLHTTP40.


"Tim Greenfield" <timg@n...> wrote in message 
news:O3zMpGsaFHA.3132@T......
>>> Did the user add the url to trusted sites, as well as having it not 
>>> prompt for that zone?
>
> No, all you have to do is enable the "Submit nonencrypted form data" 
> setting for that "Internet zone" and the dialog goes away. However, I'm 
> sure if the user did put the site into their "Trusted sites zone", this 
> would also fix it because the "Submit nonencrypted form data" setting is 
> enabled by default for this zone.
>
> Nevertheless, I don't want the user to have to change their security 
> settings in order to get rid of the dialog. Any idea why using SSL by 
> changing my URL to https won't make the dialog go away?
>
> I can try ServerXmlHttp but I actually switched from it to XMLHTTP a while 
> back because of another problem. I'll have to revisit the history of that 
> problem to see if it still applies.
>
> -- Tim
>
> "Joe Fawcett" <joefawcett@n...> wrote in message 
> news:%236GT3cOaFHA.1152@t......
>> "Tim Greenfield" <timg@n...> wrote in message 
>> news:%23LzBm$GaFHA.2884@t......
>>> If on a machine with the IE security setting "Submit nonencrypted form 
>>> data" set to prompt, when I run the following code...
>>>
>>> Dim HTTPObj As New XMLHTTP40
>>> HTTPObj.open "POST", "http://www.something.com/test.asp", False
>>> HTTPObj.setRequestHeader "Content-Type", 
>>> "application/x-www-form-urlencoded"
>>> HTTPObj.send "MyData=" & SomeBigString
>>>
>>> The user is prompted: "When you send information to the Internet, it 
>>> might be possible for others to see that information. Do you want to 
>>> continue?"
>>>
>>> If they say no, I get an "Access is denied" error on my call to .send()
>>>
>>> Unfortunately, I need to call this code over and over again so I don't 
>>> want to ask the user everytime. In fact, I've already got user approval 
>>> to be sending this data in my own dialog. So, the question is: how do I 
>>> supress this dialog?
>>>
>>> Changing the method to "GET", dropping the request header, and including 
>>> the data in the querystring gets rid of the prompt but gives me a 
>>> different error because it's trying to send too much data.
>>>
>>> I've also tried changing my URL to a valid HTTPS site hoping that this 
>>> would render the prompt unneccessary (since the data would then be 
>>> encrypted when sent). Unfortunately, that had no affect.
>>>
>>> I could also find the registry key for this setting, back it up, alter 
>>> it as if the user chose to enable sending unencrypted data over the web, 
>>> send my data and restore the registry key. I was hoping for a cleaner 
>>> solution than temporarily messing with the user's settings.
>>>
>>> Any other suggestions or ideas!?
>>>
>> Did the user add the url to trusted sites, as well as having it not 
>> prompt for that zone?
>> Alternatively try using ServerXmlHttp component.
>>
>> -- 
>>
>> Joe (MVP - XML)
>>
>> https://mvp.support.microsoft.com/profile=8AA9D5F5-E1C2-44C7-BCE8-8741D22D17A5
>>
>
>