Freigeben über


XP SP2 RC1

Last week we shipped SP2 RC1 for Windows XP. This is a Release Candidate and it is not intended to be used in production environments. However, those of you who love to test things can check it out here. Those of you who are merely interested in screen shots can find them here. Today I thought I would post some comments about some of the IE specific work in this release.

Pop-up blocker gets a lot of press, understandably. Pop-ups invariably top every list of customer complaints I have seen with regards to the browsing experiance. Everyone knows Pop-ups are annoying, but why, exactally, are they annoying? They are annoying because nine times out of ten the user does not want the pop-up and the pop-up happens automatically. When things happen automatically and those things are the wrong things users get annoyed and when users get annoyed they tend to make bad security decisions.

For example, a user navigates to a website that immediatly tries to install an active-x control. It is well established that most users will probably not read this dialog and will instead try to get rid of it as quickly as possible. But assume this time the user reads it and decides the control looks sketchy. The user clicks No on the dialog to abort the install. The dialog goes away, but it is immediately replaced by another dialog (a jscript alert()) directing the user to install the active-x control! The user clicks OK to dismiss the alert. This is immediatly followed by the same active-x install dialog the user just said no to. The user says no again. Rinse and repeat. The problem is during this whole time things you do not want to happen are happening automatically. And to add insult to injury the dialogs are modal, so you can do nothing else with the browser while they are there. You can not close it, or navigate away from this evil page. Most people eventually click yes just to get on with their lives. Often “ActiveX install” is replaced by “file download” in this scenario. This is a bad situation.

So one of the things we have tried very hard to do is put users back in control of what goes on in the browser. This is both a security thing and privacy thing. And, of course, like all things in Software Engineering, there are trade-offs. Typically security is gained at the expense of features and compatability. We have endevoured to balance these trade-offs to provide the smoothes experiance possible for the user. 

The following information applies to the pre-release version of this service pack and is subject to change. Opinions expressed are purely my own, etc. 

Pop-ups
Users almost never want to see pop-ups. So we started by saying all pop-ups will be blocked. There are exceptions-- brokerage sites use window.open() to display small windows with definitions of trading terms. E-tailors use window.open() to display small windows with sizing charts (clothing) and definitions of technical terms (computers, electronics, etc). To handle these exceptions we added code to detect user initiated actions-- if the user clicks a link that wants to open a new window, we allow it to open one new window. The end result is no more cascading windows. Further more we imposed some restrictions on new windows that were not previously there. New windows must appear within the work area (as defined by the rcWork field of the MonitorInfo struct returned by GetMonitorInfo()). This means new windows must be completely visible to the user and must not cover shell app bars (such as the task bar, MSN dashboard, etc).

For the developers out there hosting the WebBrowser control, the user initiated information is available via the INewWindowManager interface and the NewWindow3 member of DWebBrowserEvents2.

ActiveX
Tony can talk more to this specific area, but there are a few things I love about the work we did here. You can now say “Do not install this control and never ask me again.” You can disable controls that have been installed (as well as Browser Helper Objects) by using the Manage Add-ons feature. When navigating to a Web site that tries to automatically begin installation of an active-x control, the browser automatically blocks the install on the users behalf and instead provides modeless UI at the top of the screen informing the user that the installation was blocked. The user is then free to navigate the browser, close the browser, etc, or install the control by clicking on the modeless UI. No more endless looping of modal dialogs.

Downloads
Downloads that are not initiated by the user by clicking on an element in the HTML are blocked, and instead of the download dialog modeless UI is shown at the top of the screen. The user can allow this download by clicking on the modeless UI or they can continue browsing the web.

Again, for the developers, you will be able to chose the classic modal UI or the new modeless UI when hosting the WebBrowser control. I am not sure if there is beta documentation for this yet or not though.

So for all of these things there may be an extra click or two involved when you do actually want the pop-up or download, but in the majority case IE will simply let you know that the Web page has requested something and IE has blocked it for the time being.

