So, I use Chrome, there I said it. They say that admitting you have a problem is the first step to solving it. Anyway when I’m browsing the web using what is, in general, a pretty good browser I’ll every so often see this:
As an anonymous user I don’t want to, nor should I ever see this.
So, what’s happening here?
SharePoint really has its roots as an internal collaboration tool and one of the really great things it does in this space is show presence indicators for other users. Now, those online presence indicators and the contact cards they spawn which let you initiate an IM or Lync call, they use an ActiveX control for this whiz-bang functionality.
Luckily there is an simple way of disabling this functionality. For 2010 and 2013 you can disable the presence indicators on a per-web application basis:
But the downside here is pretty obvious, it’s for the whole web app, and if you’re using Host Named Site Collections that’s going to hit a few more sites than the public facing one you’re trying to prevent that ugly prompt on.
Now, you’ll note the SPSecurityTrimmedControl in there, that is to ensure that fragment is only ever present in the HTML for anonymous users. So authenticated users can see presence indicators and easily chat with colleagues working on the site too.
Those comment tags?
Well the SPSecurityTrimmedControl emits either a <span> or a <div> tag which is a no-no in the <head> of your HTML, the comment tags there just stop the browser interpreting the erroneous tags and deciding that the <head> should stop there.