Event 1025 - Object Caching Protection

Applies To: Windows 7, Windows Vista

In earlier versions of Windows®, some Web pages were able to access objects cached from another Web site. In Windows Internet Explorer® 8, a reference to an object is no longer accessible when the user browses to a new domain. There is a new security context for all scriptable objects so that access to all cached objects is blocked. Additionally, access is blocked when browsing within the same domain (fully qualified domain name). A reference to an object is no longer accessible after the context has changed due to navigation.

A reference to an object is no longer accessible when the user browses to a new domain in Internet Explorer 8, Windows Internet Explorer 7, and Microsoft® Internet Explorer 6 for Windows XP with Service Pack 2 (SP2). There is a security context on all scriptable objects so that access to all cached objects is blocked. Additionally, Internet Explorer blocks access when browsing within the same domain (fully-qualified domain name). A reference to an object is no longer accessible after the context has changed due to navigation.

When Is This Event Logged?

This event is logged when a script attempts to access a cached object.

Note

For more information and examples, see the Event 1025-Object Caching Protection topic from Internet Explorer Application Compatibility.

Remediation

If you receive access denied errors for your Web applications, you must change the scripting code and re-cache the object before accessing it through script. In the following example, the designMode property invalidates the security context when set on a document object.

var d = myFrame.document;d.designMode = "On";d.open();// causes permission denied error

The following example shows how to fix the script.

var d = myFrame.document;d.designMode = "On";d = myFrame.document;// re-establishes pointer to document object d.open();

Object Caching and the Registry

You manage the object caching restrictions through a security feature-control registry key (FEATURE_OBJECT_CACHING). Internet Explorer (Iexplore.exe) and Windows Explorer (Explorer.exe) run under this feature control by default. The following shows the registry keys and enabled processes:

  • HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING\iexplore.exe= 0x00000001

  • HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING\explorer.exe= 0x00000001

  • HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING\process name.exe=0x00000001

Applications that host the WebBrowser control can also take advantage of the security feature control by adding their process to the same registry locations. You can do this programmatically, using the CoInternetSetFeatureEnabled function.

Note

If an application does not run under this security feature control, the WebBrowser control behaves the same as in previous versions of Internet Explorer.

How Can I Work Around This Problem?

You may need to disable the feature entirely. However, moving your Web site to an intranet site is one alternative that makes object caching acceptable. Changing the Web page so it does not rely on object caching is another option. For more information on updating a Web page that experiences a problem with this security feature, see Knowledge Base Article 884697.

For more articles on object caching protection, including any updates made to this feature, see the following English Knowledge Base Articles on object caching.

What Happens If I Disable This Security Feature?

When you cache an object, the object provides access to the contents of a Web page from another domain. This access causes cross-domain security problems.

See Also

Concepts

Known Internet Explorer Security Feature Issues