ie7 - Dave's Blog

Search

HTML 5 Video Element for Internet Explorer

2010 Feb 22, 3:19Cristian Adam has created a HTML5 Video plugin for IE. Cool!PermalinkCommentshtml html5 video plugin ie7 ie8 ie technical web browser cristian-adam

Understanding and Working in Protected Mode Internet Explorer

2010 Jan 12, 7:10Info on writing apps to work with low rights mode in IE7 and IE8. Includes info on elevation policy for applicationsPermalinkCommentstechnical programming ie ie7 ie8 security elevation msdn microsoft windows

John Resig - Deep Tracing of Internet Explorer

2009 Nov 19, 3:46A free tool dynaTrace Ajax provides "full tracing analysis of Internet Explorer 6-8 (including JavaScript, rendering, and network traffic)". Looks pretty too...PermalinkCommentsie ie6 ie7 ie8 performance web http html javascript browser technical

The WHATWG Blog » Blog Archive » Sniffing for RSS 1.0 feeds served as text/html

2009 Sep 29, 10:54How Firefox and IE7&8 perform feed sniffingPermalinkCommentsrss feed atom mime mime-sniffing sniffing mimetype web browser html5 technical

Internet Explorer 8 Released

2009 Mar 20, 6:18

Our Fearless Leader reveals IE8 at MIX09. Photo by DBegley.IE8, the software I've been working on for some time now, has finally been released at MIX09.

As I mentioned previously, I worked on accelerators (previously named Activities) in IE8. Looking at the kinds of things I blog about on the IE Blog, you might also correctly guess that I work on the networking stack. Ask me about what else I worked on during IE8 development. The past few months were very busy for me and I'm happy this is finally out.PermalinkCommentstechnical internet explorer ie8

Text/Plain Fragment Bookmarklet

2008 Nov 19, 12:58

The text/plain fragment documented in RFC 5147 and described on Erik Wilde's blog struck my interest and, like the XML fragment, I wanted to see if I could implement this in IE. In this case there's no XSLT for me to edit so, like my plain/text word wrap bookmarklet I've implemented it as a bookmarklet. This is only a partial implementation as it doesn't implement the integrity checks.

Check out my text/plain fragment bookmarklet.

PermalinkCommentstext url boring bookmarklet uri plain-text javascript fragment

XSLT Meddler Script

2008 Nov 9, 11:25

I've made an XSLT Meddler script in my continued XSLT adventures. Meddler is a simple and easy web server that runs whatever JScript.NET code you give it. I wrote a script that takes an indicated XSLT on the server, downloads an indicated XML from the Internet and returns the result of running that XML through the XSLT. This is useful when you want to work with something like the Zune software or IE7's feed platform which only reads feeds over the HTTP protocol. I'll give more interesting and specific examples of how this could be useful in the future.

PermalinkCommentsmeddler technical xml script xslt

IE8 Beta2 Shipped

2008 Aug 27, 11:36

Internet Explorer 8 Beta 2 is now available! Some of the new features from this release that I really enjoy are Tab Grouping, the new address-bar, and InPrivate Subscriptions.

Tab Grouping groups tabs that are opened from the same page. For example, on a Google search results page if you open the first two links the two new tabs will be grouped with the Google search results page. If you close one of the tabs in that group focus goes to another tab in that group. Its small, but I really enjoy this feature and without knowing exactly what I wanted while using IE7 and FF2 I knew I wanted something like this. Plus the colors for the tab groups are pretty!

The new address bar and search box makes life much easier by searching through my browsing history for whatever I'm typing in. Other things are searched besides history but since I ignore favorites and use Delicious I mostly care about history. At any rate its one of the things that makes it impossible for me to go machines running IE7.

InPrivate Subscriptions allows you to subscribe to a feed of URLs from which IE should not download content. This is intended for avoiding sites that track you across websites and could sell or share your personal information, but this feature could be used for anything where the goal is to avoid a set of URLs. For example, phishing, malware sites, ad blocking, etc. etc. I think there's some interesting uses for this feature that we have yet to see.

Anyway, we're another release closer to the final IE8 and I can relax a little more.