Questions? Comments? I will respond as best as I am able to the extent that I am able.

Comments

  • Anonymous
    March 22, 2004
    Hmm, I just noticed Tony already posted much of this information.

  • Anonymous
    March 22, 2004
    Perhaps a dumb question, or one with an easy answer - where can one obtain the new/updated header files with these interfaces/events?

  • Anonymous
    March 22, 2004
    Is there any chance that any of these bugs will be fixed for the final Service Pack2?
    http://www.positioniseverything.net/explorer.html

  • Anonymous
    March 22, 2004
    IE/XP sp2 changes: Windows XP is in final testing changes for a significant new updater, and "jeffdav" or Microsoft details how Internet Explorer will change. New window propagation sounds similar to previous implementations: a new window can be opened only...

  • Anonymous
    March 22, 2004
    In response to Pete Cole's question: That is a good question! I will look into it and post back here when I find the answer.

  • Anonymous
    March 22, 2004
    Nice blog btw...

    SP2 is OK. The firewall features are no blackice or ZA. The updater is OK. Pop Up controls are too agressive. I prefer googlebar.

    Since people classify anything they dont like as "spam"; is this MSFT's attempt to stop all spam by 2006? Doubtful.

    The system runs/feels a little faster. Not sure why. My benches went up ~4% (but within +/-5% margin of error).

    It's OK... the firewall failed on some apps, and asked on others (why?). I know its in beta, but more progress should happen.


    my comments.
    thanks for your input/open-mind.

  • Anonymous
    March 22, 2004
    Picking up where Jose left off, is there improved CSS support? (IE doesn't support several parts of the CSS1 spec and huge chunks of CSS 2.1)

  • Anonymous
    March 22, 2004

    I also blogged about the horrors of modal UI as well the other day.

    http://weblogs.asp.net/ptorr/archive/2004/03/20/93334.aspx

    And where's that transparent PNG support? Hehehe :-)

  • Anonymous
    March 22, 2004
    Joe: Thanks. The pop-up controls are a little agressive... we will be scaling that back in some scenario's, mainly for app compat and site compat, but my goal is still to block all pop-ups users do not want. I do not work on the e-mail apps, but this is not part of their plan to prevent spam.

    Peter: Don't make me use the "p" word on the record. :)
    (Not PNG; the other "p" word.)

  • Anonymous
    March 22, 2004
    ok, theres a new firewall, changes to ie and authenticode - lots of nice things. thanks! but why does this accumulate to 260+ mb? (i've done a short article on nickles.de on rc1 ( http://www.nickles.de/c/s/45-0013-361-1.htm ) - and that size question was the first to pop up from one of the readers ...


    WM_QUERY
    thomas woelfer

  • Anonymous
    March 22, 2004
    After reading an overview of what's new in IE from jeffdav, one of the IE developers, I realised I'd missed another change in IE.

  • Anonymous
    March 22, 2004
    Thomas: I think the big size is because most of Windows XP has been recompiled with new security settings. So the SP is in fact replacing most files.
    But I could be wrong. Anyonye?

  • Anonymous
    March 23, 2004
    Pete Cole: The XP SP2 RC1 SDK Beta is not available yet, but should be very soon. Stay posted, I will post a link to the SDK as soon as it ships.

    Thomas Woelfer: I am not a Builder, so there may be a better technical explanation somewhere, but basically it is larger then normal because, I believe, we have to ship a new version of every DLL that changed. If it was just registry changes, it would be easy and small. But XP SP2 puts a lot of new features in the OS, which means we had to touch a lot of DLLs. For IE I do not think it was much bigger then the number we would normally touch in an SP, but across Windows, the effort has been huge.

  • Anonymous
    March 23, 2004
    SDK.

    Thanks - looking forward to the post.

  • Anonymous
    March 23, 2004
    jeff/jason: if almost everything was recompiled (new vc++ buffer overflow switch) that would of course be an explanation. i'm still trying to find somewhere to confirm this...

