Simon Willison’s Weblog

Subscribe

Items tagged ie

Filters: ie × Sorted by date

2020 Web Milestones (via) A lot of stuff is happening in 2020! Mike Sherov rounds it up—highlights include the release of Chromium Edge (Microsoft’s Chrome-powered browser for Windows 7+), Web Components supported in every major browser, Deno 1.x, SameSite Cookies turned on by default (which should dramatically reduce CSRF exposure) and Python 2 and Flash EOLs.

# 24th January 2020, 4:43 am / csrf, ie, python, javascript, flash, web, chrome, deno, samesite

What data structures are used to implement the DOM tree?

You may enjoy this post from Hixie back in 2002 which illustrates how different browsers deal with incorrectly nested HTML. IE6 used to create a tree that wasn’t actually a tree! http://ln.hixie.ch/?start=103791...

[... 49 words]

Internet Explorer Platform Preview Guide for Developers (via) Lots of SVG and CSS3 stuff, no mention of canvas here either though.

# 16th March 2010, 6:36 pm / svg, css3, ie9, ie, microsoft, canvas, html5

An Early Look At IE9 for Developers (via) Surprisingly, no mention of SVG or canvas and only a note in passing about HTML 5.

# 16th March 2010, 6:11 pm / svg, canvas, html5, ie, ie9, microsoft

Internet Explorer: Global Variables, and Stack Overflows. An extremely subtle IE bug—if your recursive JavaScript function is attached directly to the window (global) object, IE won’t let you call it recursively more than 12 times.

# 2nd March 2010, 9:21 am / bugs, javascript, recursion, internet-explorer, ie

Internet Explorer Cookie Internals (FAQ). Grr... IE 6, 7 and 8 don’t support the max-age cookie argument, forcing you to use an explicit expiry date instead. This appears to affect the cache busting cookie pattern, where you set a cookie to expire in 30 seconds for any user who posts content and use the presence of that cookie to skip caches and/or send their queries to a master instead of slave database. If you have to use expires, users with incorrect system clocks may get inconsistent results. Anyone know of a workaround?

# 26th February 2010, 12:25 pm / caching, cachebusting, cookies, ie

Deep Tracing of Internet Explorer. dynaTrace Ajax looks like an awesome tool. For once, Internet Explorer has a development tool that other browsers can be jealous of.

# 18th November 2009, 8:06 am / dynatraceajax, ie, internet-explorer, debugging, javascript, ajax, john-resig

Given the security issues with plugins in general and Google Chrome in particular, Google Chrome Frame running as a plugin has doubled the attach area for malware and malicious scripts. This is not a risk we would recommend our friends and families take.

Microsoft spokesperson

# 24th September 2009, 4:49 pm / microsoft, google, chrome, chromeframe, security, ie, plugins

More technical details about Google Chrome Frame. It’s implemented as a Browser Helper Object, uses IE’s cookies, history and password-remembering, includes the WebKit developer tools and appends “chromeframe” to the regular IE user agent string—though not apparently the Chrome Frame version itself.

# 23rd September 2009, 10:20 pm / google, chromeframe, chrome, bho, ie

Ask browser users, and they'll tell you the overwhelming reason why they can't upgrade to a more modern, standards-compliant browser is because their work won't let them. Ask IT departments why this is the case and they'll point to the six- to seven-figure costs of upgrading turn-of-the-century Intranets written to work in, and only in, Internet Explorer 6. Google have provided a way for websites to opt out of IE6 (and even IE7) support without requiring enterprise-wide, Intranet-breaking browser upgrades.

Charles Miller

# 23rd September 2009, 3:08 pm / chrome, chromeframe, google, ie, ie6, charles-miller

In the past, the Google Wave team has spent countless hours solely on improving the experience of running Google Wave in Internet Explorer. We could continue in this fashion, but using Google Chrome Frame instead lets us invest all that engineering time in more features for all our users, without leaving Internet Explorer users behind.

Lars Rasmussen and Adam Schuck

# 23rd September 2009, 9:59 am / lars-rasmussen, adam-schuck, google-wave, chrome, ie, google, wave, chromeframe

Introducing Google Chrome Frame. Here’s what Alex Russell has been up to at Google: An IE plugin (for 6, 7 and 8 on all Windows versions) which embeds the Google Chrome rendering engine—sites can then opt-in to using it by including a X-UA-Compatible meta tag. Seems to be aimed at corporate networks which mandate IE for badly written intranet applications—they can roll this out without retraining users to use another browser or breaking their existing in house apps.

# 23rd September 2009, 9:57 am / alex-russell, chromeframe, google, ie, webkit, chrome, xuacompatible

Microsoft backs long life for IE6. Oh FFS... “The software giant said it would support IE6 until 2014—four years beyond the original deadline.”

# 14th August 2009, 2:53 pm / ie6, ffs, microsoft, ie, browsers

Microsoft was slowing development of new versions of Internet Explorer in the hope that Web-based applications would not be able to compete with Windows applications, and Windows applications would keep people locked in to the Windows operating system. Thus XHTML2 was developed with no expectation that the leading Web browser would ever implement it.

