IEInternals

A look at Internet Explorer from the inside out. @EricLaw left Microsoft in 2012, but was named an IE MVP in '13 & an IE userAgent (http://useragents.ie) in '14

  • IEInternals

    Sad, but true...

    • 2 Comments
  • IEInternals

    IE and the Security Development Lifecycle

    • 0 Comments
    Microsoft's Security Development Lifecycle describes how we engineer security into our products. Earlier this year, Security Program Manager Mark Shlimovich wrote a detailed whitepaper about how SDL was applied to IE8, providing "behind the scenes" insights...
  • IEInternals

    Trivia: Animated GIF Timing

    • 15 Comments
    Every now and again, someone reports that Internet Explorer is "slow" when rendering an animated GIF file. Typically, they'll load a lengthy animation in Firefox and IE and note that it runs much more quickly in Firefox. Similarly, Chrome and Safari are...
  • IEInternals

    Downloads and International Filenames

    • 16 Comments
    A few times a year, I get a question about Internet Explorer's behavior when it comes to downloading files that have non-ASCII characters in the filename, because different browsers have different behavior when handling such files. The server can suggest...
  • IEInternals

    Understanding Cookie Controls

    • 4 Comments
    Internet Explorer offers an extremely rich set of options for controlling cookies . The default settings are fairly well-balanced, but some users may want to introduce more restrictive or specialized controls. To configure cookie settings in IE, click...
  • IEInternals

    Certificate Enrollment from the Browser

    • 2 Comments
    Back in Windows XP, an ActiveX control known as XEnroll could be used from the browser to request digital certificates on the client’s behalf. Certificate authorities and others would use this control when a customer purchased a certificate for...
  • IEInternals

    The Performance Impact of META REFRESH

    • 17 Comments
    Some sites will utilize the META REFRESH directive to perform a client-side redirection. In general, this should be avoided in favor of other redirection types, for instance, a server-side redirection (HTTP/3xx) or by using JavaScript. Using META REFRESH...
  • IEInternals

    XDomainRequest - Restrictions, Limitations and Workarounds

    • 42 Comments
    Update : Internet Explorer 10+ supports CORS using XMLHTTPRequest . IE11 deprecates the XDomainRequest object and it is not available in IE11 Edge mode. In Internet Explorer 8, the XDomainRequest object was introduced. This object allows AJAX applications...
  • IEInternals

    Security Intelligence Report Volume 8 Released

    • 0 Comments
    The latest version of Microsoft's Security Intelligence Report has been released, covering July-December 2009. Reading even just the "Key Findings" document paints a fascinating picture of the web threat landscape and improved security of later OS and...
  • IEInternals

    Custom Cursors in CSS

    • 1 Comments
    I spend most of my time on networking, performance, and browser security issues, but while working on a test page recently, I came across some interesting behavior and cross-browser differences when using custom cursors in HTML content. Web developers...
  • IEInternals

    HTTPS Caching and Internet Explorer

    • 18 Comments
    From time-to-time, I get questions about Internet Explorer’s behavior when it comes to caching of HTTPS-delivered content. It comes as a surprise to many that by-default, all versions of Internet Explorer will cache HTTPS content so long as the...
  • IEInternals

    Forcing Internet Explorer To Forget To Not Remember

    • 41 Comments
    All joking aside, last fall, I wrote about the variety of reasons why Internet Explorer might not offer to remember your password on a web form. As I mentioned then, you will not be re-prompted to save your password if you’ve previously declined...
  • IEInternals

    COMET Streaming in Internet Explorer

    • 23 Comments
    The request/response nature of HTTP works very well for traditional web pages, but to build dynamic AJAX applications, it’s often desirable for the server to be able to send data to the client on its own schedule. You could imagine, for instance...
  • IEInternals

    Understanding Session Lifetime

    • 18 Comments
    Back in May of last year , I discussed changes we made in Internet Explorer 8 to make the browser’s session handling behavior more predictable. Specifically, we introduced a “New Session” item on the File menu—this menu item explicitly creates a new browser...
  • IEInternals

    IE8 Lookahead Downloader Fixed

    • 14 Comments
    Background Last year, I wrote about two bugs in IE8’s Lookahead Downloader that would cause IE8 to make spurious download requests for non-existent URLs. These spurious download requests generally went unnoticed by users, because the main parser would...
  • IEInternals

    Combating ClickJacking With X-Frame-Options

    • 8 Comments
    Back in January of 2009, I announced IE8’s support for a new header-specified directive: X-Frame-Options , that can be used to mitigate ClickJacking attacks. As a declarative security measure , X-Frame-Options has minimal compatibility impact, but...
  • IEInternals

    Understanding SmartScreen Blocking

    • 8 Comments
    I’ve received a few emails recently, asking “Why is SmartScreen blocking my newspaper’s website?” Usually, the person asking assumes that, because they trust and regularly visit the website in question, this must be a false positive in SmartScreen. ...
  • IEInternals

    Fiddler at MIX 2010

    • 0 Comments
    Just a quick little advertisement: On the heels of the successful Fiddler session at PDC last fall , I'll be hosting a "mini-session" on Fiddler at the MIX 2010 conference next Wednesday morning. I hope to meet some of you there! Update...
  • IEInternals

    Use Sensible Long-Lived Cache headers

    • 5 Comments
    As some of you might expect, I watch all of my network traffic when I browse the web—you never know when you’ll see something interesting. This afternoon, for example, my curiosity was piqued when I noted that as I browsed around the Zune...
  • IEInternals

    Why doesn’t Flash/Silverlight work in my .NET Application?

    • 23 Comments
    Over the past few months, I’ve run across a number of developers who have reported problems where their .NET application fails to render Flash or Silverlight content within a Web Browser Control. The most common reason for this problem is that...
  • IEInternals

    In-Place Shell Navigation with the WebBrowser Control on Windows 7

    • 13 Comments
    Because the WebBrowser Control (WebOC) can be used to display a wide range of content (HTML, Office Documents, PDFs, the local file-system, etc) it is often integrated into applications as a somewhat generic object hosting surface. For Windows 7, a small...
  • IEInternals

    AES is not a valid cipher for SSLv3

    • 12 Comments
    A Windows 7 user of Fiddler encountered an interesting error this morning, and it reminded me of an interesting HTTPS compatibility problem we found in the Windows Vista timeframe. The user is trying to visit https://www.atsenergo.ru with Fiddler running...
  • IEInternals

    Understanding Certificate Name Mismatches

    • 10 Comments
    Recently, I received a query from the Windows Mobile team-- they had observed that visiting https://gmail.com triggers a certificate name mismatch error on IEMobile, but doesn’t seem to trigger any error on Windows 7 when using the desktop versions of...
  • IEInternals

    Understanding the Protected Mode Elevation Dialog

    • 8 Comments
    Internet Explorer 7 introduced Protected Mode, a feature which helps ensure that the browser and its add-ons run with a minimal set of permissions. Code running inside the “Low Rights” process doesn’t have permission to write to your user-profile’s folders...
  • IEInternals

    The JVM Install Prompt

    • 2 Comments
    Many years ago, Microsoft developed an implementation of a Java Virtual Machine to run Java content. Internet Explorer 5 included code that would download and install the JVM (if needed) when a user encountered Java content on the web. After some time...
Page 6 of 9 (208 items) «45678»