WinInet Registry Settings

WinInet Registry Settings

8/28/2008

The registry stores information necessary to configure the system for applications and hardware devices. The registry also contains information that the operating system continually references during operation. The following registry settings are the default values.

Note:
The default registry values vary depending on which Catalog items are included in your OS design. For more information, see Default Registry Settings.

Authentication support settings

For authentication support, add a subkey to the registry under the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security key, specifying the authentication scheme, for example, kerberos. A string value, DLLFile, should contain the name of the DLL that supports the authentication scheme. A DWORD value, Flags, should be set with the appropriate value.

The following table shows the possible settings for the Flags value.

Flag value	Description
PLUGIN_AUTH_FLAGS_UNIQUE_CONTEXT_PER_TCPIP (value=0x01)	Each TCP/IP socket contains a different context. Otherwise, a new context is passed for each realm or block URL template.
PLUGIN_AUTH_FLAGS_CAN_HANDLE_UI (value=0x02)	This DLL can handle its own user input.
PLUGIN_AUTH_FLAGS_CAN_HANDLE_NO_PASSWD (value=0x04)	This DLL might be capable of doing an authentication without prompting the user for a password.
PLUGIN_AUTH_FLAGS_NO_REALM (value=0x08)	This DLL does not use a standard HTTP realm string. Any data that appears to be a realm is scheme-specific.
PLUGIN_AUTH_FLAGS_KEEP_ALIVE_NOT_REQUIRED (value=0x10)	This DLL does not require a persistent connection for its challenge-response sequence.

The following settings in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\Kerberos registry subkey enable Kerberos authentication.

Value : type	Description
SecurityName : REG_SZ	"Kerberos Authentication"
DLLFile : REG_SZ	"wininet.dll"
SchemeList : REG_SZ	"Kerberos"
Flags : REG_DWORD	0x00,0x00,0x00,0x00

The following settings in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\Basic registry key enable Basic authentication.

Value : type	Description
SecurityName : REG_SZ	"Basic Authentication"
DLLFile : REG_SZ	"wininet.dll"
SchemeList : REG_SZ	"Basic"
Flags : REG_DWORD	0x00,0x00,0x00,0x00

The following registry settings enable NTLM authentication support in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\NTLM registry key:

Value : type	Description
SecurityName : REG_SZ	"NTLM SSPI Authentication"
DLLFile : REG_SZ	"ntlmssp.dll"
SchemeList : REG_SZ	"NTLM"
Flags : REG_DWORD	0x08,0x00,0x00,0x00

The following registry settings enable NTLM authentication support in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings registry key.

Value : type	Description
EnableNegotiate : REG_DWORD	Default setting is 0, which indicates that NTLM is used without negotiation. Set to 1 to enable Kerberos authentication.
EnableHttp1_1 : REG_DWORD	Default setting is 1.
ProxyHttp1.1 : REG_DWORD	Default setting is 1.
ReplaceableUIModule : REG_SZ	The dynamic link library that contains customized dialog boxes. If this value present, the required setting is "wininetui.dll".

The following registry settings under the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings registry key can be used to configure HTTP username and password.

Value : type

Description

DisableUserPswdForHTTP ; REG_DWORD

Default value is 1 that disables username and password in the URL.

Security Note:
Setting this value to 0 is not recommended because it enables username and password in the URL. This may expose the device to potential security threats.

Cache configuration settings

The following setting in the HKEY_CURRENT_USER\SOFTWARE\Microsoft\windows\CurrentVersion\Internet Settings\ registry key specifies when the browser should check for updated Web pages.

Value : type	Description
SyncMode5 : REG_DWORD	Default value is 00000004, which instructs the browser to automatically check for updated Web pages. Other valid values are: 0: Never check for updates (always use cached page). 2: Check for updates once per session. 3: Always check for updates.

Value : type

Description

SyncMode5 : REG_DWORD

Default value is 00000004, which instructs the browser to automatically check for updated Web pages. Other valid values are:

0: Never check for updates (always use cached page). 2: Check for updates once per session. 3: Always check for updates.

Cache path settings

The following settings in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders registry key define cache paths.

Note:
On a per-user cache system, the UserName (value of HKEY_LOCAL_MACHINE\Ident key) is part of the cache path.

