WinInet Registry Settings
A version of this page is also available for
4/8/2010
The registry stores information necessary to configure the system for applications and hardware devices. The registry also contains information that the operating system continually references during operation. The following registry settings are the default values.
Authentication support settings
For authentication support, add a subkey to the registry under the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security key, specifying the authentication scheme, for example, kerberos. A string value, DLLFile, should contain the name of the DLL that supports the authentication scheme. A DWORD value, Flags, should be set with the appropriate value.
The following table shows the possible settings for the Flags value.
| Flag value | Description |
|---|---|
PLUGIN_AUTH_FLAGS_UNIQUE_CONTEXT_PER_TCPIP (value=0x01) |
Each TCP/IP socket contains a different context. Otherwise, a new context is passed for each realm or block URL template. |
PLUGIN_AUTH_FLAGS_CAN_HANDLE_UI (value=0x02) |
This DLL can handle its own user input. |
PLUGIN_AUTH_FLAGS_CAN_HANDLE_NO_PASSWD (value=0x04) |
This DLL might be capable of doing an authentication without prompting the user for a password. |
PLUGIN_AUTH_FLAGS_NO_REALM (value=0x08) |
This DLL does not use a standard HTTP realm string. Any data that appears to be a realm is scheme-specific. |
PLUGIN_AUTH_FLAGS_KEEP_ALIVE_NOT_REQUIRED (value=0x10) |
This DLL does not require a persistent connection for its challenge-response sequence. |
The following settings in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\Kerberos registry subkey enable Kerberos authentication.
| Value : type | Description |
|---|---|
SecurityName : REG_SZ |
"Kerberos Authentication" |
DLLFile : REG_SZ |
"wininet.dll" |
SchemeList : REG_SZ |
"Kerberos" |
Flags : REG_DWORD |
0x00,0x00,0x00,0x00 |
The following settings in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\Basic registry key enable Basic authentication.
| Value : type | Description |
|---|---|
SecurityName : REG_SZ |
"Basic Authentication" |
DLLFile : REG_SZ |
"wininet.dll" |
SchemeList : REG_SZ |
"Basic" |
Flags : REG_DWORD |
0x00,0x00,0x00,0x00 |
The following registry settings enable NTLM authentication support in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\NTLM registry key:
| Value : type | Description |
|---|---|
SecurityName : REG_SZ |
"NTLM SSPI Authentication" |
DLLFile : REG_SZ |
"ntlmssp.dll" |
SchemeList : REG_SZ |
"NTLM" |
Flags : REG_DWORD |
0x08,0x00,0x00,0x00 |
The following registry settings enable NTLM authentication support in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings registry key.
| Value : type | Description |
|---|---|
EnableNegotiate : REG_DWORD |
Default setting is 0, which indicates that NTLM is used without negotiation. Set to 1 to enable Kerberos authentication. |
EnableHttp1_1 : REG_DWORD |
Default setting is 1. |
ProxyHttp1.1 : REG_DWORD |
Default setting is 1. |
ReplaceableUIModule : REG_SZ |
The dynamic link library that contains customized dialog boxes. If this value present, the required setting is "wininetui.dll". |
The following registry settings under the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings registry key can be used to configure HTTP username and password.
| Value : type | Description |
|---|---|
DisableUserPswdForHTTP ; REG_DWORD |
Default value is 1 that disables username and password in the URL. .gif "Aa918417.security(en-us,MSDN.10).gif") Security Note:
Setting this value to 0 is not recommended because it enables username and password in the URL. This may expose the device to potential security threats.
|
Cache configuration settings
The following setting in the HKEY_CURRENT_USER\SOFTWARE\Microsoft\windows\CurrentVersion\Internet Settings\ registry key specifies when the browser should check for updated Web pages.
| Value : type | Description |
|---|---|
SyncMode5 : REG_DWORD |
Default value is 00000004, which instructs the browser to automatically check for updated Web pages. Other valid values are: 0: Never check for updates (always use cached page). 2: Check for updates once per session. 3: Always check for updates. |
Cache path settings
The following settings in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders registry key define cache paths.
Note
On a per-user cache system, the UserName (value of HKEY_LOCAL_MACHINE\Ident key) is part of the cache path.
| Value : type | Description |
|---|---|
Cache : REG_SZ |
The default path is \\Windows\\Profiles\\guest\\Temporary Internet Files. |
Cookies : REG_SZ |
The default path is \\Windows\\Profiles\\guest\\Cookies. |
History : REG_SZ |
The default path is \\Windows\\Profiles\\guest\\History. |
Note
When Internet Explorer Mobile starts to run it will assume that the cache folder is a system folder and make it hidden.
Cache size limit settings
The following settings in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache registry key and subkeys specify initial cache limits, in kilobytes.
| [Subkey\]Value : type | Description |
|---|---|
Signature : REG_SZ |
"Client UrlCache MMF Ver 4.7" |
QuotaAdjustCheck : REG_DWORD |
Default setting is 00000001, which represents the minimum cache size of 256 KB. If this entry is not in the registry, the initial cache limit is 8192 KB. |
Content\CachePrefix : REG_SZ |
"Content:" |
Content\CacheLimit : REG_DWORD |
Default setting is 00000200, which represents a cache size of 512 KB. |
Cookies\CachePrefix : REG_SZ |
"Cookie:" |
Cookies\CacheLimit : REG_DWORD |
Default setting is 00000100, which represents a cache size of 256 KB. |
History\CachePrefix : REG_SZ |
"Visited:" |
History\CacheLimit : REG_DWORD |
Default setting is 00000100, which represents a cache size of 256 KB. |
Internet Protocol Settings
The following settings in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes registry specify default Internet protocols to use when the user has not specified one.
