Skip to main content
Simon Bate
December 22, 2010
DITA

Conquering the Mark of the Web (DITA OT version)

Whew! Now I know how St. George felt after slaying the dragon. I’ve defeated the Mark of the Web beast and have lived to tell about it. Gather ’round my friends and listen to my tale…

So, what is “the Mark of the Web?” A few years back, Microsoft decided that it was dangerous for web pages with active content (read “JavaScript”) to run directly from your machine’s local storage. To make Internet Explorer “safer,” our pals in Redmond added a dialog that asks for permission before executing the active content and continuing. You’ve all seen it…

To help protect your security, Internet Explorer has restricted this webpage from running scripts or ActiveX controls that could access your computer. Click here for options...

When you click in the bar at the top of the page, you get a dialog box that asks (again!) for your permission. Of course, in implementing this, Microsoft broke almost all HTML-based Help systems that run directly from local storage. To overcome this annoyance, Microsoft then implemented the Mark of the Web or MOTW, a short string that lives in the <head> portion of an HTML file. When MOTW is present in an HTML file, IE doesn’t ask for permissions when running it from local storage.

The form of MOTW that I used is:

<!-- saved from url=(0014)about:internet -->

The string can indicate a domain (such as https://scriptorium.com) so that IE can determine which security zone to use. But if you don’t know the domain that will be used, you can use one of two generic URLs (as in my example). For details about the form of MOTW, start with the page on the MSDN site.

If I had been doing regular HTML and JavaScript development, adding MOTW would have been a piece of cake. But, as is often the case, I was generating web-based Help files from DITA sources using the DITA Open Toolkit. The files created by the DITA OT use UNIX-style line end characters (the linefeed or LF); the DOS standard is to use both carriage-return and linefeed to mark the end of lines (sometimes called “CR LF” or “CRLF”).

The MSDN site says “The line must end in CR LF. Some HTML editors only insert a LF.” So helpful. As it turns out, it’s not just the line containing MOTW, the WHOLE FILE must use CR LFs for its line end characters (thanks to Felix Turner’s comment on the MSDN site). Testing this was made much easier with the free PSPad editor, which allows me to update files with different line end characters with a simple command.

One more thing, you may need to add MOTW to many HTML files. If you’re working with an HTML frameset, the file containing the frameset and all other HTML files that will be used in the frameset must contain MOTW.

Once I had inserted MOTW from my XSL stylesheets and figured out the CRLF mystery, I found I could use Ant’s FixCRLF task to replace all line-end characters automatically. I just dropped this into the clean-up target in my Ant project file:

<fixcrlf srcDir="${output.dir}"

               includes="**/*.html"

               eol="crlf" />

And it all works! Yay.

All that work for one beastly browser.

About the author

Simon Bate

Involved in TechComm all my working life (since the time of vacuum tubes, core memory, punch cards, and bone implements). I've worked as a writer, a manager, and—for the past score of years—building software tools for TechComm. My motto is "Let the computer do the work." Outside of work, I balance the calories I create and consume in the kitchen with weight-training sessions at the gym. I also sing Tenor in various choirs and choruses.

Tags:

3 comments on “Conquering the Mark of the Web (DITA OT version)”

  1. Reply
  2. Reply
  3. Reply
    Simon Bate

    Hi Scarfmedia,

    Glad to hear of your success with the mark of the web.

    Your XML might have been swallowed by our comments tool. Using {} instead of angle brackets, can you repeat your “Using…worked for me…”?

    Just curious,
    Simon

Leave a reply

Your email address will not be published. Required fields are marked *