Value : type	Description
Cache : REG_SZ	The default path is \\Windows\\Profiles\\guest\\Temporary Internet Files.
Cookies : REG_SZ	The default path is \\Windows\\Profiles\\guest\\Cookies.
History : REG_SZ	The default path is \\Windows\\Profiles\\guest\\History.

Note:
For Windows Mobile: When Internet Explorer Mobile starts to run it will assume that the cache folder is a system folder and make it hidden.

Cache size limit settings

The following settings in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache registry key and subkeys specify initial cache limits, in kilobytes.

[Subkey\]Value : type	Description
Signature : REG_SZ	"Client UrlCache MMF Ver 4.7"
QuotaAdjustCheck : REG_DWORD	Default setting is 00000001, which represents the minimum cache size of 256 KB. If this entry is not in the registry, the initial cache limit is 8192 KB.
Content\CachePrefix : REG_SZ	"Content:"
Content\CacheLimit : REG_DWORD	Default setting is 00000200, which represents a cache size of 512 KB.
Cookies\CachePrefix : REG_SZ	"Cookie:"
Cookies\CacheLimit : REG_DWORD	Default setting is 00000100, which represents a cache size of 256 KB.
History\CachePrefix : REG_SZ	"Visited:"
History\CacheLimit : REG_DWORD	Default setting is 00000100, which represents a cache size of 256 KB.

Internet Protocol Settings

The following settings in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes registry specify default Internet protocols to use when the user has not specified one.

Value : type	Description
ftp : REG_SZ	"ftp://"
home : REG_SZ	"http://"
www : REG_SZ	"http://"

Network settings

The following setting in the HKEY_CURRENT_USER\SOFTWARE\Microsoft\windows\CurrentVersion\Internet Settings\ registry key specifies how the browser should connect to the Internet.

Value : type	Description
EnableAutodial : REG_DWORD	Set to 0 to connect to the Internet over a LAN by default.
ReceiveTimeOut : DWORD	The default value is 60 minutes. Represents the wait time to receive responses from a server.
KeepAliveTimeout : DWORD	The default value is 1 minute. This registry key can be used to change the connection KeepAliveTimeout.

Value : type

Description

EnableAutodial : REG_DWORD

Set to 0 to connect to the Internet over a LAN by default.

ReceiveTimeOut : DWORD

The default value is 60 minutes.

Represents the wait time to receive responses from a server.

KeepAliveTimeout : DWORD

The default value is 1 minute.

This registry key can be used to change the connection KeepAliveTimeout.

Privacy Settings

Privacy settings are stored according to the security zone and are located under the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\<Zone ID> key. The <Zone ID> key is the security zone identifier — 1, 2, 3, or 4 — that represents Local intranet, Trusted sites, Internet, and Restricted sites, respectively. Privacy templates for the Internet zone correspond to the Medium privacy level and privacy templates for the Restricted sites zone correspond to Block All Cookies level. Templates for Local intranet and Trusted sites zones are not specified. The following setting in the <Zone ID> key specifies the use of P3P policy.

Value : type	Description
1A10 : REG_DWORD	Determines how P3P policy evaluation is performed. It can be set to one of the following values: 0 (URLPOLICY_ALLOW) - Accepts all cookies. Default value for Local intranet and Trusted sites. 1 (URLPOLICY_QUERY) - Cookie action is determined by evaluating the P3P policy against the restrictions imposed by the corresponding privacy template. Default value for the Internet zone. 3 (URLPOLICY_DISALLOW) - Rejects all cookies. Default value for the Restricted zone. If this value is not set, then cookies are rejected.

Value : type

Description

1A10 : REG_DWORD

Determines how P3P policy evaluation is performed. It can be set to one of the following values:

0 (URLPOLICY_ALLOW) - Accepts all cookies. Default value for Local intranet and Trusted sites.
1 (URLPOLICY_QUERY) - Cookie action is determined by evaluating the P3P policy against the restrictions imposed by the corresponding privacy template. Default value for the Internet zone.
3 (URLPOLICY_DISALLOW) - Rejects all cookies. Default value for the Restricted zone.

If this value is not set, then cookies are rejected.