| Value : type | Description |
|---|---|
ftp : REG_SZ |
"ftp://" |
home : REG_SZ |
"https://" |
www : REG_SZ |
"https://" |
Network settings
The following setting in the HKEY_CURRENT_USER\SOFTWARE\Microsoft\windows\CurrentVersion\Internet Settings\ registry key specifies how the browser should connect to the Internet.
| Value : type | Description |
|---|---|
EnableAutodial : REG_DWORD |
Set to 0 to connect to the Internet over a LAN by default. |
ReceiveTimeOut : DWORD |
The default value is 60 minutes. Represents the wait time to receive responses from a server. |
KeepAliveTimeout : DWORD |
The default value is 1 minute. This registry key can be used to change the connection KeepAliveTimeout. |
Privacy Settings
Privacy settings are stored according to the security zone and are located under the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\<Zone ID> key. The <Zone ID> key is the security zone identifier — 1, 2, 3, or 4 — that represents Local intranet, Trusted sites, Internet, and Restricted sites, respectively. Privacy templates for the Internet zone correspond to the Medium privacy level and privacy templates for the Restricted sites zone correspond to Block All Cookies level. Templates for Local intranet and Trusted sites zones are not specified. The following setting in the <Zone ID> key specifies the use of P3P policy.
| Value : type | Description |
|---|---|
1A10 : REG_DWORD |
Determines how P3P policy evaluation is performed. It can be set to one of the following values:
If this value is not set, then cookies are rejected. |
A binary representation of a privacy template for first-party cookies is stored as a value of {AEBA21FA-782A-4A90-978D-B72164C80120}. For third-party cookies, it is stored as a value of {A8A88C49-5EB2-4990-A1A2-0876022C854F}. If a security zone does not have privacy template data in the registry or the registry data cannot be converted to a properly formatted privacy template then the default behavior for this zone is to accept and send all cookies.
For more information about P3P, see Platform for Privacy Preferences (P3P).
Advanced and Custom Privacy Templates
Advanced privacy templates are stored under the HKEY_CURRENT_USER\SOFTWARE\Microsoft\windows\CurrentVersion\Internet Settings key. The following value in the Internet Settings key determines if an advanced or a custom template is used.
| Value : type | Description |
|---|---|
PrivacyAdvanced: REG_DWORD |
Determines whether advanced or custom settings are applied in the Advanced Privacy Settings dialog box. It can be set to one of the following values:
|
Per Site Cookie Handling
To handle site-by-site cookies, per-domain cookie decisions are stored under the HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\<domain> key. The domains are added to the registry by WinInet when the user adds sites by using the Per Site Privacy Actions dialog box.
The default value of the <domain> key stores the decision value. The following table shows the possible values.
| Value | Description |
|---|---|
REG_DWORD: 1 (COOKIE_STATE_ACCEPT) |
Accept all cookies from this site. |
REG_DWORD: 5 (COOKIE_STATE_REJECT) |
Reject all cookies from this site. |
Note
The site settings can be modified by using the Internet Options in the control panel or by using the Privacy Functions.
Proxy settings
The following setting in the HKEY_CURRENT_USER\SOFTWARE\Microsoft\windows\CurrentVersion\Internet Settings\Connections registry key specifies the proxy settings.
| Value : type | Description |
|---|---|
DefaultConnectionSettings: REG_BINARY |
Use the proxy settings for your network. |
To set and retrieve proxy settings in the registry, use the InternetSetOption and InternetQueryOption WinInet functions, respectively. The following list shows the parameter values to pass:
- hInternet, pass NULL to set the proxy settings for all sessions. This writes to the registry.
- dwOption, set to INTERNET_OPTION_PROXY.
- lpBuffer, point to the structure of type INTERNET_PROXY_INFO. This is defined in wininet.h.
- dwBufferLength, set to the size of INTERNET_PROXY_INFO.
InternetQueryOption retrieves proxy setting in lpBuffer.
User Agent settings
The following settings in the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings key and subkeys specify information about the Internet client.
| Value | Description |
|---|---|
\5.0\User Agent\Version : REG_SZ |
"MSIE 5.5" |
\5.0\User Agent\Template : REG_SZ |
The default setting is “Default (Windows CE).” It can also be set to “Same as Windows XP” or “Same as Pocket PC.” |
\5.0\User Agent\Pre Platform |
Enter additional information about your OS design in this subkey. |
\5.0\User Agent\Post Platform |
Enter additional information about the Internet client, such as browser screen size, in this subkey. |
Platform : REG_SZ |
"Windows Embedded CE" |
UA-Language : REG_SZ |
"JavaScript" |
MinorVersion : REG_SZ |
"CE.NET" |
WinInet Debug Engine Settings
The following settings in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Debug key specify debug controls for the WinInet debug engine.
| Value | Description |
|---|---|
WininetError : REG_SZ |
Corresponds to the Err option that specifies the error control flags. |
WininetControl : REG_SZ |
Corresponds to the Ctl option that controls the debug output. |
WininetCategory : REG_SZ |
Corresponds to the Cat option that specifies the debug categories. |
WininetBreak : REG_SZ |
Corresponds to the Break option that breaks into the debugger. |
WininetLogIndent : REG_SZ |
Corresponds to the Indent option that sets the indent for the debug output. |
WininetLogFile : REG_SZ |
Corresponds to the File option that specifies the name of the file to which the debug output is redirected. |
WininetDebugging : REG_SZ |
Determines whether the WinInet debug engine is active.
|