This blog is closed as of 2/2015. @EricLaw left Microsoft in 2012, but was named an IE MVP in '13 & an IE userAgent ( in '14.

  • IEInternals

    Why Won’t IE Remember My Login Info?

    Over on the Microsoft Answers forum , some folks have reported that Internet Explorer doesn’t remember their login details. This is a tricky problem to troubleshoot because there are a number of different problems which get lumped together under...
  • IEInternals

    Internet Explorer 11’s Many User-Agent Strings

    If you found this post, chances are good that you’re searching for IE11’s User-Agent string. Why? Were you planning to control your website’s behavior based on the browser “sniffed” from the User-Agent (UA) string?...
  • IEInternals

    Understanding Enhanced Protected Mode

    Last week, Andy Zeigler announced the introduction of Enhanced Protected Mode (EPM) over on the IEBlog. In today’s post, I’d like to provide further technical details about EPM to help security researchers, IT professionals, enthusiasts, and...
  • IEInternals

    XDomainRequest - Restrictions, Limitations and Workarounds

    Update : Internet Explorer 10+ supports CORS using XMLHTTPRequest . IE11 deprecates the XDomainRequest object and it is not available in IE11 Edge mode. In Internet Explorer 8, the XDomainRequest object was introduced. This object allows AJAX applications...
  • IEInternals

    Handling Mixed (HTTPS/HTTPS) Content

    Update: IE9 includes improved handling of Mixed Content. Click to learn more... Background As we developed Internet Explorer 8, we spent quite a bit of time pondering what to do about IE7’s infamous “Mixed Content” warning prompt...
  • IEInternals

    Q&A: 64-Bit Internet Explorer

    From time to time, folks ask a variety of questions about 64bit IE. I hope to answer the most common questions here. NEW : Internet Explorer 10+ uses x64 in a fundamentally different way than IE7, IE8, and IE9, the versions for which the post below...
  • IEInternals

    Combating ClickJacking With X-Frame-Options

    Back in January of 2009, I announced IE8’s support for a new header-specified directive: X-Frame-Options , that can be used to mitigate ClickJacking attacks. As a declarative security measure , X-Frame-Options has minimal compatibility impact, but...
  • IEInternals

    Everything you need to know about Authenticode Code Signing

    In today’s post, I’ll be discussing the use of Authenticode to sign software programs; this post will be of interest primarily to software developers. Large software companies (like Microsoft) often have an entire team dedicated to the code...
  • IEInternals

    Internet Explorer Cannot Download https://something

    Earlier today, I was asked to troubleshoot a secure site where file downloads were always failing . Having seen this problem many times often over the years, I immediately suspected that the web developer wasn’t aware that if a user tries...
  • IEInternals

    Understanding Certificate Revocation Checks

    Recently, there’s been some interest in how clients perform Certificate Revocation checks and browsers behave in the event that a revocation check cannot be completed. In today’s post, I’ll explain Internet Explorer’s default behavior...
  • IEInternals

    Internet Explorer Cookie Internals (FAQ)

    Over the five years I’ve worked on Internet Explorer, I’ve probably seen more questions from the community about HTTP cookies than on any other topic. Cookies are an integral component of most websites in use today, and hence problems or unexpected...
  • IEInternals

    Understanding Web Proxy Configuration

    Over the last decade, I’ve come to learn a lot about web proxies, having chosen to implement my web debugger as a proxy. In today’s post, I’ll provide an overview of proxy-related information, including information on changes in Internet...
  • IEInternals

    Forcing Internet Explorer To Forget To Not Remember

    All joking aside, last fall, I wrote about the variety of reasons why Internet Explorer might not offer to remember your password on a web form. As I mentioned then, you will not be re-prompted to save your password if you’ve previously declined...
  • IEInternals

    Stylesheet Limits in Internet Explorer

    KB 262161 outlines the maximum number of stylesheets and rules supported by Internet Explorer 6 to 9. A sheet may contain up to 4095 rules A sheet may @import up to 31 sheets @import nesting supports up to 4 levels deep Some folks have...
  • IEInternals

    Best Practice: Get your HEAD in order

    To ensure optimal performance and reliability when rendering pages, you should order the elements within the HEAD element carefully. First, I’ll explain the optimal order, and then explain the reasoning for this structure. Optimal Head Ordering...
  • IEInternals

    HTTPS and Keep-Alive Connections

    As we explore network performance on the “real-world web”, one bad pattern in particular keeps recurring, and it’s not something that our many IE9 Networking Performance Improvements alone will resolve. The bad pattern is the use...
  • IEInternals

    HTTPS Caching and Internet Explorer

    From time-to-time, I get questions about Internet Explorer’s behavior when it comes to caching of HTTPS-delivered content. It comes as a surprise to many that by-default, all versions of Internet Explorer will cache HTTPS content so long as the...
  • IEInternals

    URL Fragments and Redirects

    I’ve worked on the Internet Explorer team for six+ years, and on web sites for a decade longer, so I’m understandably excited when I come across a browser behavior I can’t explain. Last week, I encountered such a mystery, and it took...
  • IEInternals

    “Continue” Link Missing from Certificate Error Page?

    A user recently reported that IE11 wasn’t showing the “Continue” link on the certificate error page shown when visiting their 2009-era router’s configuration UI. They were curious why that link wasn’t shown in this instance...
  • IEInternals

    Avoid “Do not save encrypted pages to disk”

    Internet Explorer has an Advanced option named Do not save encrypted pages to disk . By default, this option is unchecked (except for Windows Server systems) and I recommend you leave it that way. In IE9, this option does exactly what it says...
  • IEInternals

    Client Certificate Selection Prompt

    The HTTPS protocol allows a secure server to request that the client verify their identity with a client certificate during the initial secure handshake. By presenting a client certificate, the browser helps further defeat man-in-the-middle attacks and...
  • IEInternals

    How to Uninstall Internet Explorer 9 Beta

    If you want to remove Internet Explorer 9 beta from your computer and go back to your older version of IE, you can do so by simply following these steps.
  • IEInternals

    The Intranet Zone

    Internet Explorer maps web content into one of five security zones. After the Local Machine Zone, the Local Intranet Zone is probably the most misunderstood of the Zones, and is a common source of confusion and compatibility glitches. Mapping into...
  • IEInternals

    Integrated Windows Authentication

    Inside Internet Explorer’s Tools > Internet Options > Advanced dialog, there’s an option named Enable Integrated Windows Authentication : This preference is stored using a REG_DWORD named EnableNegotiate inside HKCU\Software...
  • IEInternals

    Proxy-Authentication breaks many applications

    When I first joined Office, I worked on the team responsible for delivering Help, Templates, and ClipArt into the client applications. As we were testing our work in various simulated customer environments, we found a big problem. At least one big customer...
Page 1 of 9 (210 items) 12345»