K-Squared Ramblings

Upgrading the Web: IE8 Released

Microsoft released Internet Explorer 8 yesterday, for Windows XP and Vista. So if you’re still running IE6 it’s once again time to think about upgrading. (Assuming, of course, that you’re not locked in by corporate policy or another piece of software.)

IE6 is now two versions behind the current release.

IE6 is almost 8 years old (it was released in 2001).

IE6 is lacking in many capabilities that all other modern web browsers have, in web technology, in security, and in features you can use.

You can read a review at Wired, a write-up from the IE team, or a summary of technical changes from WaSP.

Of course, Internet Explorer isn’t the only option out there. There’s Firefox, Opera, Chrome and a host of other alternative browsers that are worth checking out.

If you’re still running Windows 2000 or some other old version of Windows that can’t run IE7 or IE8, I’d absolutely recommend Firefox or Opera. Either will be much better than IE6, both will run on Windows 2000, and Opera will even run on Windows Me and Windows 98 (but you really ought to move to something more current than Windows Me.)

Improving Browser Reliability

The IEBlog recently posted about their efforts to improve reliability in Internet Explorer 8, particularly the idea of “loosely-coupled IE” (or LCIE). The short explanation is that each tab runs in its own process, so if a web page causes the browser to crash, only that tab crashes — not the whole thing. (It is a bit more complicated, but that’s the principle.) Combine that with session recovery (load with the same set of web pages, if possible with the form data you hadn’t quite finished typing in), and you massively reduce the pain of browser crashes.

I’d like to see something like this picked up by Firefox and Opera as well. They both have crash recovery already, but it still means restoring the entire session. If you have 20 tabs open, it’s great that you don’t have to hunt them down again. But it also means you have to wait for 20 pages to load simultaneously. It would be much nicer to only have to wait for one (or, if I read the IE8 article correctly, three).

Edited to add:

On a related note, I’ve run into an interesting conflict between crash recovery and WordPress’ auto-save feature. If you start a new post, WordPress will automatically save it as a draft. If the browser crashes, it will bring up the new-post page, but restore most of the form data you filled in. So the title, the text of your post, etc will all be there. But WordPress will see it as a new post, and you’ll end up with a duplicate.

This wasn’t a major problem when I encountered it — I had to reset the categories, tags, and post slug after I hit publish (since I hadn’t noticed that they’d been reset to defaults), and I just deleted the older, partial version of the post — but I can imagine if I’d uploaded an image gallery, I would have been rather annoyed, since there’s no way (that I’ve noticed) to move images from one post to another. Reuse them, sure, but not such that the gallery feature would work.

First thoughts on IE8 Beta 1

Installed the first Internet Explorer 8 beta. Some thoughts:

I’m impressed that it can import settings from Firefox & Safari.

It detected Firefox extensions and even offered to look up similar add-ons. Unfortunately it was a big long search string with all the titles, and therefore a useless list of results for things like cameras (yeah, how am I supposed to install a $1000 Nikon D80 on my web browser?) and the hint book for Splinter Cell.

Activities: My first thought was, “hey, they’re doing stuff with microformats!” Which is key to the underlying support (recognizing types of data and only offering relevant services, like maps for locations but not for book titles). But on the face of it, it’s a lot more like the way Flock integrates with various web services: Set up your blogging provider, and you can easily send stuff to your blog. Though right now they mostly have Microsoft-hosted services.

“Emulate IE7″ appears to involve restarting in an alternate mode right now. I assume automatic switching is something planned for later betas.

Other than that, the UI seems about the same as IE7 so far.

It does indeed pass Acid2 (assuming the page isn’t swamped when you try to load it).

So, how else does its rendering differ?

Minor visual glitch: I have CSS-based banners on some pages (W3C validation, for instance), using spans with borders. If it’s on the last line of a page, IE will cut off the bottom border, because it extends past the end of the page. Other browsers show it. I’ve gotten around this in the past by adding a blank paragraph afterward, but now IE8 collapses the empty paragraph. That’s probably the correct thing to do, but it does mean adjusting things a bit. Not a big problem, though, because I’ve just noticed that it handles other pages fine, without the <p></p> workaround, which means that I’m probably already using a better solution elsewhere.

