Help!

I've created a prototype which utilises XML files on the client. The problem is that the client needs to be able to work in a disconnected environment, thereby saving the input on the client.

The conversion of XML files is occurring in Internet Explorer, which I've read (and experienced!) that it will not allow you to use the XMLDOM.save method, since this is a violation of the security rights.

However, I came across the .hta application which bypasses the security - all is well so far. However, my initial page contains an iframe in it, which is referencing another XML file containing javascripts - and in there, the save method is failing.

Everything I've read says that the .hta application will totally bypass the security zones, but I still keep getting a "permission denied" error. Why does this happen, when the parent can successfully execute the same save method? Is there something I've missed in the coding?

The following is the code in my parent document:
"<html>

<form>
<script type="text/javascript" >

function save_outlet44(){
var xmlDOM = new ActiveXObject('Microsoft.XMLDOM')
xmlDOM.resolveExternals = true;
xmlDOM.preserveWhiteSpace = true;
xmlDOM.validateOnParse = false;
xmlDOM.async = false;
xmlDOM.load('the_outlet.xml')

var Elem, Text
Elem = xmlDOM.documentElement
Text = Elem.firstChild
Text.replaceData(0, 6, '211231')

xmlDOM.save('the_outlet.xml')
* This save works perfectly - the one in child.xml doesn't*
}


</script>

<tr>

<td><input type="button" name="tick" value="Continue..." onclick="save_outlet44()" > </td>
<td><span datafld="territory"></span></td>

</tr>


<BODY scroll="no">
<iframe
src ="child.xml" APPLICATION="yes" TRUSTED="yes">
*This converts using XSLT - translates ok, but scripts within fail!*
</iframe>

</BODY>

</form>

</html>