David Baron

# 8th July 2009, 8:30 pm / david-baron, xhtml, xhtml2, microsoft, ie, web-standards

Cross Browser Base64 Encoded Images Embedded in HTML (via) Scarily clever. View the PHP source to see what’s going on—most browsers get image tags that use data URIs starting with data:image/png;base64, but IE gets served a Content-type:message/rfc822 header and a MIME formatted multipart/related document, as used by e-mail clients to embed inline image attachments.

# 17th April 2009, 4:12 pm / hedger-wang, base64, browsers, ie, internet-explorer, mime, php

cufon. A promising alternative to sIFR, cufon uses VML on IE and canvas on other browsers to render custom fonts in the browser. You have to convert your font to JavaScript first, either using their free hosted tool or by installing the FontForge based server-side script yourself. The JavaScript encoded font file uses VML primitives to improve IE performance; the JavaScript library converts that to canvas calls for other, faster browsers.

# 6th April 2009, 10:29 pm / cufon, browsers, fonts, vml, ie, fontforge, sifr, typography, canvas, javascript

Pwn2Own trifecta: Hacker exploits IE8, Firefox, Safari. You just can’t trust browser security: Current versions of Safari, IE8 and Firefox all fell to zero-day flaws at an exploit competition. None of the vulnerabilities have been disclosed yet.

# 19th March 2009, 3:30 pm / pwn2own, browsers, security, firefox, safari, ie, ie8

Fixing IE by porting Canvas to Flash. Implementing canvas using Flash is an obvious step, but personally I’m much more interested in an SVG renderer using Flash that finally brings non-animated SVGs to IE.

# 15th March 2009, 1:34 pm / svg, flash, canvas, ie

Ehy IE8, I Can Has Some Clickjacking Protection? (via) IE8 has built-in protection against clickjacking, but it’s opt-in (with a custom HTTP header) and IE only. It turns out the usual defence against clickjacking (using framebusting JavaScript) doesn’t work in IE as it can be worked around with a security=“restricted” attribute on an iframe.

# 29th January 2009, 1:39 pm / clickjacking, ie, ie8, http, security, javascript, iframes

Microsoft: Big Security Hole in All IE Versions. Looks like a 0-day that’s being actively exploited.

# 16th December 2008, 8:26 pm / ie, security, 0day, internet-explorer, microsoft

The March of Access Control. The W3C Access Control specification is set to become a key technology in enabling secure cross-domain APIs within browsers, and since it addresses a legitimate security issue on the web I hope and expect it will be rolled out a lot faster than most other specs.

# 19th November 2008, 8:40 am / accesscontrol, john-resig, ie, browsers, security, crossdomain

On UI Quality (The Little Things): Client-side Image Resizing. Two neat tips for cleanly scaling down images in IE 6 and 7 from Flickr’s Scott Schiller.

# 12th November 2008, 11 pm / scott-schiller, flickr, imagescaling, ie

The greatest coup Microsoft pulled with Internet Explorer was putting the word "Internet" in its name. It sits there, on the desktop of every new Windows computer, and it says "Internet". So you click it. [...] What better way to beat a browser with the word "Internet" in its name - a browser that seemingly can't be beat no matter how hard we try - than the Internet Company itself making a browser?

Tom Armitage

# 3rd September 2008, 10:19 am / microsoft, tom-armitage, google, browsers, ie, chrome

Obscure bugs revisited: IE, HTTPS and plugins. Filed for future reference: IE breaks mysteriously if you serve it up plugin content (e.g. Flash) over HTTPS with a no-cache header—it deletes the file from cache before the plugin software gets a chance to open it.

# 30th May 2008, 9:54 am / ie, internet-explorer, https, caching, plugins, flash, richard-terry, bugs

Reading binary files using Ajax. There’s a simple trick for Firefox, and (amazingly) you can get IE to play along using a function written in VBScript.

# 22nd April 2008, 7:02 pm / binary, ajax, ie, firefox, vbscript, javascript, xmlhttprequest

Flirting with mime types [PDF] (via) Different browsers have different rules for which content types will be treated as active content (and hence could be vectors for XSS attacks). IE uses a blacklist rather than a whitelist and hence rendered active content for 696 of the tested content types.

# 14th April 2008, 8:18 am / ie, internet-explorer, browsers, contenttypes, security, xss

CSS Compatibility and Internet Explorer (via) Official Microsoft guide to which CSS properties are supported by which versions of IE. This is the kind of documentation browser vendors should be providing as a matter of course.

# 2nd April 2008, 8:05 pm / css, microsoft, ie, documentation, standards

Gears 0.2 Released! New modules are HttpRequest and Timer, both for use within workers (which provide Erlang-style message passing concurrency). Particularly interesting is that the Gears HttpRequest module can be used for much cleaner Comet implementations in IE.

# 5th March 2008, 12:21 am / ie, google-gears, comet, javascript

We've decided that IE8 will, by default, interpret web content in the most standards compliant way it can. This decision is a change from what we've posted previously.

IEBlog

# 4th March 2008, 3 am / ie8, web-standards, internet-explorer, ie

If you want CSS rules to apply to unknown elements in IE, you just have to do document.createElement(elementName). This somehow lets the CSS engine know that elements with that name exist.

Sjoerd Visscher

# 22nd January 2008, 8:27 pm / css, ie, sjoerdvisscher