When I surf the web, I almost always have Fiddler running, and as a consequence I see a lot of “hidden” pollution in pages. Much of this cruft has built up over the years, copied from site to site, probably with little critical thought about its necessity. Please remove any META tags you...

First, a bit of background. When web developers are optimizing the performance of their sites, often they try to use their homepage to pre-cache resources that will be used on later pages. They might do so by kicking off "pre-fetch" resource downloads after the content required by the homepage itself...

This crossed my Twitter stream earlier today: I’m not sure why we need a public service announcement to notify folks that Internet Explorer is behaving properly, but I guess there’s no harm in that. However, based on the lack of information provided, and the implication that this...

8.4% of all hangs in IE9 in the past month are caused by XMLHttpRequest objects blocking the UI thread with a synchronous request. http://blogs.msdn.com/b/wer/archive/2011/08/03/why-you-should-use-xmlhttprequest-asynchronously.aspx If your page uses XHR in synchronous mode, your first thought should...

To ensure optimal performance and reliability when rendering pages, you should order the elements within the HEAD element carefully. First, I’ll explain the optimal order, and then explain the reasoning for this structure. Optimal Head Ordering <doctype> <html> <head>...

Modern browser APIs like the GeoLocation API are designed to have an asynchronous consent experience, whereby the API simply will not undertake a privileged action until the user consents. Unfortunately, many browser features like popup windows and ActiveX controls were designed before privilege limitations...

I’ve worked on the Internet Explorer team for six+ years, and on web sites for a decade longer, so I’m understandably excited when I come across a browser behavior I can’t explain. Last week, I encountered such a mystery, and it took me quite a while to figure out what was going on...

KB 262161 outlines the maximum number of stylesheets and rules supported by Internet Explorer 6 to 9. A sheet may contain up to 4095 rules A sheet may @import up to 31 sheets @import nesting supports up to 4 levels deep Some folks have wondered about the math that underlies these numbers...

Recently, a colleague sent me an email which provided a flashback into my own past: Hey, Eric-- Why do we show this when opening HTML locally? What are we protecting the user from? -Ben I myself had sent an email with almost the same text nearly seven years ago, and the surprisingly...

A few times a year, I get a question about Internet Explorer's behavior when it comes to downloading files that have non-ASCII characters in the filename, because different browsers have different behavior when handling such files. The server can suggest the name for a file download in one of two...

Back in Windows XP, an ActiveX control known as XEnroll could be used from the browser to request digital certificates on the client’s behalf. Certificate authorities and others would use this control when a customer purchased a certificate for code signing, server authentication, or other purposes...

Update : Internet Explorer 10 now supports CORS using XMLHTTPRequest . In Internet Explorer 8, the XDomainRequest object was introduced. This object allows AJAX applications to make safe cross-origin requests directly by ensuring that HTTP Responses can only be read by the current page if the data...

The request/response nature of HTTP works very well for traditional web pages, but to build dynamic AJAX applications, it’s often desirable for the server to be able to send data to the client on its own schedule. You could imagine, for instance, scenarios like an online game, or an event viewer...

Back in January of 2009, I announced IE8’s support for a new header-specified directive: X-Frame-Options , that can be used to mitigate ClickJacking attacks. As a declarative security measure , X-Frame-Options has minimal compatibility impact, but requires adoption by clients and servers in order...

Web browsers use domain names for a variety of purposes, but how they’re used is much more complicated than most developers realize. In this post, I’ll attempt to cover the most important aspects of this topic. Definitions When talking about “domains” the terminology alone...

Today, a question from the mail bag… Q: Is there a way to stop IE from “auto-magically” recognizing and creating hyperlinks inside HTML? First, a bit of context. Web developers can use the ContentEditable property to allow users to edit part of a HTML page. This mechanism is often used to allow...

IE8 introduced support for some of the more stable features in the HTML5 spec. However, web developers have reported some problematic scenarios in IE8's support for these features, as described below. 1. postMessage only works for IFRAMES/FRAMES The HTML5 postMessage function provides a great way...