  • Anonymous
    March 23, 2004
    "In addition to supporting NX, Service Pack 2 implements sandboxing. All binaries in the system have been recompiled with buffer security checks enabled to allow the runtime libraries to catch most stack buffer overruns, and "cookies" have been added to the heap to allow the runtime libraries to catch most heap buffer overruns."

    XP SP2 Overview Whitepaper

    http://msdn.microsoft.com/security/productinfo/xpsp2/default.aspx

  • Anonymous
    March 24, 2004
    Too little too late Microsoft. I'm sticking with Firefox.

  • Anonymous
    March 24, 2004
    Hmmm. I noticed that questions regarding CSS support, PNG transparency, and the bugs documented on "PositionIsEverything" have been sidestepped. These are obviously legitimate concerns for developers and designers alike. Will these be addressed in this service pack's final release?

  • Anonymous
    March 24, 2004
    I can only confirm that in the universe there exists a set of questions to which I would like to reply but to which, circumstances being what they are, I can neither confirm nor deny answers. Additionally, I can neither confirm nor deny which questions are, or are not, in said set.

  • Anonymous
    March 24, 2004
    Microsoft has made the Windows XP SP2 "preview" available for downloading, this is a look at what will be happening...

  • Anonymous
    March 25, 2004
    The comment has been removed

  • Anonymous
    March 25, 2004
    The comment has been removed

  • Anonymous
    March 25, 2004
    XP SP2 RC1...

  • Anonymous
    March 27, 2004
    Bluntly, I'm horrified ActiveX didn't have a "and don't ask again" option from day one.

    Better late than never - I guess this is the kind of design change that Trustworthy Computing will ensure is in future products.

  • Anonymous
    March 29, 2004
    The XP SP2 Release Client 1 is now available. Here's a list of some of the changes to Internet Explorer. As one poster in the thread writes, " Too little too late Microsoft. I'm sticking with Firefox." But the big...

  • Anonymous
    March 29, 2004
    No transparent PNGs? No non-link hovers? No fixed-position background image support? So the only new attractions are security benefits that I already have by using Firefox? Yeah... sounds great...

  • Anonymous
    March 30, 2004
    The comment has been removed

  • Anonymous
    March 30, 2004
    The comment has been removed

  • Anonymous
    March 31, 2004
    The comment has been removed

  • Anonymous
    March 31, 2004
    IE's Pop-up Blocker will not make a distinction between window.open() and targeting _blank.

  • Anonymous
    March 31, 2004
    Many valid applications depend on window.open().

    We spent years developping a Web Instant Messaging client. It behaves like any other IM client, so chat windows open automatically whenever messages are received from friends. The default IE SP2 behaviour makes that impossible.

    Microsoft is being naive if it thinks blocking pop-ups will improve the browsing experience. The marketing people will just cover up the content the user wants to see with DHTML instead. And then users will have to work out how to close the advert each time.

    So the effect of Microsoft blocking pop-ups is that countless valid applications will be disabled, and the advertising will carry on virtually unhindered.

    This particular feature of SP2 appears to be a marketing decision by Microsoft rather than common sense.

  • Anonymous
    March 31, 2004
    Are all window.open() calls located in onmouseup and ondblclick handlers blocked?

  • Anonymous
    March 31, 2004
    The comment has been removed

  • Anonymous
    March 31, 2004
    > For your app it will most likely be a simple IOleCommandTarget::Exec() call.

    Do you have a reference (link) for documentation on this - I thought apps were supposed to use INewWindowManager?

    Still waiting on the SDK <g>.

  • Anonymous
    April 01, 2004
    We did not get in to the product in time for RC1, so I do not think it is documented yet. I am still waiting on the SDK as well.

  • Anonymous
    April 02, 2004
    Thanks for your answer.

