Why do words beginning with "home" get treated as URLs?

Vitaly from the Suggestion Box asked (with grammatical editing),

Could you explain why Windows starts the web browser if the file name passed to ShellExecute starts with "home".

First thing to note is that this URL-ization happens only after the ShellExecuteEx function has tried all the other possible interpretations. If a file named "homestar" is found in the current directory or on the PATH or in the App Paths, then that file will be chosen, as you would expect. Only when the ShellExecuteEx function is about to give up does it try to "do what you mean".

What you're seeing is autocorrection kicking in yet again. If you go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes, you can see the various autocorrection rules that ShellExecute consults when it can't figure out what you are trying to do. For example, if the thing you typed begins with "www", it will stick "http://" in front and try again. This is why you can just type "www.microsoft.com" into the Run dialog instead of having to type the cumbersome "http://www.microsoft.com".

Most of the autocorrection rules are pretty self-evident. Something beginning with "ftp" is probably an FTP site. Something beginning with "www" is probably a web site. But why are strings beginning with "home" also treated as web sites?

For one thing, several web sites have domains whose names begin with "home". Furthermore, some internet service providers set up their DNS so that non-fully-qualified domain names go to servers that the ISP set up specifically to provide customer services. For example, "mail" would send you to a web-based mail system, and "home" would send you to the ISP's home page.

The use of "home" has fallen out of fashion of late, so the auto-correction rule isn't all that useful any more, but the rule stays around because it doesn't really hurt anybody, and compatibility concerns advise against removing a feature if it isn't hurting anyone and you aren't absolutely certain that nobody is still using it. (Heck, if you look at the key, you can see an entry for "gopher". Like anybody uses gopher any more.)

Comments (21)
  1. Stu says:

    The real question is why autocorrection is done on things that have a high probability of not being user input?

    I know it can’t be done now for compatibility reasons, but why isn’t there ShellAutocorrect() and ShellExecute() as seperate functions?

  2. George says:


    AH! Now I know yet another set of keys to delete when setting up a new machine!

  3. ajb says:

    > HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionURLPrefixes

    >AH! Now I know yet another set of keys to delete when setting up a new machine!

    Definitely. As soon as possible. Who in the world would want http://www.mysite.com to open up in a web browser?

  4. Thanks for the Tip Raymond. Is there a way to make it so that you can Run and have it launch IE for other prefixes. For example, most Intranet sites don’t start with a prefix, but I’d like to be able to do something like Start/Run "//toolbox" and have it launch "http://toolbox"

    I tried adding a prefix of // with http: and http:// as a prefix but it doesn’t see to work (unless you need to restart explorer for it to take effect).

  5. BryanK says:

    As far as autocorrect in general, I’m reminded of the Jargon File entry on DWIM. See:


    and note the anecdote (about the "notorious incident") after the four definitions.

  6. John Elliott says:

    Just for fun, I tried putting HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionURLPrefixes in the Run dialog. But it didn’t autocorrect to the extent of opening regedit with that as the current key :-)

  7. Stu says:

    Just out of interest, what happens if ACME Spyware decides to add keys that redirect things like "regedit" or "mmc" to various websites? Is that possible? Would that be enough to downgrade this "feature" to "security risk" status?

  8. Funny – I had read halfway through the article and decided to check if it worked for "gopher". Sure ‘nough, it did – even brought up my non-IE default browser!

    Then you mentioned it and the end and I cracked up…

  9. RobertWrayUK says:

    Steve: It might be "legacy" now, but ".com" is an executable file extension from the days of MS-DOS… that’s probably why microsoft.com doesn’t work, the O/S will be looking for an executable file called "microsoft.com"!

  10. PatriotB says:

    Stu (first comment): If you don’t want the shell to do its heuristics, use CreateProcess directly instead of ShellExecute. ShellExecute was created for the purpose of the shell, being able to run user-inputted commands.

    Stu (second comment): ACME Spyware probably couldn’t use the registry approach discussed here to do that–read the "first thing to note" paragraph.

    John Elliott: Someone could write a little program to do this quite easily. See IShellExecuteHook, http://msdn.microsoft.com/library/default.asp?url=/library/en-us/shellcc/platform/shell/reference/ifaces/ishellexecutehook/ishellexecutehook.asp. Dates all the way back to Windows 95. The documentation doesn’t mention specifically when this is called, but I’m assuming that it’s "after the ShellExecuteEx function has tried all the other possible interpretations" just like the URL prefixing.

  11. zzz says:


    BTW, why regedit is stupid?

    If I have "HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionURLPrefixes" in my clipboard, why can’t there be some command such as "CTRL+G" that will go to the key in the clipboard and if it doesn’t exist, go to the parent ("…URL" in this case). And if nothing exists, pop a "go to" dialog.

    For not having such an obvious feature, the regedit team gets .. wait.. doesn’t get any award.

  12. zzz: Hm that feature didn’t strike me as "obvious".

  13. I’ve always been surprised by the opposite: if I forget the ‘www’, and just type ‘microsoft.com’, the browser *doesn’t* open. I’d have thought a similar autocorrection could have been applied here.

  14. Ring Zero says:

    Oftentimes, you’re reading something interesting on the web, say old new thing, and somebody mentions an interesting registry entry, say


    that piques your curiosity, so you fire up regedit/regedt32 to have a look-see, and by the time you dig down deep enough into the tree– constantly switching your focus from the blog entry to regedit back to the blog entry back to regedit again–you’ve forgotten why you were interested in the first place.

    Unfortunately, FIND (^F) doesn’t work on full key names, only on the leaves.

    So I don’t know how obvious the feature is, but it sure would be useful. Surely this comes up all the time? Maybe there’s another way to quickly jump to an entry whose path you have waiting on the clipboard?

  15. Ring Zero: take a look at the "regjump" utility on sysinternals.com. It’s close to what you’re asking for.

  16. Anders says:

    http://www.dcsoft.com/products/regeditx/ is also pretty cool (hooks the normal regedit and adds some stuff)

  17. Edward says:

    The Malware Smartsearch does take advantage of this. It changes the www prefix from being "http://" to "http://smartsearch.ws/?q=" which basically means that any address you try to visit is redirected unless you type the full protocol address each time.

    It changes so many keys that it becomes very difficult to use IE properly, or find out how to sort out the mess.


  18. Neil says:

    But that doesn’t explain why IE seems to believe that when I type mail:8000 I want to start Outlook rather than my local webmail service…

  19. Matthew says:

    > But that doesn’t explain why IE seems to believe that when I type mail:8000 I want to start Outlook rather than my local webmail service…

    Internet Options -> Programs -> Email

  20. Neil says:

    Yeah, Matthew, as if webmail is filed under Programs…

  21. Not every code injection bug is a security hole.

Comments are closed.

Skip to main content