This blog is closed as of 2/2015. @EricLaw left Microsoft in 2012, but was named an IE MVP in '13 & an IE userAgent (http://useragents.ie) in '14.
Translate This Page
Translate this page
Browse by Tags
Tagged Content List
HTTPS In 2015
Last week at the CodeMash conference, I delivered a session titled HTTPS in 2015 : Securing your websites and services using HTTPS has never been more important, or more complicated. In this talk, a former browser Security Program Manager covers the best practices for using HTTPS today. Topics...
16 Jan 2015
Strict P3P Validation
Internet Explorer offers users many tools to help protect their privacy, including InPrivate Browsing , cookie controls (including P3P ), and Tracking Protection Lists . In February of 2012, the IE team described how a misleading P3P statement was being used to circumvent users’ privacy settings...
16 Oct 2013
A Quick Look at P3P
Internet Explorer supports a cookie-restricting privacy feature called P3P. Web developers often get tripped up by it because no other browser implements the P3P standard. I’ve written about IE’s cookie control features previously (and more comprehensively), but here’s a summary of...
17 Sep 2013
Understanding Cookie Controls
Internet Explorer offers an extremely rich set of options for controlling cookies . The default settings are fairly well-balanced, but some users may want to introduce more restrictive or specialized controls. To configure cookie settings in IE, click Tools > Internet Options . Click the Privacy...
5 Jun 2010
Client Certificate Selection Prompt
The HTTPS protocol allows a secure server to request that the client verify their identity with a client certificate during the initial secure handshake. By presenting a client certificate, the browser helps further defeat man-in-the-middle attacks and authenticates to the web server more securely than...
2 Sep 2009
The Privacy Impact of Add-ons: New APIs for IE8
By default, when starting a new session using IE8's InPrivate Browsing feature, toolbars and Browser Helper Objects are disabled. This is done to help protect the user's privacy: many toolbars and extensions maintain their own navigation/search/etc history lists, and such lists could violate the user...
30 Jun 2009
CSS History Probing, or: "I know where you went last week"
Background One of the interesting attacks which makes the rounds every few years concerns the ability of web pages to use CSS to detect whether or not certain URLs have been visited. Given a sufficiently large set of URLs to probe, a website may be able to develop an interesting profile of where your...
17 Jun 2009
Think of the children!
Another question from the audience today: Q: I like IE8's InPrivate Browsing feature , but I'm worried that it won't let me see what my kids are up to. Can I prevent them from using it? A: Yes. When you enable the Windows Parental Controls feature, or use the Windows Live family safety tool, Internet...
16 Jun 2009
Page 1 of 1 (8 items)
© 2015 Microsoft Corporation.
Privacy & Cookies