Several cases of re-styling UL lists seem to confuse it. The tabs running across the top of my Flash page, for instance, or the sidebar on the Alternative Browser Alliance. Others appear just as they do in other browsers (including IE7). This will bear investigation. (Edit: 2 different problems; see below.)

Still no sign of generated content. Beta 2? Please? Edit: according to CSS3.info, it does support generated content, but images don’t work (yet?). I’d been using this, progressive-enhancement–style, to add icons for outgoing links on my Flash site. It works in, well, everything else current.

Additionally: I’m surprised to see it so early, and to see it as a public beta and not something that required an MSDN login. And they had the sense to release a version for Windows XP! I was half-expecting it to be a Vista-only release, which would’ve been seriously annoying.

Further updates will be added below as I think of them.

It turns out the problem on the Alternative Browser Alliance menu wasn’t related to lists as I’d thought, but to a change in the CSS parser. For whatever reason, IE8b1 is susceptible to the Caio Hack (/*/*/ place code here /* comment */) normally used to hide CSS rules from Netscape 4. At this stage I should probably be able to remove it and not worry about NS4 anymore. (And it turns out that since I added media types to the link a while back, NS4 doesn’t even read the stylesheet in the first place!)

On the issue with the tabs on the Flash site, it looks like IE8b1 isn’t extending backgrounds beyond the text line on inline elements (oddly, also like NS4). This is probably what’s really going on with the CSS buttons I mentioned above. I’ll have to check which behavior is correct, but my money would be on the Gecko, Opera and WebKit interpretation. If so, this will probably be changed before the final release. If not, I’ll use inline-block instead. Which perhaps I should be doing anyway, except for the annoying fact that Firefox 2 doesn’t support inline-block and Firefox 3, which does, is still in beta.

I’ve reported the Caio Hack issue to Microsoft using their “Report a Webpage Problem” tool. The form emphasizes that you shouldn’t send anything that could identify you, so instead of reporting the problem on one of my own sites, I sent the page describing the hack. This probably means I reported it in the wrong way.

It looks like Activities isn’t actually context-sensitive yet, since it’s offering to show me a map even when I’ve selected random prose instead of an address.

Having messed with it more than I probably should over the last 24 hours, I’ve come to a decision: During beta 1, any rendering problem I encounter in IE8b1 that works the way I want it to in Gecko, Opera, Safari and IE7, I’m going to assume is a bug in beta 1. I’ll try to narrow them down & report them when I have a chance, but I won’t actually change my sites’ code (except for retargeting IE-specific workarounds) until at least beta 2.

Web Browsers of the Future

I’ve been using the Opera 9.5 previews across the board since September, and the Firefox 3 beta 2 on my secondary work computer for the past month, and I just can’t bring myself to go back. The full-history search available in both browsers has got to be the most useful new feature I’ve seen in a browser since inline spell-check.

Really, the only things holding me back from jumping up to Firefox 3 on my main computers at home and at work were Firebug and some of the HTML validator extensions. Firebug is complicated enough that I didn’t want to rely on the Nightly Tester Tools to disable the compatibility checks. Then I found out that there’s a Firebug beta that does work with Firefox 3. That was enough. Last night I took the plunge.

Meanwhile, things look good on the ditch-IE6 front. After last month’s false alarm due to a local maximum, it looks like IE7 has solidly overtaken IE6 on this site! For the first 13½ days of January, Internet Explorer accounted for 62.5% of total hits. IE7 was 33.5%, and IE6 was only 28.4%. Even better, that’s barely over 1 percentage point from Firefox’s 27.2%!

Most likely, a lot of people got new computers for Christmas. New Windows boxes would mostly be Vista, and would ship with IE7. Another factor might be techies visiting their relatives and helping clean up/update their computers. They might have taken the opportunity to install IE7 or Firefox.