    I understand "the main goal [of pop-up blocking] is to put control of the browsing experiance back in the hands of the user". However, personally I feel much more in control when all I have to do is click on the X to close the window.
    - DHTML adverts obscure my view of the page I requested
    - The close button is not always visible immediately
    - It is not usually obvious where the button is
    So it always takes me a few frustrating seconds to work out how to get rid of the thing. Pop-ups are a no-brainer, I don't even notice the window content!

    Until now well-respected websites have prefered to sell less annoying pop-up adverts. However Microsoft's new policy is going to force them to accept highly annoying DHTML adverts.

    Perhaps Microsoft hopes to take the public credit for blocking pop-ups now, and avoid the blame for the inevitable consequences?

  • Anonymous
    April 02, 2004
    The comment has been removed

  • Anonymous
    April 02, 2004
    Web sites often enable user navigation with mouse button event handlers instead of standard links.

    Will window.open() calls located in onmouseup and ondblclick handlers be blocked in XP SP2?

  • Anonymous
    April 02, 2004
    By default the Blocker does not apply to sites in the Intranet Zone (this is also true of Trusted Sites Zone). The modeless Security Band UI should make it fairly easy for users accessing stuff in the Internet Zone to quickly allow a website to show pop-ups after the first one is blocked.

    If your Chat application is developed in pure JScript, you would probably need the users to add the site to the allow list via the Security Band UI once; then successive visits will function as before.

    I am curious however; how do you get different instances of the client (IE) to talk to eachother through pure JScript? (Don't tell me if it would violate an NDA or other agreement you have signed.)

  • Anonymous
    April 02, 2004
    The typical user never accesses any UI to change a preference or a security setting. So the Security Band UI will only help relatively advanced users. It does not help my company because we cannot target our IM application at such a very small minority.

    [If Microsoft really believes people will use the Security UI then why not disable pop-up blocking by default?]

    > how do you get different instances of the client (IE)
    > talk to eachother through pure JScript

    We've spent more than two years developing an IM application where all browser client instances HTTP POST messages to the same server. The server forwards the messages (no peer-to-peer is possible).

    Do you have any real-world suggestions that will allow our application (and thousands like it) to function in a user-friendly way with XP SP2's pop-up blocker?

    Will window.open() calls located in onmouseup and ondblclick handlers be blocked in XP SP2? (you can answer "don't know")

  • Anonymous
    April 03, 2004
    The comment has been removed

  • Anonymous
    April 11, 2004
    Lots of ne files in the SP2 package. Among them are new drivers for the CDROM, namely: CDROM.SYS, IMAPI.SYS, REDBOOK.SYS, STORPROP.DLL, and ATAPI.SYS.

    Anyone know if some of the issues of compatibility between third-party CD/DVD burning software have been resolved by this upgrade?


    Dennis

  • Anonymous
    April 13, 2004
    Jeff,

    Can you confirm whether the following will or will not work in XP SP2?

    <input type="button" value="User initiated popup" onclick="window.open('popupPage.htm')">

    if it doesn't then it's ridiculous!

    If a popup is initiated by:
    * setTimeout()
    * onmouseover/out
    * onload
    then I can understand it being blocked - but surely not onclick?

  • Anonymous
    April 14, 2004
    Yes-- new windows launched from OnClick handlers will not be blocked as long as the user clicks the button. Calling myButton.click() on the button will be blocked.

  • Anonymous
    April 14, 2004
    Phew, thanks - it's just that I got the impression that they would be blocked - I'll test with XP SP2 RC1 as soon as it's downloaded...

  • Anonymous
    April 14, 2004
    Where can i download the service pack2

  • Anonymous
    April 14, 2004
    everyhing is fine is xp sp2 but i want that if microsoft add some more thems in xp sp2 to look it more kool.,,,,,,,,,,,,,

  • Anonymous
    April 16, 2004
    The comment has been removed

  • Anonymous
    April 16, 2004
    The comment has been removed

  • Anonymous
    April 16, 2004
    The comment has been removed

  • Anonymous
    April 16, 2004
    sure can!!!:)

  • Anonymous
    April 26, 2004
    Seems to me there a few whiners here who's content is the very thing annoying many of the rest of us. How about coming up with a better way of advertsing than forcing ANY kind of involuntary windows and popups on those of us who want to go where WE want to go and SEE what WE WANT to see?

