IEInternals

A look at Internet Explorer from the inside out. @EricLaw left Microsoft in 2012, but was named an IE MVP in '13 & an IE userAgent (http://useragents.ie) in '14

  • IEInternals

    Custom Cursors in CSS

    • 1 Comments
    I spend most of my time on networking, performance, and browser security issues, but while working on a test page recently, I came across some interesting behavior and cross-browser differences when using custom cursors in HTML content. Web developers...
  • IEInternals

    HTTPS Caching and Internet Explorer

    • 18 Comments
    From time-to-time, I get questions about Internet Explorer’s behavior when it comes to caching of HTTPS-delivered content. It comes as a surprise to many that by-default, all versions of Internet Explorer will cache HTTPS content so long as the...
  • IEInternals

    Forcing Internet Explorer To Forget To Not Remember

    • 40 Comments
    All joking aside, last fall, I wrote about the variety of reasons why Internet Explorer might not offer to remember your password on a web form. As I mentioned then, you will not be re-prompted to save your password if you’ve previously declined...
  • IEInternals

    COMET Streaming in Internet Explorer

    • 23 Comments
    The request/response nature of HTTP works very well for traditional web pages, but to build dynamic AJAX applications, it’s often desirable for the server to be able to send data to the client on its own schedule. You could imagine, for instance...
  • IEInternals

    Understanding Session Lifetime

    • 15 Comments
    Back in May of last year , I discussed changes we made in Internet Explorer 8 to make the browser’s session handling behavior more predictable. Specifically, we introduced a “New Session” item on the File menu—this menu item explicitly creates a new browser...
  • IEInternals

    IE8 Lookahead Downloader Fixed

    • 14 Comments
    Background Last year, I wrote about two bugs in IE8’s Lookahead Downloader that would cause IE8 to make spurious download requests for non-existent URLs. These spurious download requests generally went unnoticed by users, because the main parser would...
  • IEInternals

    Combating ClickJacking With X-Frame-Options

    • 6 Comments
    Back in January of 2009, I announced IE8’s support for a new header-specified directive: X-Frame-Options , that can be used to mitigate ClickJacking attacks. As a declarative security measure , X-Frame-Options has minimal compatibility impact, but...
  • IEInternals

    Understanding SmartScreen Blocking

    • 8 Comments
    I’ve received a few emails recently, asking “Why is SmartScreen blocking my newspaper’s website?” Usually, the person asking assumes that, because they trust and regularly visit the website in question, this must be a false positive in SmartScreen. ...
  • IEInternals

    Fiddler at MIX 2010

    • 0 Comments
    Just a quick little advertisement: On the heels of the successful Fiddler session at PDC last fall , I'll be hosting a "mini-session" on Fiddler at the MIX 2010 conference next Wednesday morning. I hope to meet some of you there! Update...
  • IEInternals

    Use Sensible Long-Lived Cache headers

    • 5 Comments
    As some of you might expect, I watch all of my network traffic when I browse the web—you never know when you’ll see something interesting. This afternoon, for example, my curiosity was piqued when I noted that as I browsed around the Zune...
  • IEInternals

    Why doesn’t Flash/Silverlight work in my .NET Application?

    • 23 Comments
    Over the past few months, I’ve run across a number of developers who have reported problems where their .NET application fails to render Flash or Silverlight content within a Web Browser Control. The most common reason for this problem is that...
  • IEInternals

    In-Place Shell Navigation with the WebBrowser Control on Windows 7

    • 13 Comments
    Because the WebBrowser Control (WebOC) can be used to display a wide range of content (HTML, Office Documents, PDFs, the local file-system, etc) it is often integrated into applications as a somewhat generic object hosting surface. For Windows 7, a small...
  • IEInternals

    AES is not a valid cipher for SSLv3

    • 6 Comments
    A Windows 7 user of Fiddler encountered an interesting error this morning, and it reminded me of an interesting HTTPS compatibility problem we found in the Windows Vista timeframe. The user is trying to visit https://www.atsenergo.ru with Fiddler running...
  • IEInternals

    Understanding Certificate Name Mismatches

    • 10 Comments
    Recently, I received a query from the Windows Mobile team-- they had observed that visiting https://gmail.com triggers a certificate name mismatch error on IEMobile, but doesn’t seem to trigger any error on Windows 7 when using the desktop versions of...
  • IEInternals

    Understanding the Protected Mode Elevation Dialog

    • 8 Comments
    Internet Explorer 7 introduced Protected Mode, a feature which helps ensure that the browser and its add-ons run with a minimal set of permissions. Code running inside the “Low Rights” process doesn’t have permission to write to your user-profile’s folders...
  • IEInternals

    The JVM Install Prompt

    • 2 Comments
    Many years ago, Microsoft developed an implementation of a Java Virtual Machine to run Java content. Internet Explorer 5 included code that would download and install the JVM (if needed) when a user encountered Java content on the web. After some time...
  • IEInternals

    Troubleshooting Authentication with Fiddler

    • 6 Comments
    Over the last few weeks, I’ve been exchanging mail with a webmaster (Vladimir) in Russia who reported that his customers were having problems using IE8 on Windows 7 to log into his website. His site uses HTTP Basic Authentication, so users are prompted...
  • IEInternals

    Inline AutoComplete

    • 6 Comments
    Internet Explorer 8 removed support for one of my favorite browser features: Inline AutoComplete (IAC) for the address bar. This feature was off-by-default, but for almost a decade the first thing I did when setting up a new computer was enable IAC using...
  • IEInternals

    Security Intelligence Report Volume 7 Released

    • 0 Comments
    Security researchers at Microsoft release a biannual "Intelligence Report" containing statistics about the software-related security incidents over the past 6 months. This report is called the SIR , and the latest version can be found here . There are...
  • IEInternals

    Using Meddler to Simulate Web Traffic

    • 10 Comments
    As mentioned back in July , IE8’s new lookahead downloader has a number of bugs which cause it to issue incorrect speculative download requests. The “BASE Bug” caused the speculative downloader to only respect the <BASE> element...
  • IEInternals

    Capturing Crash Dumps for Analysis

    • 5 Comments
    Sometimes, folks report crashes to the IE team that we are unable to reproduce internally. That’s usually because, as mentioned often, most crashes are caused by buggy browser add-ons. In some cases, however, crashes occur even when running with browser...
  • IEInternals

    Understanding DEP/NX

    • 14 Comments
    Despite being one of the crucial security features of modern browsers, Data Execution Prevention / No Execute (DEP/NX) is not well understood by most users, even technical experts without a security background. In this post, I’ll try to provide...
  • IEInternals

    DotNet UserControls Restricted in IE8

    • 4 Comments
    In the past, Internet Explorer supported a really easy way to host .NET UserControls in HTML. These controls worked much like ActiveX controls, but because they ran with limited permissions, sandboxed by the .NET Framework, they would download and run...
  • IEInternals

    The User-Agent String: Use and Abuse

    • 25 Comments
    When I first joined the IE team five years ago, I became responsible for the User-Agent string. While I’ve owned significantly more “important” features over the years, on a byte-for-byte basis, few have proved as complicated as the...
  • IEInternals

    Good News: Microsoft Security Essentials Released

    • 0 Comments
    Microsoft’s free new anti-virus / anti-malware realtime scanner is now available as a free download . Installing MSE, a traditional signature-based scanner, alongside IE8’s URL Reputation-based SmartScreen Filter yields comprehensive protection to help...
Page 6 of 8 (199 items) «45678