I get this message when I am trying to access a web service from Jquery located in SAME the URL (but different directory).

I know it is IE security setting. The question is, how do I suppress it...surely, people don't put web services in the same web site, same directory....

In case this is helpful for someone running Visual Studio 2013. I had upgraded my Visual Studio from 2010 to 2013 and then started seeing the seurity warning.

Using Fiddler I found that VS 2013 kept sending arterySignalR requests.

I turned this off by setting the following in the web.config under appSettings

<add key="vs:EnableBrowserLink" value="false" />

which caused the security warning to go away.

I know this is caused because of 'Cross-domain data access' which I have enabled by

jQuery.support.cors = true;

In my Ajax call I had to specify jsonp as my data type to fix the issue.

$.ajax({                    
           url: "xxx",                    
           dataType: "jsonp",
           ...
       });

Faced this today and resolved it by changing IE setting and updated the release notes for my application(in case someone needs that)

Goto Internet Option -> Security -> Internet -> Custom Level -> Miscellaneous(navigate to this section) -> Access Data sources across domains -> Set this to Enable

That is a significant security risk that should never be set to enable – there is a large class of attacks online that rely on that being set to Enable; leaving it at prompt reduces the availability of that attack vector…

I faced this problem in my HTA (on win 7), and got it fixed by un checking the options below:

IE (8) -> Tools -> Internet Options -> Advanced

Under the title Security:

Warn about certificate address mismatch
Warn if changing between secure and not secure mode

After doing this, my HTA didn't ask me again with the popup..