430394 IE7 Security Problem

We currently have a site at [login to view URL] which acts as an aggregator for You Tube videos, the visitor clicks on a picture and a You Tube video is displayed. We are developing a new version of this page which can be seen at [login to view URL] - in this page the pictures/links are in a scrollling div and clicking on one displays the linked You Tube video in an iFrame on the left hand side of the page. This works by using a Javascript onClick event to make the src of the iFrame (id="viewer") a page called [login to view URL] (after passing it the Your Tube video id as "video"). The source for the page [login to view URL] is... <?php $val = $_GET['video']; $redirect= "[login to view URL]" . $val . "&autoplay=1"; header ("Location: $redirect"); exit(); ?> This works fine in all browsers except IE7 where if you click a picture/link [login to view URL] you get a dialog box "File Download - Security Warning" with the following text... Do you want to open or save this file? Name: Type: Shockwave Flash Object, 1.03 Kb From: [login to view URL] I suspect the problem is a new default security setting in IE7. We want the page to work just the same in all browsers including IE7. Can you solve this problem please!