  • Anonymous
    April 26, 2004
    The comment has been removed

  • Anonymous
    April 26, 2004
    You can, at this point, assume I am an idiot or I cannot answer the question due to circumstances, etc. I am okay with either assumption. :)

  • Anonymous
    April 26, 2004
    What is the purpose of AlphaImageLoader if not to handle PNG? I think I'm missing something.

  • Anonymous
    April 26, 2004
    How can we get a hold of Xp SP2 RC1?

  • Anonymous
    April 26, 2004
    The comment has been removed

  • Anonymous
    April 26, 2004
    I use Popup Manager and it was free and works great. I have Earthlink and this blocker is better than the one they use and much easier to use. Don't need another one.

  • Anonymous
    April 27, 2004
    AlphaImageLoader is a DirectX transform that IE supports. It claims to support transparent PNGs but I have not tested this. I do know there is a work around for transparent PNGs that uses a DXT. Here is the doc:

    http://msdn.microsoft.com/library/default.asp?url=/workshop/author/filter/reference/filters/alphaimageloader.asp

  • Anonymous
    April 27, 2004
    I applaud the popup blocker. Every other browser in the world has it and it was only a matter of time before IE did it too.

    One question though Jeff: you seem to be focusing on the fact that something has to be "clicked" in order to open a popup window? What about users who may not be able to use a mouse or don't have one available? Will keypresses be able to open new windows as well (i.e. I tab over to a link and activate it by pressing on the spacebar)?

  • Anonymous
    April 27, 2004
    The comment has been removed

  • Anonymous
    April 27, 2004
    Vinnie- Yes, we have taken into account keyboard accessibility, and the same basic rules apply. Tabbing to a link and hitting enter will also be considered a user initiated action.

  • Anonymous
    April 27, 2004
    The comment has been removed

  • Anonymous
    April 27, 2004
    Jeff: Thanks for the clarification. I figured that keyboard action would count as user-initiated but just wanted to be 100% sure :).

  • Anonymous
    April 27, 2004
    The comment has been removed

  • Anonymous
    April 27, 2004
    The comment has been removed

  • Anonymous
    April 27, 2004
    Nevermind with #1 and #3.

    Just read you can answer due to NDA. Too bad =)

  • Anonymous
    April 27, 2004
    The comment has been removed

  • Anonymous
    April 27, 2004
    The comment has been removed

  • Anonymous
    April 27, 2004
    Now I want a comment edit thingie to fix misspeeling your name!

  • Anonymous
    April 27, 2004
    The comment has been removed

  • Anonymous
    April 27, 2004
    Cross to the darkside Jeff! Just try it out, you will get some cool ideas =P

    www.mozilla.org

    Download FireFox =)

  • Anonymous
    April 27, 2004
    Jeff -- Are there any plans by MS to implement more user friendly and appealing features into the IE platform or does MS plan to generaly keep the same interface they have now?

    I feel that it would help to make IE alot easier to use. Also you may want to consider (if not allready in place) a wizard that allows non-techy people to changes security settings based on preset parimaters or at least asking them in more detail about certain choices. Most first time Windows users have trouble understanding what active X is or weather or not you should activate it.

    I am not sure if something like this is in place allready and I am just not looking in the right place or what. I tend to be the most technically savy person in my close circle of friends/family and if this feature existed i could simply tell them about it and spend less time manually setting up security features.

    As you can probably tell from the way i word things i know no where near as much as most of the people who post here however i can genraly do ok to follow along with the teckyest of people :) Please let me know if you have the wizard thing in place and how to access it.

