Welcome to MSDN Blogs Sign in | Join | Help

August 2009 - Posts

Friday, August 28, 2009 6:53 PM

Same Origin Policy Part 1: No Peeking

Despite its role as the cornerstone of web application security, it’s clear that many (most?) web professionals do not understand Same Origin Policy (SOP), or hold one or more misconceptions about what SOP requires. It’s a big topic, and I don’t plan
Posted by EricLaw | 3 Comments
Filed under: , , ,
Wednesday, August 26, 2009 12:24 AM

HowTo: Organize Favorites using Windows Explorer

Here's a fun little tip from the "Things I didn't know about my own product " file: If you want to organize your favorites using a full Windows Explorer instance instead of the far more limited "Organize Favorites" dialog box, hold SHIFT while clicking
Posted by EricLaw | 0 Comments
Filed under:
Monday, August 24, 2009 11:29 PM

It was only a matter of time...

It looks like the days of "security by obscurity" protection for Mac users may be coming to a close. As described over on Brian Krebs' blog , socially-engineered malware authors are now going after Mac OS X users with targeted exploits that attack both
Posted by EricLaw | 1 Comments
Filed under:
Friday, August 21, 2009 11:50 PM

My browser is acting funny…

As browser users go, I’m pretty savvy. I’ve been on the IE team for nearly half a decade, and I’ve been writing browser extensions for twice as long. I read networking source code for entertainment, I spend my free time writing a web debugger , and I
Posted by EricLaw | 23 Comments
Thursday, August 20, 2009 7:53 PM

Getting the Server's Certificate Chain from WinINET

Over the last few years, a number of folks have lamented that there's no good way to get the server's complete certificate chain from a WinINET HTTP response. That has changed with the release of the new WinINET shipping in Windows 7 / IE8. INTERNET_OPTION_SERVER_CERT_CHAIN_CONTEXT
Posted by EricLaw | 0 Comments
Filed under: , , , ,
Thursday, August 20, 2009 4:00 PM

Internet Explorer Cookie Internals (FAQ)

Over the five years I’ve worked on Internet Explorer, I’ve probably seen more questions from the community about HTTP cookies than on any other topic. Cookies are an integral component of most websites in use today, and hence problems or unexpected behaviors
Posted by EricLaw | 13 Comments
 
Page view tracker