PermalinkCommentsmicrosoft browser technical ie8 ie

Leaking Information Through Delicious

2008 May 18, 6:45

While re-reading Cryptonomicon I thought about what kind of information I'm leaking by posting links on Delicious. At work I don't post any Intranet websites for fear of revealing anything but I wondered if not posting would reveal anything. For instance, if I'm particularly busy at work might I post less indicating something about the state of the things I work on? I got an archive of my Delicious posts via the Delicious API and then ran it through a tool I made to create a couple of tables which I've graphed on Many Eyes

I've graphed my posts per week and with red lines I've marked IE7 and IE8 releases as stated by Wikipedia. As you can see, there doesn't seem to be much of a pattern so I suppose my concerns we're unfounded. I use it for both work and non-work purposes and my use of Delicious isn't that consistent so I don't think it would be easy to find a pattern like I was thinking about. Perhaps if many people from my project used Delicious and that data could be compared together it might be easier.
For fun I looked at my posts per day of week which starts off strong on Mondays and decreases as the week goes on, and my posts per hour of day. It looks like I mostly post around lunch and on the extremes I've only posted very late at night twice at 4am: converting media for the Zune, and Penn's archive of articles. In the morning at 7am I've posted only once: document introducing SGML.PermalinkCommentsmanyeyes graph cryptonomicon delicious

URI Fragment Info Roundup

2008 Apr 21, 11:53

['Neverending story' by Alexandre Duret-Lutz. A framed photo of books with the droste effect applied. Licensed under creative commons.]Information about URI Fragments, the portion of URIs that follow the '#' at the end and that are used to navigate within a document, is scattered throughout various documents which I usually have to hunt down. Instead I'll link to them all here.

Definitions. Fragments are defined in the URI RFC which states that they're used to identify a secondary resource that is related to the primary resource identified by the URI as a subset of the primary, a view of the primary, or some other resource described by the primary. The interpretation of a fragment is based on the mime type of the primary resource. Tim Berners-Lee notes that determining fragment meaning from mime type is a problem because a single URI may contain a single fragment, however over HTTP a single URI can result in the same logical resource represented in different mime types. So there's one fragment but multiple mime types and so multiple interpretations of the one fragment. The URI RFC says that if an author has a single resource available in multiple mime types then the author must ensure that the various representations of a single resource must all resolve fragments to the same logical secondary resource. Depending on which mime types you're dealing with this is either not easy or not possible.

HTTP. In HTTP when URIs are used, the fragment is not included. The General Syntax section of the HTTP standard says it uses the definitions of 'URI-reference' (which includes the fragment), 'absoluteURI', and 'relativeURI' (which don't include the fragment) from the URI RFC. However, the 'URI-reference' term doesn't actually appear in the BNF for the protocol. Accordingly the headers like 'Request-URI', 'Content-Location', 'Location', and 'Referer' which include URIs are defined with 'absoluteURI' or 'relativeURI' and don't include the fragment. This is in keeping with the original fragment definition which says that the fragment is used as a view of the original resource and consequently only needed for resolution on the client. Additionally, the URI RFC explicitly notes that not including the fragment is a privacy feature such that page authors won't be able to stop clients from viewing whatever fragments the client chooses. This seems like an odd claim given that if the author wanted to selectively restrict access to portions of documents there are other options for them like breaking out the parts of a single resource to which the author wishes to restrict access into separate resources.

HTML. In HTML, the HTML mime type RFC defines HTML's fragment use which consists of fragments referring to elements with a corresponding 'id' attribute or one of a particular set of elements with a corresponding 'name' attribute. The HTML spec discusses fragment use additionally noting that the names and ids must be unique in the document and that they must consist of only US-ASCII characters. The ID and NAME attributes are further restricted in section 6 to only consist of alphanumerics, the hyphen, period, colon, and underscore. This is a subset of the characters allowed in the URI fragment so no encoding is discussed since technically its not needed. However, practically speaking, browsers like FireFox and Internet Explorer allow for names and ids containing characters outside of the defined set including characters that must be percent-encoded to appear in a URI fragment. The interpretation of percent-encoded characters in fragments for HTML documents is not consistent across browsers (or in some cases within the same browser) especially for the percent-encoded percent.

Text. Text/plain recently got a fragment definition that allows fragments to refer to particular lines or characters within a text document. The scheme no longer includes regular expressions, which disappointed me at first, but in retrospect is probably good idea for increasing the adoption of this fragment scheme and for avoiding the potential for ubiquitous DoS via regex. One of the authors also notes this on his blog. I look forward to the day when this scheme is widely implemented.