    If you have trouble understanding my uncoherint babling just let me know i will try to make sense next time :)

  • Anonymous
    April 27, 2004
    The comment has been removed

  • Anonymous
    April 27, 2004
    Oh yeah, I also almost burned my motherboard due to some soder (hotwiring my ATX botherboard connection so my PC would think it was on, as in turn on the fans, lights, ect, without booting up) and also forgot that I unpluged my watercooling unit and almost burned my CPU.

    hehe

  • Anonymous
    April 27, 2004
    That was just last week.

    See ya later.

  • Anonymous
    April 27, 2004
    The comment has been removed

  • Anonymous
    April 27, 2004
    Joesg-

    I do not have enough context to help with your question. My area of expertise is Internet Explorer, but if I had to guess as to your update problem, my psychic powers point me in the direction of the Internet Connection Firewall. Perhaps you need to allow Norton through? Try disabling it and see if Norton can update.

  • Anonymous
    April 27, 2004
    hi

  • Anonymous
    April 27, 2004
    these are all great features. congrats!! My first problem was with updating. It is very touchy. Any suggestions.

  • Anonymous
    April 28, 2004
    If I'm am currently happy with how my conputer is running with windows xp, but do i have to download to the service pack part 2?

    like what if everything is running good?

    is it inportant to do the update?

    thanks in advance to jef,

    dunny

  • Anonymous
    April 28, 2004
    Well, nothing forces you to upgrade. SP2 (like all of our service packs) has an uninstall feature as well, if all does not go well with the upgrade. (Control Panel->Add/Remove Programs)

    I would say this is a very important update.

  • Anonymous
    April 28, 2004
    The comment has been removed

  • Anonymous
    April 28, 2004
    The comment has been removed

  • Anonymous
    April 28, 2004
    Why can't we test just a rc1 of IE instead of the whole SP? My clients need more control over user's bad habits.

  • Anonymous
    May 01, 2004
    How to re-enable Java??? Have a Microsoft Great Plains page that I no longer can access because it uses Java! Help!

  • Anonymous
    May 01, 2004
    Two questions:

    1. What version number is the updated IE given?
    2. Will this updated IE be available for the other platforms that support IE 6?

  • Anonymous
    May 05, 2004
    Hi Jeff
    Wanted to know whether communication between popup and parent window will function normally.
    I have a link on my site which opens a poup when user clicks it.
    Now in this poup i have a link which closes the pop up and open a new URL in parent (calling) window. Will this work after SP2 is applied.
    I am accessing parent window using "window.opener "
    Apologies if I sounded dumb.
    Thanks in advance.

    Clifton

  • Anonymous
    May 05, 2004
    Clifton -

    If a popup is blocked, then window.open() will return null to the parent, and the parent should check for null and not try to communicate with it. :)

    If a popup is not blocked, then communication will function normally.

    If a popup is blocked and the user chooses decides they want to see it, we refresh the page and allow popups on the refreshed page, so the communication will function normally. The first implementation would actually cache the arguments to window.open() and replay the pop-up without refreshing the page (Beta 1, perhaps RC1), which DID break the communcication channel between the child and parent, but that is gone from the product now.

  • Anonymous
    May 05, 2004
    Paul-

    1. I am not sure the exact build number, but it will be a minor revision to IE 6. The UA string will be updated so that websites can detect it.

    2. I cannot say.

  • Anonymous
    May 05, 2004
    I noticed that some of my Quick Launch icons do not appear until I reboot a second time.

  • Anonymous
    May 07, 2004
    XP SP2 RC1 issues

  • Anonymous
    May 17, 2004
    ugh i need help please im trying to install the sp2 but i keep getting this error that the atapi.sys is in use and i tried almost everything from running the service pack in safe mofe to ending most of the proccesses in the task manager can anyone help me please

  • Anonymous
    May 22, 2004
    I took (foolishly?) someone's advice and installled XP Pro SP2 RC1

    The most significant thing it did to my system is Disable Mozilla, not delete or uninstall but disable completely no mouse or kb commands can start it. So I logged out of admin and into user and - it works normally. I logged into admin agin, gave user all permissions and pass, and back to user. What I want to do now is copy or move my settings from admin to user. Is there a short way of doing this and how?