IE8 will pass Acid2

Okay, this will mean nothing to most people out there, but to web developers, particularly those who use standards-based design to maximize compatibility with different browsers, this is monumental.

An internal build of Internet Explorer 8 has passed Acid2.

The Acid2 test was released in April 2005 to test a number of pieces of the HTML and CSS standards that, at the time, no modern browser handled according to spec. The purpose of the test was to prod browser developers into improving their products, and to do so consistently, so that developers would have more tools available for cross-browser sites.

At the time, Microsoft dismissed its its importance entirely. Even though they were working on rendering improvements for IE7, they stated that Acid2 was not one of their goals. Meanwhile Opera and Firefox were both in the wrong phase of their development cycles to make sweeping changes, so Safari jumped on it and became the first browser to pass. (Every once in a while I see someone say Opera was the first, and I have to wonder where they were.) Opera followed with version 9, and the Firefox 3 betas pass it as well.

With Gecko (Firefox), WebKit (Safari), Opera and IE accounting for the four biggest web browsers and the most popular minor browsers (Flock, Camino, Shiira, etc., plus IE shells like Maxthon), this shows unprecedented convergence among clients. It will be much easier to develop a cross-browser website that runs on IE8, Firefox 3, Opera 9+ and Safari 3+.

There are, of course, many aspects of the specs that aren’t covered by Acid2. And there are emerging standards like HTML5 and CSS3. And there are plenty of other bugs, quirks, and extensions among various browsers (IE’s bizarre concept of having layout, for instance, trips up all kinds of weird issues). And then there’s waiting for IE8 to be released, and moving people up from IE7, not to mention all the people we still have to move up from IE6. Full benefit is probably at least 3 or 4 years away. *sigh*

(via WaSP Buzz)

The Tipping Point?

I know global statistics still show IE7 only taking up 25%–35% of overall Internet Explorer usage, but stats on this site show a slightly different story (usually skewed toward the crowd more likely to install/upgrade a browser). For the first three days of December, I’m seeing more IE7 users than IE6.

Not by a lot. IE7 has 32.7% and IE6 has 30.3% of the total. And I expect it’ll level out or even reverse as stats from a regular work week filter in. But still, something has finally surpassed that moldering, zombified, shambling heap of a web browser.

Next step: getting Firefox’s numbers (currently 26.8%, also above the global levels) over IE6.

Come on, let’s put a stake in this relic. It’s done.

Update (Thursday): And now Microsoft is finally starting to talk about IE8…even if it is just to say they’ve picked out a name. Whee.

As for the stats, the gap has closed somewhat in the last 2 days, with IE7 at 31.6% and IE6 at 31.2%. This is definitely looking like a home/office split. I’m going to have to write a script sometime to do a daily breakdown of browser versions and see if this actually fits.

Update (Saturday): Yes, IE6 has caught up. 32.2% to 31.1%. *sigh* It turns out I was just seeing a local maximum.

Will Internet Explorer 7 finally put IE6 to rest?

Microsoft’s Internet Explorer Team reports on a new IE installer release. They’ve changed a couple of defaults, updated their tutorials… and dropped the requirement for Windows Genuine Advantage validation:

Because Microsoft takes its commitment to help protect the entire Windows ecosystem seriously, we’re updating the IE7 installation experience to make it available as broadly as possible to all Windows users. With today’s “Installation and Availability Update,” Internet Explorer 7 installation will no longer require Windows Genuine Advantage validation and will be available to all Windows XP users.

As much as I prefer alternatives like Firefox and Opera, I’ve been frustrated at the relatively slow uptake of IE7. It’s just insane that 6 years after its release, we’re still stuck designing for IE6 as the world’s most-used browser.

So who’s still running IE6?

1. People running older versions of Windows that can’t run IE7, and who haven’t switched to something else. (This is a pretty small percentage, judging by OS stats.)
2. People who don’t know how to upgrade to IE7, or why they should.
3. People who actually want to stay with IE6 (whether for technical reasons or just stubbornness)
4. People who would be happy to upgrade to IE7, except they can’t/won’t run WGA (on principle, or because it’s broken on their system, or because their OS is pirated).

I don’t know how big each group is, but Microsoft seems to think it’s worth going after #4.

It’ll be interesting to see whether there’s a jump in IE7’s marketshare relative to IE6. Maybe we’ll reach that next milestone sooner than I expected.

Web Browser Milestones

Two web browsers hit milestones on Net Applications’ stats for September: Safari has passed the 5% mark, hitting 5.07%, and Opera Mini has climbed onto the chart at 0.39%. That might not sound like much, but considering that nearly all web traffic is from desktop computers these days, for a mobile phone–only browser to reach that size is impressive.

A bit closer to home, this site is currently seeing 64.6% IE, 26.2% Firefox, 4.4% Safari, 1.2% Opera (which probably includes both the desktop and mini versions). Splitting IE into versions, we’ve got 35.9% IE6 and 28% IE7. We’re already at the point where IE6 users are a minority (albeit the largest one), and more than 50% of visitors are using something more modern.

I’m looking forward to the next 2 milestones: IE7 overtaking IE6, and Firefox overtaking IE6. Come to think of it, I’d really like to get rid of IE6. Its time has passed, and the web will be better off without it, just as it’s better off without Netscape 4.

Firefox and IE Users: Time to Upgrade

Are you still using Firefox 1.5 or Internet Explorer 6? If so, it’s time to start seriously thinking about an upgrade.

Firefox 1.5 reached the end of its life today. That means that security and other fixes will only be available for Firefox 2 and later. Firefox 2 will run on all the same systems as the version you have right now, plus it gives you enhancements like spell check, phishing protection, and improvements to the features you already use.

Internet Explorer 6 is outmoded. It has limited support for the languages that make up the web (particularly CSS), and often disagrees with every other browser out there, forcing developers to write complicated code so that it will work on IE6. If you’re running Windows XP, you can upgrade to Internet Explorer 7. If you’re running an older version of Windows, you can benefit by switching to an alternative browser such as Firefox
or Opera. Whether you switch or upgrade, I highly recommend moving away from Internet Explorer 6.

Update: Mozilla has extended Firefox 1.5 support through mid-May.

Firefox too mainstream for Alternative Browser Alliance

I’ve been thinking about this for a while, but it’s time to refocus the Alternative Browser Alliance. Mozilla’s Asa Dotzler has referred to Firefox and Internet Explorer as the “mainstream browsers” for more than a year now, and it looks like that’s become true.

The web is no longer an IE monopoly. It’s become an IE/Firefox oligopoly. Firefox is no longer an alternative web browser. It’s sold out, its ads are everywhere, and it even allows people to build Firefox-only code.

So, starting today (April 1, 2007), the Alternative Browser Alliance will no longer promote Firefox.

So what will replace it? I thought about Opera, but most of its install base is on cell phones and PDAs, and we all know the mobile web browser is dead, right? Safari? Well, it turns out that WebKit is shutting down.

So the site will be putting its weight behind iCab. It’s as alternative as they come, and it’s guaranteed to remain that way (since it won’t run on Vista).

Update: Yes, it’s an April Fools joke.

Thoughts from a Redesign

Last weekend I did a redesign of my comics fan site, Flash: Those Who Ride the Lightning. It was prompted by two goals:

• Get rid of the non-working compatibility cruft for Netscape 4 (some of it was actually making things worse in NS4)
• Make navigation easier.

Read the rest of this entry »

Web Design is Like Pizza

When web designers switch from focusing on a single browser (usually Internet Explorer) to developing cross-browser sites (usually adding Firefox, sometimes Opera or Safari, ideally all three), they often find that things don’t work as expected in the “new” browser. This can be for a number of reasons, including:

• Bugs or “missing” features in the new browser (whether incomplete support in the new browser, or proprietary features in the familiar browser).
• Broken code on the website being handled differently.
• Different defaults where behavior isn’t well-defined in the specifications.

A big problem is that when you get into the code, a lot of pages aren’t as specific as the authors think they are. When you write code and test it on one browser, you’re not testing that the code is correct, you’re testing that that browser makes the same assumptions you do.

It’s like ordering pizza.

No, really. Let’s say Internet Explorer specializes in Chicago-style pizza, with a thick, chewy crust. And let’s say Firefox specializes in New York-style pizza, with a thin crust. But each can make the other style of pizza on request.

So you call up Internet Explorer and ask for pizza. They deliver you Chicago pizza, and if that’s what you wanted, you figure your order is fine. If you actually wanted New York style, you make sure that next time, you tell them you want that style of pizza.

But let’s say you like Chicago pizza. You get used to calling up IE and just asking for “pizza,” until one day you’re busy, and ask your roommate to order it. He likes to get his pizza from Firefox, so he calls them up, asks for “pizza,” and you get New York style. That’s not what you wanted. Obviously, Firefox pizza is inferior, because they got the order wrong! Well, no, it’s not, and no, they didn’t. They delivered what they were asked for. If you’d told your roommate to ask for Chicago style, Firefox would have been perfectly happy to deliver that style of pizza.

The moral of the story: always be specific with your code. Make sure it’s asking for what you think it’s asking for (validation helps here). And if something doesn’t do what you expect, make sure you didn’t leave that expectation out of your order.

See also: No, Internet Explorer did not handle it properly

(Expanded from a comment I posted at Mozillazine.)

The Danger of Saving Passwords

ISC is reporting a new type of vulnerability in web browsers that the discoverer has termed as “Reverse Cross-Site Request,” or RCSR.

Basically, on a site with user-generated content—like a hosted blog—it’s possible to add a form that looks like the site’s login form. If the victim has an account on the same site, and has asked their browser to save their password, it will auto-fill the form. If the attacker can somehow trick the visitor into submitting the form—say, with an invisible image submit button (ever clicked randomly? Or to get back to the page after looking at another window?)—the attacker gets the visitor’s password.

What’s new about this is that all it requires is plain HTML, not scripting, which most blog hosts and similar sites already block.

Chapin Information Services discovered the bug in Firefox 2, and reported it to Mozilla. It turns out that Internet Explorer 6 and 7 are also vulnerable, but only if it’s on the same page as the real login form. Mozilla is currently trying to determine the best way of resolving the problem without breaking all the passwords people have already saved. The ISC article links to the bug report, so you can follow the discussion. Microsoft has only said that they’re “aware of the issue.”

At the moment, I’m glad I don’t let web browsers save my passwords.

IE7 got you down? Try Firefox or Opera!

Microsoft will be releasing the long-overdue Internet Explorer 7 any day now (possibly as soon as Wednesday, if rumors prove correct). It will only be available for Windows XP SP2, Windows Server 2003, and the upcoming Windows Vista.

I know there are people out there still using Windows 2000, Windows 98, Windows Me, and other older systems that won’t run IE7. Why not take the opportunity to check out something new? Firefox 2 is also due out this month, and Opera 9 just came out this summer.

Despite what you may have heard, the vast majority of websites really do work on all major browsers. And with alternative browsers gaining popularity, the number of websites that block anyone but Internet Explorer is shrinking.

Opera and Firefox will bring you tabbed browsing, RSS Feeds, security and privacy controls, built-in searching, pop-up blocking—all the advantages IE7 boasts over IE6. Plus you get more customization, built-in spell checking, download management, session saving, and support for up-and-coming web technologies like SVG graphics and WebForms 2. Opera adds blazing fast display, voice commands and mouse gestures (leave that keyboard behind!), and per-site preferences.

Check out Opera. Check out Firefox. Or check out a dozen other alternative web browsers. Try them out, and see what works best for you.

IE Weirdness

I had a really strange experience with Internet Explorer earlier this week. I had a reason to check Windows Update (checking for driver updates), but no matter what I did, Microsoft Update opened itself in Firefox! Even if I typed the URL into IE, or chose it from the Tools menu. It became clear that the same was true of typing in any other URL, or trying to open a link in a new window.

As far as I can tell, IE had decided that it wasn’t capable of handling new HTTP connections and was sending the URL to the default browser. Read the rest of this entry »