IEInternals

A look at Internet Explorer from the inside out. @EricLaw left Microsoft in 2012, but was named an IE MVP in '13 & an IE userAgent (http://useragents.ie) in '14

  • IEInternals

    Internet Explorer Cannot Download https://something

    • 45 Comments
    Earlier today, I was asked to troubleshoot a secure site where file downloads were always failing . Having seen this problem many times often over the years, I immediately suspected that the web developer wasn’t aware that if a user tries...
  • IEInternals

    New Tool: Compare IE Security Settings

    • 0 Comments
    “IE Zone Comparer” was designed to provide additional visibility into URLMon's security zone settings. Pick any two collections of security zone settings, and IE Zone Comparer displays the values of those settings, highlighting any differences between...
  • IEInternals

    Understanding Domain Names in Internet Explorer

    • 15 Comments
    Web browsers use domain names for a variety of purposes, but how they’re used is much more complicated than most developers realize. In this post, I’ll attempt to cover the most important aspects of this topic. Definitions When talking...
  • IEInternals

    Two New Tools Available from the SDL Team

    • 0 Comments
    Yesterday, IE Team alumnus Jeremy Dallman posted over on the Security Development Lifecycle team’s blog, announcing the release of BinScope and MiniFuzz . These two tools are part of the toolset that the Internet Explorer team uses to help verify the...
  • IEInternals

    Preventing Automatic Hyperlinking in ContentEditable HTML

    • 5 Comments
    Today, a question from the mail bag… Q: Is there a way to stop IE from “auto-magically” recognizing and creating hyperlinks inside HTML? First, a bit of context. Web developers can use the ContentEditable property to allow users to edit part of...
  • IEInternals

    The Mystery of the Forgetful Browser Settings

    • 0 Comments
    A friend recently wrote to me, alarmed that the SmartScreen Filter feature was constantly turning off on his laptop with IE8. Despite manually re-enabling the feature using the Safety menu multiple times per hour, it was mysteriously and repeatedly turned...
  • IEInternals

    HTML5 Implementation Issues in IE8 (and later)

    • 12 Comments
    IE8 introduced support for some of the more stable features in the HTML5 spec. However, web developers have reported some problematic scenarios in IE8's support for these features, as described below. 1. postMessage only works for IFRAMES/FRAMES ...
  • IEInternals

    Welcome to Security Theater...

    • 1 Comments
    From the things that make you go hmm.... department: http://personal.fidelity.com/misc/buffers/coming-soon-identity.shtml.cvsr Choose a question like “In what city was your high school?” then enter the answer. This kind of information gives us a...
  • IEInternals

    My Favorite IE Add-on: Ralph Hare’s Mouse Gestures

    • 5 Comments
    Unfortunately, I spend a lot of time dealing with problems users encounter when using Internet Explorer. As a result, when I write about add-ons, I’m usually talking about misbehaving code that is wrecking the browser. However, it’s not all...
  • IEInternals

    Why Won’t IE Remember My Login Info?

    • 75 Comments
    Over on the Microsoft Answers forum , some folks have reported that Internet Explorer doesn’t remember their login details. This is a tricky problem to troubleshoot because there are a number of different problems which get lumped together under...
  • IEInternals

    Microsoft Doloto Performance Optimization Tool

    • 0 Comments
    Ben Livshits and Emre Kiciman of Microsoft Research have released the Doloto performance-optimization tool . This cool tool enables web developers to optimize page-load time by ensuring that pages only pull in the JavaScript functions they need. Mentioned...
  • IEInternals

    Nine

    • 5 Comments
    Nine is a number that’s been on my mind quite a lot lately, so it’s fitting that it’s now 09:09:09 on 09/09/09. I’m eager to write more about Nine here in the future, and I know from the comments that this is a subject of interest to many. For now...
  • IEInternals

    Client Certificate Selection Prompt

    • 23 Comments
    The HTTPS protocol allows a secure server to request that the client verify their identity with a client certificate during the initial secure handshake. By presenting a client certificate, the browser helps further defeat man-in-the-middle attacks and...
  • IEInternals

    Same Origin Policy Part 1: No Peeking

    • 11 Comments
    Despite its role as the cornerstone of web application security, it’s clear that many (most?) web professionals do not understand Same Origin Policy (SOP), or hold one or more misconceptions about what SOP requires. It’s a big topic, and...
  • IEInternals

    HowTo: Organize Favorites using Windows Explorer

    • 0 Comments
    Here's a fun little tip from the "Things I didn't know about my own product " file: If you want to organize your favorites using a full Windows Explorer instance instead of the far more limited "Organize Favorites" dialog box, hold SHIFT while clicking...
  • IEInternals

    It was only a matter of time...

    • 1 Comments
    It looks like the days of "security by obscurity" protection for Mac users may be coming to a close. As described over on Brian Krebs' blog , socially-engineered malware authors are now going after Mac OS X users with targeted exploits that attack both...
  • IEInternals

    My browser is acting funny…

    • 25 Comments
    As browser users go, I’m pretty savvy. I’ve been on the IE team for nearly half a decade, and I’ve been writing browser extensions for twice as long. I read networking source code for entertainment, I spend my free time writing a web debugger , and I...
  • IEInternals

    Getting the Server's Certificate Chain from WinINET

    • 0 Comments
    Over the last few years, a number of folks have lamented that there's no good way to get the server's complete certificate chain from a WinINET HTTP response. That has changed with the release of the new WinINET shipping in Windows 7 / IE8. INTERNET_OPTION_SERVER_CERT_CHAIN_CONTEXT...
  • IEInternals

    Internet Explorer Cookie Internals (FAQ)

    • 67 Comments
    Over the five years I’ve worked on Internet Explorer, I’ve probably seen more questions from the community about HTTP cookies than on any other topic. Cookies are an integral component of most websites in use today, and hence problems or unexpected...
  • IEInternals

    Bugs in IE8's Lookahead Downloader

    • 116 Comments
    All bugs mentioned in this post are now fixed . Internet Explorer has a number of features designed to render pages more quickly. One of these features is called the "Lookahead Downloader" and it's used to quickly scan the page as it comes in, looking...
  • IEInternals

    IE8's Native XMLHttpRequest Object Restrictions, Bugs, and Notes

    • 8 Comments
    Protocol Restriction Internet Explorer's native XMLHTTPRequest object permits requests to HTTP and HTTPS only; requests to FILE, FTP, or other URI schemes are blocked. Update : IE10 XHR supports CORS . Method Restriction The object permits only the...
  • IEInternals

    Unshackling IE8 Performance

    • 37 Comments
    In general, IE8 is a significantly faster browser than prior versions. We made a number of major investments throughout the browser’s code to help ensure that IE users will have a great real-world experience on the web. However, it is definitely the...
  • IEInternals

    Internet Explorer's Cache-Control Extensions

    • 5 Comments
    Some time ago, I wrote a summary of how Internet Explorer’s cache works . At the time, I left out mention of the two cache-control directives introduced by IE5: pre-check and post-check . These directives enable a “background update”...
  • IEInternals

    Protecting ActiveX Controls

    • 0 Comments
    When evaluating the security of Internet Explorer’s ActiveX support, there are two threats to consider: · Malicious controls · Malicious websites To mitigate the threat of malicious ActiveX controls (malware), features like the IE8 SmartScreen...
  • IEInternals

    Retiring IE6...

    • 6 Comments
    Often, folks ask us why we continue to support IE6. The short answer is that because we've committed to doing so . But more importantly, even if we dropped support, most people who want to use IE6 would still use it anyway, just without the benefit of...
Page 7 of 8 (199 items) «45678