XML. XML has the XPointer framework to define its fragment structure as noted by the XML mime type definition. XPointer consists of a general scheme that contains subschemes that identify a subset of an XML document. Its too bad such a thing wasn't adopted for URI fragments in general to solve the problem of a single resource with multiple mime type representations. I wrote more about XPointer when I worked on hacking XPointer into IE.

SVG and MPEG. Through the Media Fragments Working Group I found a couple more fragment scheme definitions. SVG's fragment scheme is defined in the SVG documentation and looks similar to XML's. MPEG has one defined but I could only find it as an ISO document "Text of ISO/IEC FCD 21000-17 MPEG-12 FID" and not as an RFC which is a little disturbing.

AJAX. AJAX websites have used fragments as an escape hatch for two issues that I've seen. The first is getting a unique URL for versions of a page that are produced on the client by script. The fragment may be changed by script without forcing the page to reload. This goes outside the rules of the standards by using HTML fragments in a fashion not called out by the HTML spec. but it does seem to be inline with the spirit of the fragment in that it is a subview of the original resource and interpretted client side. The other hack-ier use of the fragment in AJAX is for cross domain communication. The basic idea is that different frames or windows may not communicate in normal fashions if they have different domains but they can view each other's URLs and accordingly can change their own fragments in order to send a message out to those who know where to look. IMO this is not inline with the spirit of the fragment but is rather a cool hack.

PermalinkCommentsxml text ajax technical url boring uri fragment rfc

Martian Headsets - Joel on Software

2008 Mar 19, 11:30Excellent rant on the history and state of IE8's decision to default to super-standards mode vs IE7 mode.PermalinkCommentsbrowser internet browser-war ie microsoft history w3c standard standards html css joel-on-software

Add Feeds to Google Reader in Internet Explorer 7

2008 Mar 17, 12:51Google toolbar updates the IE Feed View like I had suggested on my blog.PermalinkCommentsgoogle ie rss feed ie7 browser via:walter

Feed Folder Deprecated; Use Internet Explorer 8

2008 Mar 7, 7:20

Internet Explorer 8 has made my plugin Feed Folder obselete in functionality and implementation -- which is good!

IE8's Feed Folder feature screen shot.IE7 Feed Folder plugin screen shot.

I made Feed Folder for IE7 because I wanted the Live Bookmarking feature from FireFox. The Feed Folder plugin for IE7 would allow you to display your feeds as virtual folders in your Links Bar. When your feed is updated the virtual folder is updated as well with the new feed items. I use del.icio.us to store all my links so I could add virtual folders of my daily links, my friends blogs links, quick reference links, etc. etc.

My plugin relied on shell folders to implement the virtual folders I described above, but IE8 doesn't support shell folders in the Favorites Bar. But I'm OK with Feed Folder not working in IE8 since there's a much better implementation already there. IE8 does better than my plugin on a number of points: First, there isn't the horrible perf. issue that my plugin had on Vista. Second, when a feed is updated the virtual folder flashes to note the change in status. Third, unread items are bolded and the bolding bubbles up from feeds contained in subfolders. And lastly, the middle click button is supported to open items in a new tab.

Accordingly, I don't plan to work on Feed Folder anymore unless someone comes up with a good reason. Instead I mark Feed Folder deprecated and suggest you use Internet Explorer 8 instead.

To use this feature in IE8 simply drag a feed from your feed list in your Favorites Center onto your Favorites Bar. Or, when viewing a feed, click on the 'Add to Favorites' Star Plus icon thing in the upper left, and select 'Monitor on Favorites Bar'. A .url Internet Shortcut file is produced as usual, but if you open up the .url file you'll see there's some additional info about the feed.

PermalinkCommentsie8 feed feedfolder plugin technical browser ie rss

MSIE facilitates Cross Site Scripting [splitbrain.org]

2008 Mar 6, 2:22Using IE's mimetype sniffing for XSS attacks.PermalinkCommentsmime http sniffing sniff security browser ie ie7 pdf

IPv6 Roundup: Address Syntax on Windows

2008 Jan 9, 11:34

IPv6 address syntax consists of 8 groupings of colon delimited 16-bit hex values making up the 128-bit address. An optional double colon can replace any consecutive sequence of 0 valued hex values. For example the following is a valid IPv6 address: fe80::2c02:db79

Some IPv6 addresses aren't global and in those cases need a scope ID to describe their context. These get a '%' followed by the scope ID. For example the previous example with a scope ID of '8' would be: fe80::2c02:db79%8

IPv6 addresses in URIs may appear in the host section of a URI as long as they're enclosed by square brackets. For example: http://[fe80::2c02:db79]/. The RFC explicitly notes that there isn't a way to add a scope ID to the IPv6 address in a URI. However a draft document describes adding scope IDs to IPv6 addresses in URIs. The draft document uses the IPvFuture production from the URI RFC with a 'v1' to add a new hostname syntax and a '+' instead of a '%' for delimiting the scope id. For example: http://[v1.fe80::2c02:db79+8]/. However, this is still a draft document, not a final standard, and I don't know of any system that works this way.

