IEInternals

Modern browser APIs like the GeoLocation API are designed to have an asynchronous consent experience, whereby the API simply will not undertake a privileged action until the user consents. Unfortunately, many browser features like popup windows and ActiveX...

Microsoft’s Security Research and Defense team has released an updated version of their Enhanced Mitigation Experience Toolkit (EMET), a tool that allows the application of enhanced security mitigations around the application of your choice. ...

When the IE team talks about Cross-Site-Scripting (XSS) attacks, we’ve usually grouped them into three categories Type 0: DOM-based XSS Type 1: “Reflected” XSS Type 2: Persistent/Stored XSS DOM-APIs like toStaticHTML...

Over on SuperUser , there’s a great explanation of how Windows determines whether a newly-connected network has a proper Internet connection, or whether the user should open a browser to login or click through a Terms of Use agreement. The general...

I’ve worked on the Internet Explorer team for six+ years, and on web sites for a decade longer, so I’m understandably excited when I come across a browser behavior I can’t explain. Last week, I encountered such a mystery, and it took...

Recently, there’s been some interest in how to control the use of Java within Internet Explorer. Java is a unique form of extensibility because it can be invoked in two ways: Using an APPLET element Using an OBJECT element with a CLSID...

KB 262161 outlines the maximum number of stylesheets and rules supported by Internet Explorer 6 to 9. A sheet may contain up to 4095 rules A sheet may @import up to 31 sheets @import nesting supports up to 4 levels deep Some folks have...

Internet Explorer has an Advanced option named Do not save encrypted pages to disk . By default, this option is unchecked (except for Windows Server systems) and I recommend you leave it that way. In IE9, this option does exactly what it says...

Applications that host the Web Browser Control have the opportunity to set the Silent flag to suppress all dialogs that the web browser control may generate. In some cases, this is useful, because it can help ensure a “quiet” user experience...

These days, I struggle to find time to keep up with all of the tech news, but there are a few streams I make a special effort to stay on top of. Ex-Internet Explorer Dave Risney posts items of interest about URIs, web standards, FiddlerCore and myriad...