IEInternals

A look at Internet Explorer from the inside out. @EricLaw left Microsoft in 2012, but was named an IE MVP in '13 & an IE userAgent (http://useragents.ie) in '14

Browse by Tags

Tagged Content List
  • Blog Post: Bolstering Protected Mode

    Internet Explorer 7 introduced Protected Mode, a defense-in-depth security feature which relied upon the Windows Vista Integrity Levels (IL) system to mitigate drive-by attacks against the browser. Internet Explorer 10 introduced a stronger version of that feature, called Enhanced Protected Mode (EPM...
  • Blog Post: “Continue” Link Missing from Certificate Error Page?

    A user recently reported that IE11 wasn’t showing the “Continue” link on the certificate error page shown when visiting their 2009-era router’s configuration UI. They were curious why that link wasn’t shown in this instance. The error page’s Continue link is hidden...
  • Blog Post: Strict P3P Validation

    Internet Explorer offers users many tools to help protect their privacy, including InPrivate Browsing , cookie controls (including P3P ), and Tracking Protection Lists . In February of 2012, the IE team described how a misleading P3P statement was being used to circumvent users’ privacy settings...
  • Blog Post: Braindump: DNS

    Note: The “brain dump” series is akin to what the support.microsoft.com team calls “Fast Publish” articles—namely, things that are published quickly, without the usual level of polish, triple-checking, etc. I expect that these posts will contain errors, but I also expect...
  • Blog Post: Braindump: ActiveX in Windows 8

    Note: The “brain dump” series is akin to what the support.microsoft.com team calls “Fast Publish” articles—namely, things that are published quickly, without the usual level of polish, triple-checking, etc. I expect that these posts will contain errors, but I also expect...
  • Blog Post: Understanding Zone Elevation

    The security setting “Websites in less privileged web content zone can navigate into this zone”: ... is one that leads to more questions than almost any other. This setting, also known as Zone Elevation protection , was originally designed to prevent navigation from untrusted Internet...
  • Blog Post: Debugging in IE10 on Windows 8

    Emulating the “non-Desktop Experience” in the Desktop Experience The new full-screen “fast and fluid” experience of IE10 on Windows 8 offers many improvements over Internet Explorer 10 on the Desktop (ranging from UX to Security), but one thing it lacks is the F12 Developer...
  • Blog Post: Networking Improvements in IE10 and Windows 8

    Internet Explorer 10’s networking code builds upon the performance improvements in IE9 ( caching , overall networking ) to help ensure that IE10 loads pages as quickly as possible. In IE10, we identified a few key areas for improvement based on customer feedback, code inspection, and telemetry...
  • Blog Post: Content-Length and Transfer-Encoding Validation in the IE10 Download Manager

    Back in March of 2011 , I mentioned that we had encountered some sites and servers that were not sending proper Content-Length headers for their HTTP responses. As a result, we disabled our attempt to verify Content-Length for IE9. Unfortunately, by April, we’d found that this accommodation...
  • Blog Post: Understanding Enhanced Protected Mode

    Last week, Andy Zeigler announced the introduction of Enhanced Protected Mode (EPM) over on the IEBlog. In today’s post, I’d like to provide further technical details about EPM to help security researchers, IT professionals, enthusiasts, and developers better understand how this feature works...
  • Blog Post: Internet Explorer 10 Consumer Preview Minor Changes List

    Continuing on from last year’s IE9 Minor Changes list , this post describes minor changes you can find in Internet Explorer 10 in the Windows 8 Consumer Preview. There are many changes that I will not be covering, please do not mistake this for a comprehensive list, and please note that I'm...
  • Blog Post: Understanding Protocols

    For over a decade, Internet Explorer has enabled developers to extend the browser with new URL protocol schemes. These protocols can be one of two types: Asynchronous Pluggable Protocols - COM objects that implement the IInternetProtocolRoot interface and return content to URLMon, usually for rendering...
  • Blog Post: URL Fragments and Redirects

    I’ve worked on the Internet Explorer team for six+ years, and on web sites for a decade longer, so I’m understandably excited when I come across a browser behavior I can’t explain. Last week, I encountered such a mystery, and it took me quite a while to figure out what was going on...
  • Blog Post: Stylesheet Limits in Internet Explorer

    KB 262161 outlines the maximum number of stylesheets and rules supported by Internet Explorer 6 to 9. A sheet may contain up to 4095 rules A sheet may @import up to 31 sheets @import nesting supports up to 4 levels deep Some folks have wondered about the math that underlies these numbers...
  • Blog Post: Avoid “Do not save encrypted pages to disk”

    Internet Explorer has an Advanced option named Do not save encrypted pages to disk . By default, this option is unchecked (except for Windows Server systems) and I recommend you leave it that way. In IE9, this option does exactly what it says it does—resources received from HTTPS URLs...
  • Blog Post: URL Components in the DOM

    The IE team has been working our way through the remaining issues reported from internal and external testing of the IE9 Release Candidate. In the course of investigating one recent internal-site compatibility bug, I ran across an interesting interoperability issue that appears to have existed since...
  • Blog Post: Understanding Conditional Requests and Refresh

    Today's post is a collection of technical tidbits about conditional HTTP requests and the behavior of IE's Refresh button. It's probably of limited interest to most readers, but if you need to deeply understand either of these topics, hopefully you will find it helpful! Conditional Requests Web...
  • Blog Post: Trivia: Animated GIF Timing

    Every now and again, someone reports that Internet Explorer is "slow" when rendering an animated GIF file. Typically, they'll load a lengthy animation in Firefox and IE and note that it runs much more quickly in Firefox. Similarly, Chrome and Safari are "slow" while Opera is "fast." Conversely, there...
  • Blog Post: XDomainRequest - Restrictions, Limitations and Workarounds

    Update : Internet Explorer 10+ supports CORS using XMLHTTPRequest . IE11 deprecates the XDomainRequest object and it is not available in IE11 Edge mode. In Internet Explorer 8, the XDomainRequest object was introduced. This object allows AJAX applications to make safe cross-origin requests directly...
  • Blog Post: HTTPS Caching and Internet Explorer

    From time-to-time, I get questions about Internet Explorer’s behavior when it comes to caching of HTTPS-delivered content. It comes as a surprise to many that by-default, all versions of Internet Explorer will cache HTTPS content so long as the caching headers allow it . If a resource is sent...
  • Blog Post: COMET Streaming in Internet Explorer

    The request/response nature of HTTP works very well for traditional web pages, but to build dynamic AJAX applications, it’s often desirable for the server to be able to send data to the client on its own schedule. You could imagine, for instance, scenarios like an online game, or an event viewer...
  • Blog Post: IE8's Native XMLHttpRequest Object Restrictions, Bugs, and Notes

    Protocol Restriction Internet Explorer's native XMLHTTPRequest object permits requests to HTTP and HTTPS only; requests to FILE, FTP, or other URI schemes are blocked. Update : IE10 XHR supports CORS . Method Restriction The object permits only the following HTTP methods: "GET", "POST", "HEAD", "PUT...
Page 1 of 1 (22 items)