In Windows XPSP2 the IPv6 stack is available but disabled by default. To enable the IPv6 stack, at a command prompt run 'netsh interface ipv6 install'. In Vista IPv6 is the on by default and cannot be turned off, while the IPv4 stack is optional and may be turned off by a command similar to the previous.

Once you have IPv6 on in your OS you can turn on IPv6 for IIS6 or just use IIS7. The address ::1 refers to the local machine.

In some places in Windows like UNC paths, IPv6 addresses aren't allowed. In those cases you can use a Vista DNS IPv6 hack that lives in the OS name resolution stack that transforms particularly crafted names into IPv6 addresses. Take your IPv6 address, replace the ':'s with '-'s and the '%' with an 's' and then append '.ipv6-literal.net' to the end. For example: fe80--2c02-db79s8.ipv6-literal.net. That name will resolve to the same example I've been using in Vista. This transformation occurs inside the system's local name resolution stack so no DNS servers are involved, although Microsoft does own the ipv6-literal.net domain name.

MSDN describes IPv6 addresses in URIs in Windows and I've described IPv6 addresses in URIs in IE7. File URIs in IE7 don't support IPv6 addresses. If you want to put a scope ID in a URI in IE7 you use a '%25' to delimit the scope ID and due to a bug you must have at least two digits in your scope ID. So, to take the previous example: http://[fe80::2c02:db79%2508]/. Note that its 08 rather than just 8.

PermalinkCommentsroundup ip windows ipv6 technical microsoft boring syntax

IEBlog: URI Comparison Functions

2007 Oct 24, 6:20I have a new post on the IE Blog on the topic of Win32 URI Comparison Functions.
I've blogged there previously on the topics of IPv6 URIs in IE7, International Mailto URIs in IE7, File URIs in Windows, and CreateURLMoniker Considered Harmful. Hooray for URIs!PermalinkCommentsmicrosoft technical blog url win32 ie windows uri

The Microsoft Security Response Center (MSRC) : MSRC Blog: Additional Details and Background on Security Advisory 943521

2007 Oct 11, 5:57Notes on two URI & ShellExecute related Microsoft security issues.PermalinkCommentsmsrc shellexecute windows security microsoft ie ie7

Ad Blocking built into IE7

2007 Sep 11, 2:55There's been some news recently on some guy hating on FireFox for its ad-blocking.

On a similar note here's a fun tip for IE7 users I got from Eric. You can get decent ad-blocking in IE7 by putting ad servers in the restricted zone. By default script inclusion is blocked between different zones so you can put domains that serve up ads in your restricted zone after which, normal internet zone sites won't be able to include script from them. This covers most of the ads I run into these days.

I use Fiddler to figure out the domains that are serving up ads which incidentally also has an ad-blocking^H^H^H^H general purpose content blocking plugin. Here's a screenshot of Slashdot and ArsTechnica from my browser. Notice the large blank areas in the screenshots:
PermalinkCommentsad-blocking personal ad ie7 technical browser tip ie

IEBlog : Scripting Debugging in Internet Explorer

2007 Sep 7, 11:29Info on debugging script in IE.PermalinkCommentsie ie7 blog javascript debug debugger debugging web development programming vbscript tools tool download browser reference microsoft msdn

ErrorZilla err ErrorSoft

2007 Aug 21, 4:04Seeing ErrorZilla I realized I could easily do a similar thing to the IE7 404 page using the same technique I used for the XML view and the feed view.

So that's what I did: I made a new 404 page for IE7. There's not much new here technically if you've read the previous blog entries to which I linked. My 404 page change adds links to the Internet Archive, the Coral Cache, and Whois Tool.PermalinkCommentsarchive personal res cache resource ie7 technical browser whois 404 error extension
Older Entries Creative Commons License Some rights reserved.