IEInternals

A look at Internet Explorer from the inside out. @EricLaw left Microsoft in 2012, but was named an IE MVP in '13 & an IE userAgent (http://useragents.ie) in '14

May, 2011

  • IEInternals

    Consent and Browser Refreshes

    • 11 Comments
    Modern browser APIs like the GeoLocation API are designed to have an asynchronous consent experience, whereby the API simply will not undertake a privileged action until the user consents. Unfortunately, many browser features like popup windows and ActiveX...
  • IEInternals

    Enhanced Mitigation Experience Toolkit Update

    • 3 Comments
    Microsoft’s Security Research and Defense team has released an updated version of their Enhanced Mitigation Experience Toolkit (EMET), a tool that allows the application of enhanced security mitigations around the application of your choice. ...
  • IEInternals

    Socially-Engineered XSS Attacks

    • 7 Comments
    When the IE team talks about Cross-Site-Scripting (XSS) attacks, we’ve usually grouped them into three categories Type 0: DOM-based XSS Type 1: “Reflected” XSS Type 2: Persistent/Stored XSS DOM-APIs like toStaticHTML...
  • IEInternals

    Detecting Captive Network Portals

    • 3 Comments
    Over on SuperUser , there’s a great explanation of how Windows determines whether a newly-connected network has a proper Internet connection, or whether the user should open a browser to login or click through a Terms of Use agreement. The general...
  • IEInternals

    URL Fragments and Redirects

    • 14 Comments
    I’ve worked on the Internet Explorer team for six+ years, and on web sites for a decade longer, so I’m understandably excited when I come across a browser behavior I can’t explain. Last week, I encountered such a mystery, and it took...
  • IEInternals

    Controlling Java in Internet Explorer

    • 3 Comments
    Recently, there’s been some interest in how to control the use of Java within Internet Explorer. Java is a unique form of extensibility because it can be invoked in two ways: Using an APPLET element Using an OBJECT element with a CLSID...
  • IEInternals

    Stylesheet Limits in Internet Explorer

    • 16 Comments
    KB 262161 outlines the maximum number of stylesheets and rules supported by Internet Explorer 6 to 9. A sheet may contain up to 4095 rules A sheet may @import up to 31 sheets @import nesting supports up to 4 levels deep Some folks have...
  • IEInternals

    Avoid “Do not save encrypted pages to disk”

    • 21 Comments
    Internet Explorer has an Advanced option named Do not save encrypted pages to disk . By default, this option is unchecked (except for Windows Server systems) and I recommend you leave it that way. In IE9, this option does exactly what it says...
  • IEInternals

    The Web Browser Control and the Silent Flag

    • 3 Comments
    Applications that host the Web Browser Control have the opportunity to set the Silent flag to suppress all dialogs that the web browser control may generate. In some cases, this is useful, because it can help ensure a “quiet” user experience...
  • IEInternals

    Blog Roll

    • 2 Comments
    These days, I struggle to find time to keep up with all of the tech news, but there are a few streams I make a special effort to stay on top of. Ex-Internet Explorer Dave Risney posts items of interest about URIs, web standards, FiddlerCore and myriad...
Page 1 of 1 (10 items)