    And, what's this act of disabing Mozilla?

    TIA

  • Anonymous
    May 25, 2004
    The comment has been removed

  • Anonymous
    June 02, 2004
    Argh! Being new to the whole COM game I finally have managed to convert urlmon.idl to urlmon.tlb [included "library"] and then finally a dll which I was able to add as a reference to my c# project. And all because I wanted access to " CoInternetSetFeatureEnabled" amongst other things.

    The problem is that a handle to this function has been created :-( What am I doing wrong here?

    Geoff

  • Anonymous
    June 02, 2004
    The comment has been removed

  • Anonymous
    June 02, 2004
    The comment has been removed

  • Anonymous
    June 03, 2004
    Geoff,

    Jeff contacted me about your issue. I don't know anything about IE, but after talking to him for a while I realized that CoInternetSetFeatureEnabled is a DLL export from Urlmon.dll. To access this you won't use COM interop - instead you need to use P/Invoke. You probably want something like:

    [DllImport("urlmon.dll")]
    int CoInternetSetFeatureEnabled(uint inetfeaturelist, uint dwFlags, bool fEnable);

    Your DLL generated from TLBIMP may have the imports for the feature list & flags, you could check if it successfully got those using ILDASM. If not you'll need to define them by hand.

    This API as shown here will return a HRESULT as an integer. You'll need to check if it succeeded (positive or zero) or failed (negative).

    I would also suggest you check out .NET and COM: The Complete Interoperability Guide. This book has more than you'd ever want to know about COM interop.

  • Anonymous
    June 03, 2004
    Dino, Thanks for your help. Dang, didn't want to resort to P/Invoke but I suspected it would end up being the final call.

    I'm off and running...

  • Anonymous
    June 08, 2004
    I am using AlphaImageLoader to work around IE's still broken PNG support. Yesterday, I found a coworker's machine would not display such an image at all. After a minute, we discovered what may be the 'modeless UI' mentioned in the article. It warned that the page had 'active content' which was disabled, and clicking the warning message would enable active content for files from that server (it was the local machine in this case).

    I have not been able to identify the security setting that enables this protection. Does anyone here know? I need to be able to document the requirements for proper display of the page. If the setting can be detected in javascript, I'll probably also want to tell the user why images aren't displayed correctly, and maybe switch my images to plain old <img> tags, broken transparency and all.

    Obviously, the best solution would be for IE for Windows to just display PNGs correctly without the proprietary directx workaround. I understand IE for Mac already does.

    But if anyone can explain the requirements/limits with the workaround, I would appreciate it.

  • Anonymous
    June 09, 2004
    Jeff,

    I want to Test Pop-up blocker of SP2 for my Internet applications, but same time doesn't want to download and install whole of huge SP2 ( 273 MB ) .. Can I download pop-up block feature and test it.. ?

    Thanks
    Sangeet

  • Anonymous
    June 10, 2004
    Sangeet- Popup Blocker is only available as part of the SP2 update.

  • Anonymous
    June 22, 2004
    I'll post more on this later once I've had a chance to install Windows XP SP2 RC2 and poke around...

  • Anonymous
    July 05, 2004
    I'm concerned about the impact of some of the new IE features on the online trading application we've developed in JScript. We rely absolutely on being able to popup (Trade Confirmation) windows on receipt of suitable messages from server (via JMS messaging and invisible applet).
    We also employ a caching mechanism whereby we precache all 'dialog' content within jscript variables, open windows using a javascript: protocol to open an empty page (avoiding any round-trip to server over expensive ssl connection) and write cached content into opened window. Some of the content includes embedded jsp within iframes (https:). We now get the dreaded "mixture of secure and unsecure..." message which never happened before.
    Our clients mostly use locked down machines with no access to IE settings. Is our app going to be broken ? I'm all in favour of new features, even if they are in 'service packs' but no way should major features which change basic functionality be introduced enabled by default.

