Wednesday, September 29, 2010

Blocked and Encrypted Javascript Files and IIS Windows Authentication

lockout tagout I ran into an interesting issue with an application using a couple of javascript files I downloaded from the internet to modify and use in a web application for drop-down navigation. As long as I was accessing them using http://localhost, the javascript cascading menu functionality worked fine.

Windows Authentication

As soon as I started testing using http://machinename instead of localhost, I was prompted for my PC’s username and password. No problem, I realized I hadn’t disabled Windows Authentication in IIS 7 (since I was using Anonymous Authentication). When I disabled Windows Auth, the javascript didn’t work any more – even from running on the same physical PC. I turned Windows Auth back on and the javascript worked again.


I figured there was probably some kind of trust issue, so I looked at the javascript filenames in Windows Explorer and found the names were colored green. I right clicked the properties and realized they were flagged as “Blocked” because they were downloaded in a zip file from the internet. I’ve run across that before so I clicked the “Unblock” button.


The files were still colored green and the javascript still didn’t work. I found that if I right clicked the filename, clicked on properties and “advanced”, the files were also encrypted. I unchecked the “Encrypt contents to secure data” checkbox and the javascript started working.

Problem solved.

photo credit: OhlieVher A. Arango / CC BY-ND 2.0

No comments: