Documente Academic
Documente Profesional
Documente Cultură
Internet Explorer 7?
Chris Wilson
PRS203
Group Program Manager, IE Platform &
Security
Microsoft Corporation
1
Internet Explorer
Many different things to many different
people
End users U
Web designers D
4
Demo
5
Amazing User Experience
Flexible Subscription platform
We provide… U
Common Platform A
8
Secure and Trustworthy
Browsing
Dynamic protection against web
Anti-phishing
fraud service integrated U
into IE
D
User experience highlights
security A
Clear secure connection user
experience
Pop up windows identified with their I
URL
“One Click Cleanup” feature to wipe 9
Demo
10
Secure and Trustworthy
Browsing
Full control over add-ons
Explicit user consent is U
required on first run of
D
installed ActiveX controls
Users can easily enable pre- A
installed controls through the
C
same Info Bar as new controls
Add-ons Disabled Mode for I
recovery
11
Secure and Trustworthy
Browsing
Impeding critical exploits – URL
Special characters complicate URL U
handling
parsing, e.g.
http://www.good.com@bad.com
URLs are often passed as strings, and
some components parse inconsistently
In IE7, we have a single URL parsing C
object
This API (IURI) is exposed for other apps I
to use
Also adds International Domain Name 12
Secure and Trustworthy
Browsing
Impeding critical exploits – cross-
javascript: protocol now runs in-page
domain
Now, <img src=“javascript:foo()”>
doesn’t navigate – we strip “javascript:”
off and run as script inside the page
context
16
Secure and Trustworthy
Browsing
Protected Mode
Same as XPSP2 withchanges toolbar
a new UAP credential
U
install
prompt
17
Architectural Overview
Internet Explorer 6 running
Protected ModeQuicktime
I nternetActiveX
Explorer Admin
Admin rights
rights (Highrequired
IL) required
Install ActiveX
Install ActiveX
User rights
User rights required
(Medium IL) required
Compat Layer
Save/Change
Add-on Settings
I
18
Secure and Trustworthy
Browsing
Protected Mode –Sites/LM
Intranet/Trusted compatibility
don’t run in
U
features
PM
20
Powerful Web Dev
Platform
“Don’t break the Internet”
“Quirks mode” stays the same - many
platform changes are only in “strict D
mode”
A
We do change behavior under strict
mode
<?xml> prolog doesn’t prevent strict I
mode
21
Powerful Web Dev
Platform
Fixing the top problems
Fixed some serious issues in IE 6
layout D
Incompatibilities with the latest CSS
standard, as well as some nasty bugs in A
the engine
We’ve knocked out the top bugs on
quirksmode.org and
positioniseverything.net, as well as other I
problems
22
Powerful Web Dev
Platform
positioniseverythin Partial bug list
Layout issues in short…
g.net Peekaboo Bug
Quirky Percentages In IE6's
Formatting Model
IE/Win Line-height Bug D
IE6 Border Chaos
Disappearing List-Background Bug
Guillotine Bug A
Unscrollable Content Bug
IE 6 Duplicate Characters Bug
Doubled Float-Margin Bug
Duplicate Indent Bug
Three Pixel Text Jog
I
Creeping Text Bug
Missing First Letter Bug
…and many more issues.
23
Powerful Web Dev
Platform
Adding the most requested
Added top requested standards
features
features
D
PNG alpha channel support
All CSS 2 Selectors A
First-child, adjacent, attribute, child etc.
CSS 2 fixed positioning
CSS 2 :hover pseudo-class works on all
elements I
26
Powerful Web Dev
Platform
Web developer toolbar
IE toolbar providing a rich tool set
for exploring DHTML and CSS D
with object model and visual
tools A
28
Key Takeaways
We thought this Internet thing would be big one
day…
We’re providing more containment as well
as better arming users to make informed
decisions about their system security
We’re working hard to improve our web
platform
We want your continued feedback to put
out better and better versions of the
platform for you
My email address is cwilso@microsoft.com
(Please put “IE feedback” in the title, and please
DON’T email cwilson@microsoft.com – he’s not the
same guy) 29
Call To Action
What should you do?
33
IE7 Vista vs. IE7 XPSP2
IE7 will be available on
Windows Vista (with some additional
features such as Protected Mode)
Windows XP SP2
Windows Server 2003 SP1
…including 64-bit
34
Servicing Internet Explorer
Users
Servicing the software users use the
most is a huge commitment
Huge increase in quality and
responsiveness of IE Servicing
40% hotfix regression reduced to ~0%
Zero recall class GDRs since February 2004
Hit our days-to-solution targets for hotfixes
ZBB’d Critical vulns, down to last Importants
Major strides in security
IE 6 in XP SP2 reduced exploits by 40%+