Properly Configuring Internet Explorer Zones?

I don't like to let scripts run on my computer unless I trust the site, so I've been trying to configure IE10 to block scripts in the Internet Zone but allow them in the Trusted Zone.

Every website I go to works with default settings, so I go to my zone configuration and disable scripting in the Internet Zone. I then open up gmail.com, which complains about not having javascript. I add it to the Trusted Zone and it works properly, javascript and all. Exactly the kind of functionality I want.

However, I have noticed some problems with scripts on more complex sites. For example, I went to Netflix and despite adding netflix.com to my trusted sites, none of the scripts work. I've checked to make sure it's properly in the Trusted Zone. Re-enabling scripts in the Internet Zone makes netflix work again.

Am I doing something wrong? I would really like this to work out.

 

If I recall correctly zones don't cover subdomains, so if you're browsing to a subdomain of Netflix you'll need to add it to the trusted zone also.

Note: Remember to enable protected mode for the trusted zone!

 

Im not sure, but you might be interested in this?

http://www.funkytoad.com/index.php?option=com_content&view=article&id=15

Woops, on second look, it seems to be good for only up to vista.

 

Hmm, I added the subdomain (movies.netflix.com) and scripts still don't work.

Question: I enabled EPM and now the regular Protected Mode boxes won't check, is that normal?

 

I'm not sure, maybe you need to add the domain the scripts are originating from? Would be a bit rubbish if it was designed that way, but it's a possibility.

I'm not using the release of Windows 8 so I wouldn't know. Are they greyed out?

 

That would be great if it worked on Windows 8. :O

 

I'm starting to think the first part is right, but I hope that's not the case. Otherwise this is really annoying.

They're not greyed out, just unchecked. In the Advanced settings, EPM is checked but these other boxes won't retain the check.

 

Hmm, that didn't seem to work.

For kicks, I decided to set the Internet Zone to Prompt for scripts, instead of just disabling them. Visiting Netflix, I got no less than three prompts to allow scripts. After clicking OK to all of them, the site works fine.

The only problem is... these pop-ups contain zero information about where the scripts are coming from or what domain they're hosted on. It's literally just "Scripts are usually safe. Do you want to allow scripts on this page?"

It looks like Funky's theory was right: Netflix probably calls scripts from a variety of other domains. Unless you know the location of all scripts used on the page, it won't work properly.

 

You can locate the domains by hitting F12, selecting the Network tab, click "Start capturing" and refresh the page.

 

It would seem you have a Zone Settings issue ?
Reset them to defaults: http://support.microsoft.com/kb/923737
Add restricted sites via the *.domain name | wildcard method already suggested.