We were testing one of our business applications and the login process to the application requires a script to be downloaded, which triggers a query rule in General Application Permissions because it is an "Application processing untrusted content, reading MS Script Runtime (providing scripts access to the file system)".
I tried the Event Wizard to create an exception rule, but all that suggests is to allow IEXPLORE.EXE to read scrrun.dll. I don't think this would be secure, because it gives IE basically carte blanche to run scripts. I could make it more secure by making it limited to users in my network, but let's look at that later.
My question is can CSA interpret web addresses? I'd like to somehow say, "Don't apply this rule when the website IE is accessing is <website>", but I haven't yet found a place where CSA looks at this.