A binary representation of a privacy template for first-party cookies is stored as a value of {AEBA21FA-782A-4A90-978D-B72164C80120}. For third-party cookies, it is stored as a value of {A8A88C49-5EB2-4990-A1A2-0876022C854F}. If a security zone does not have privacy template data in the registry or the registry data cannot be converted to a properly formatted privacy template then the default behavior for this zone is to accept and send all cookies.

For more information about P3P, see Platform for Privacy Preferences (P3P).

Advanced and Custom Privacy Templates

Advanced privacy templates are stored under the HKEY_CURRENT_USER\SOFTWARE\Microsoft\windows\CurrentVersion\Internet Settings key. The following value in the Internet Settings key determines if an advanced or a custom template is used.

Value : type	Description
PrivacyAdvanced: REG_DWORD	Determines whether advanced or custom settings are applied in the Advanced Privacy Settings dialog box. It can be set to one of the following values: 0 - Advanced or custom settings are not applied. 1 - Advanced or custom settings are applied.

Value : type

Description

PrivacyAdvanced: REG_DWORD

Determines whether advanced or custom settings are applied in the Advanced Privacy Settings dialog box. It can be set to one of the following values:

0 - Advanced or custom settings are not applied.
1 - Advanced or custom settings are applied.

Per Site Cookie Handling

To handle site-by-site cookies, per-domain cookie decisions are stored under the HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\<domain> key. The domains are added to the registry by WinInet when the user adds sites by using the Per Site Privacy Actions dialog box.

The default value of the <domain> key stores the decision value. The following table shows the possible values.

Value	Description
REG_DWORD: 1 (COOKIE_STATE_ACCEPT)	Accept all cookies from this site.
REG_DWORD: 5 (COOKIE_STATE_REJECT)	Reject all cookies from this site.

Note:
The site settings can be modified by using the Internet Options in the control panel or by using the Privacy Functions.

Proxy settings

The following setting in the HKEY_CURRENT_USER\SOFTWARE\Microsoft\windows\CurrentVersion\Internet Settings\Connections registry key specifies the proxy settings.

Value : type	Description
DefaultConnectionSettings: REG_BINARY	Use the proxy settings for your network.

To set and retrieve proxy settings in the registry, use the InternetSetOption and InternetQueryOption WinInet functions, respectively. The following list shows the parameter values to pass:

hInternet, pass NULL to set the proxy settings for all sessions. This writes to the registry.
dwOption, set to INTERNET_OPTION_PROXY.
lpBuffer, point to the structure of type INTERNET_PROXY_INFO. This is defined in wininet.h.
dwBufferLength, set to the size of INTERNET_PROXY_INFO.

InternetQueryOption retrieves proxy setting in lpBuffer.

User Agent settings

The following settings in the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings key and subkeys specify information about the Internet client.

Value	Description
\5.0\User Agent\Version : REG_SZ	"MSIE 5.5"
\5.0\User Agent\Template : REG_SZ	The default setting is “Default (Windows CE).” It can also be set to “Same as Windows XP” or “Same as Pocket PC.”
\5.0\User Agent\Pre Platform	Enter additional information about your OS design in this subkey.
\5.0\User Agent\Post Platform	Enter additional information about the Internet client, such as browser screen size, in this subkey.
Platform : REG_SZ	"Windows Embedded CE"
UA-Language : REG_SZ	"JavaScript"
MinorVersion : REG_SZ	"CE.NET"

WinInet Debug Engine Settings

The following settings in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Debug key specify debug controls for the WinInet debug engine.

Value	Description
WininetError : REG_SZ	Corresponds to the Err option that specifies the error control flags.
WininetControl : REG_SZ	Corresponds to the Ctl option that controls the debug output.
WininetCategory : REG_SZ	Corresponds to the Cat option that specifies the debug categories.
WininetBreak : REG_SZ	Corresponds to the Break option that breaks into the debugger.
WininetLogIndent : REG_SZ	Corresponds to the Indent option that sets the indent for the debug output.
WininetLogFile : REG_SZ	Corresponds to the File option that specifies the name of the file to which the debug output is redirected.
WininetDebugging : REG_SZ	Determines whether the WinInet debug engine is active. "1" - Enables the debug engine. "0" - Disables the debug engine. All of the debug control options are ignored.

For information about setting the control options from the shell window on your target device, see Using the WinInet Debug Engine.

Other Resources

Windows Internet Services (WinInet)