Simon Willison’s Weblog

Subscribe

60 items tagged “ie”

2007

Jash: JavaScript Shell (via) An advanced JavaScript interactive shell bookmarklet that works in IE, Firefox, Opera and Safari. # 9th December 2007, 12:36 pm

Conversation with Bill Gates about IE8 and Microsoft Transparency. Molly asks the tough questions about IE8—it looks like there should be a lot of IE8 material at MIX08 next year. # 6th December 2007, 11:47 am

Transparent PNGs in Internet Explorer 6. 24ways kicks off again, with the first article introducing super-sleight, an updated script for getting transparent PNGs to work in IE6. # 1st December 2007, 12:03 am

DebugBar. Suggested at BarCamp London 3 as a useful tool for developing with IE; apparently includes a great JavaScript debugger. # 25th November 2007, 10:32 am

IE ActiveX(“htmlfile”) Transport, Part II. Fascinating tricks for working around IE memory leaks using explicit CollectGarbage() calls and setInterval() to an empty function. # 19th November 2007, 11:48 am

Using multiple classes within selectors. Pretty much definitive guide to using multiple classes in a CSS selector, including problems with IE 5 and 6 and one way of addressing them using conditional comments. # 11th November 2007, 11:07 pm

Global namespace pollution in IE. Another reason to avoid JavaScript global variables like the plague: IE creates a bunch of them for you which may well intefere with your own code. # 10th October 2007, 10:10 am

Seeking market share, Microsoft removes WGA anti-piracy check from IE7. Hopefully this will accelerate the rise of IE7 over IE6. # 5th October 2007, 11:55 pm

I have another technique [...] that I’ll be switching jQuery to. If you attempt to insert into the document.body before the document is fully loaded, an exception is thrown. I take advantage of that to determine when the document is fully loaded.

John Resig # 26th September 2007, 12:21 pm

DOMContentLoaded for IE, Safari, everything, without document.write. Stuart has taken Hedger’s recent IE technique, combined it with the others and compressed it in to a short-as-possible code snippet that you can paste in to your scripts without having to include the whole of jQuery/YUI/Dojo/Prototype. # 26th September 2007, 12:19 pm

IEContentLoaded. An alternative method of detecting DOMContentLoaded on IE; works by polling until the doScroll() method on an unattached element stops throwing errors. # 24th September 2007, 12:10 pm

HTTPOnly cookie support in Firefox. Five years after the bug was filed, HTTPOnly cookie support has gone in to the Mozilla 1.8 branch. This is a defence in depth feature that has been in IE for years—it lets you set cookies that aren’t available to JavaScript, and hence can’t be hijacked in the event of an XSS flaw. # 6th September 2007, 6:27 am

Operation Aborted. Another fantastically obscure IE bug: appending new elements to the HEAD element breaks if a BASE tag is present. # 16th August 2007, 11:21 am

Background Iframe (bgiframe). jQuery plugin that inserts an iframe shim behind an element in IE, allowing the element to be positioned overlapping a select box without the select box showing through. # 9th August 2007, 2:54 pm

Brendan Eich: New Projects. Exciting new projects from Mozilla. ActionMonkey is joined by IronMonkey (IronPython/IronRuby on Tamarin) and ScreamingMonkey (Tamarin for IE). Upgrading IE’s JavaScript using the Flash Player as a vector is a game-changing idea. # 26th July 2007, 8:05 pm

Does the idea of redefining the role of the Internet browser appeal to you? Do the terms HTTP, RSS, Microformats, and OpenID, excite you? If so, then this just might be the opportunity for you.

IE Team Job Ad # 18th July 2007, 7:43 am

Conflicting Absolute Positions. Neat technique, although it uses CSS expressions for IE compatibility so it may break down in IE 5 and 6 when JavaScript is disabled. # 17th July 2007, 10:44 pm

Gaping holes exposed in fully-patched IE 7, Firefox (via) Michal Zalewski released a new Firefox 2.0 vulnerability in addition to the IE cookie stealing one. # 6th June 2007, 9:57 am

IE vulnerability allows cookie stealing. Full exploit against the same-domain cookie origin policy, so malicious sites can steal cookies from elsewhere. Avoid using IE until this is patched. # 6th June 2007, 9:53 am

JavaScript Minifier that doesn’t break code (via) Perl re-implementation of Douglas Crockford’s classic JSMin that doesn’t clobber IE’s conditional comments, by Peter Michaux. # 4th June 2007, 5:44 pm

How to debug JavaScript with Visual Web Developer Express. Microsoft’s best kept secret: a decent free debugger for Internet Explorer that doesn’t require you to install Microsoft Office. # 2nd May 2007, 2:06 pm

Internet Explorer Application Compatibility VPC Image (via) Microsoft have made free VPC images of IE 6 and IE 7 available for testing, but they expire in August. # 20th April 2007, 4:47 pm

Avoid IE Brokenness When using Vary and Attachments (via) Django middleware that works around a bug in IE where external applications fail to load content that was served with a Vary header. # 9th April 2007, 9:41 am

IE and 2-letter domain-names (via) IE won’t let you set a cookie on XX.YY, where YY is anything other than .pl or .gr. Other browsers have better exception lists. # 15th February 2007, 12:33 am

IE JScript Performance Recommendations Part 3. Once again, Microsoft’s official advice is to avoid closures entirely rather than learn how to use them safely. Sigh. # 9th January 2007, 11:48 am

2006

Using hasLayout to fix bugs in IE. With illustrative screen shots. # 2nd December 2006, 2:10 pm

2005

Zero-Day Exploit Targets IE (via) Remote code execution. No patch yet; disable Active Scripting instead. # 22nd November 2005, 6:24 am

Internet Explorer 7. It’s been announced, but the stated focus is security and anti-phishing. No news on improved CSS. # 15th February 2005, 7:04 pm

2004

IE in Windows XP SP2. An overview of the new security changes. # 10th August 2004, 7:39 pm

2003

Nasty new IE vulnerability

Most people reading are probably aware of the common trick whereby spammers and other assorted ne’er-do-wells publish URLs with usernames that look like hostnames to fool people in to trusting a malicious site—for example, http://www.microsoft.com&session%123123123@simon.incutio.com. This trick is frequently used by spammers to steal people’s PayPal accounts, by tricking them in to “resetting” their password at a site owned by the spammer but disguised as PayPal.com.

[... 164 words]