A look at Internet Explorer from the inside out. @EricLaw left Microsoft in 2012, but was named an IE MVP in '13 & an IE userAgent (http://useragents.ie) in '14
Translate This Page
Translate this page
Browse by Tags
Tagged Content List
Braindump: Feature Control Keys and URLActions
Note: The “brain dump” series is akin to what the support.microsoft.com team calls “Fast Publish” articles—namely, things that are published quickly, without the usual level of polish, triple-checking, etc. I expect that these posts will contain errors, but I also expect...
27 Sep 2012
Enhanced Protected Mode and Local Files
19 Jun 2012
Brain Dump: Random Tidbits
This post contains random IE-related tidbits for which there’s either not enough material or time to write a full post. I expect to revisit and expand this list from time to time. Case-Sensitivity in Cross-Frame Scripting of File URIs Same-Origin-Policy controls how script running in web...
30 May 2012
Same Origin Policy Part 2: Limited Write
In Part 1 of this series, I described how Same Origin Policy prevents web content delivered from one origin from reading content from another origin. (If you haven’t read that post yet, please do start there.) In today’s post, we’ll look at what restrictions are placed on writing...
2 Apr 2012
Sharpen the Saw
Gather round, young’ins, Grandpa Eric is going to tell you a story. Back in the old days, when I started writing software, programmers’ utilities were sold in boxes in retail stores. You’d plunk down your 149 bucks or whatever (in cash , kids, this was before credit cards got popular...
14 Aug 2011
Internet Explorer 9.0.2 Update
Tuesday’s Update for Internet Explorer updates the IE9 Help > About dialog’s version number to v9.0.2. The update includes a number of security and functionality fixes; many of these fixes are described in the More Information section of KB2559049 . One fix enables the IE9 Download Manager...
12 Aug 2011
A Security Prompt that makes you go “Huh?”…
Every few months, a Microsoft employee will send me an email complaining that Internet Explorer showed them the following dialog: This page is accessing information that is not under its control. This poses a security risk. Do you want to continue? …and they don’t understand...
21 Apr 2011
Controlling ActiveX in Internet Explorer
In today’s post, I’ll provide a high-level overview of features in Internet Explorer that impact the loading of ActiveX controls. Internet Explorer 6 and later allow the user to enable or disable ActiveX controls on an individual basis using the Manage Add-ons screen. Internet...
2 Apr 2011
Understanding Local Machine Zone Lockdown
Recently, a colleague sent me an email which provided a flashback into my own past: Hey, Eric-- Why do we show this when opening HTML locally? What are we protecting the user from? -Ben I myself had sent an email with almost the same text nearly seven years ago, and the surprisingly...
23 Mar 2011
XDomainRequest - Restrictions, Limitations and Workarounds
Update : Internet Explorer 10+ supports CORS using XMLHTTPRequest . You should prefer that object over the legacy XDomainRequest object. In Internet Explorer 8, the XDomainRequest object was introduced. This object allows AJAX applications to make safe cross-origin requests directly by ensuring that...
13 May 2010
The User-Agent String: Use and Abuse
When I first joined the IE team five years ago, I became responsible for the User-Agent string. While I’ve owned significantly more “important” features over the years, on a byte-for-byte basis, few have proved as complicated as the “simple” UA string. I ( and others...
7 Oct 2009
Understanding Domain Names in Internet Explorer
Web browsers use domain names for a variety of purposes, but how they’re used is much more complicated than most developers realize. In this post, I’ll attempt to cover the most important aspects of this topic. Definitions When talking about “domains” the terminology alone...
18 Sep 2009
Same Origin Policy Part 1: No Peeking
Despite its role as the cornerstone of web application security, it’s clear that many (most?) web professionals do not understand Same Origin Policy (SOP), or hold one or more misconceptions about what SOP requires. It’s a big topic, and I don’t plan to address it all on this quiet...
28 Aug 2009
Slowing Down: Disabling the Accelerator icon
We've had a few folks write to the IEBlog asking " How can I disable the little blue accelerator icon that appears when text is selected in a HTML page? " For end users, the answer is straightforward: Click Tools > Internet Options > Advanced , and untick Display Accelerator button on selection...
2 Jun 2009
Page 1 of 1 (14 items)
© 2014 Microsoft Corporation.
Privacy & Cookies