  • Anonymous
    July 05, 2004
    As window.open() won't allow me to open a new window from page's body onLoad() event.

    So, in my web application, after identify that the pop-up blocker is enabled, I need to display a page suggesting user to click the link to open the required page. I want to develop a general page which will accept the URL, name and features and display the link. Can I call the window.showModalDialog() statement to open this intermediate page?

    I would like to know whether any restrictions on window.showModalDialog and window.showModelessDialog statements? Can I call these statements from the function which has been called from the body onLoad() event? Also, would like to know other better alternates. - Thanks

  • Anonymous
    July 13, 2004
    Good read this, Cheers Jeffdav

  • Anonymous
    July 15, 2004
    Hi, i try to use onclick to show a popup window. However it failed.
    Looks like IE blocks all window.open(), even i click a link, IE still won`t let me popup the window?

    <input type="button" value="User initiated popup" onclick="window.open('popup.html')">

    Have any idea what happened? Thanks!

  • Anonymous
    July 16, 2004
    The comment has been removed

  • Anonymous
    July 20, 2004
    I am writing a web app that allows users to open a personal list of web sites as separate browser windows. After a few months of coding, it is almost done, but I recently learned that SP2 will block pop-ups, making my app useless. Questions:

    1. When blocking pop-ups, will SP2 give users a convenient option of enabling pop-ups for the current domain, similar perhaps to Google's toolbar whose on/off switch displays and controls its white-list?

    2. What options exist for enabling a site to use pop-ups?

    3. If a site is enabled through IE's white-list, would window.open() be operational in the onLoad event?

    Thanks for any answers!

  • Anonymous
    July 20, 2004
    The comment has been removed

  • Anonymous
    July 20, 2004
    Jeff,
    Thanks for the information!

    My app is javascript/html.

    Is there a web site that has a picture of SP2's information bar and its pop-up menu so I can prepare some instructions (I realize that I might have to change it when the final product is released, but that would be easier than writing everything from scratch then)?

    Also, is there a way for my application to detect that it is Windows security that is preventing pop-ups from working? With that information, at least I could give users a customized response when my app fails.

  • Anonymous
    July 21, 2004
    The only way to detect the popup was blocked is to check the return value from window.open() for null (which all good scripts should be doing already :) ). It can be null for other reasons--such as out of memory cases--but the majority of the time null will be returned because a Pop-up Blocker of some sort was active.

  • Anonymous
    July 22, 2004
    What about adodb.stream. I use it in my corporate web application and it does not work with IE RC2. How can I ENABLE it?

    vincenzo

  • Anonymous
    July 22, 2004
    The comment has been removed

  • Anonymous
    July 22, 2004
    Dan- No.

    Vincenzo- See the bottom notes of this article: http://support.microsoft.com/default.aspx?kbid=870669

    -j

  • Anonymous
    July 22, 2004
    Thanks.

    The problem is that in my registry there is no key "HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{00000566-0000-0010-8000-00AA006D2EA4}" to set to 0.


    I suspect that adodb.stream in the new IE is disabled by other way. But I hope to find a way to re-enable it.

    Thanks again


  • Anonymous
    April 26, 2006
    PingBack from http://www.h2os.org/archives/bydate/2004/06/22/flash_windows_xp_sp2

  • Anonymous
    May 30, 2009
    PingBack from http://outdoorceilingfansite.info/story.php?id=2604

  • Anonymous
    June 01, 2009
    PingBack from http://paidsurveyshub.info/story.php?id=71746

  • Anonymous
    June 08, 2009
    PingBack from http://insomniacuresite.info/story.php?id=3342

  • Anonymous
    June 08, 2009
    PingBack from http://hairgrowthproducts.info/story.php?id=5322

  • Anonymous
    June 15, 2009
    PingBack from http://mydebtconsolidator.info/story.php?id=23135

  • Anonymous
    June 16, 2009
    PingBack from http://workfromhomecareer.info/story.php?id=20654

  • Anonymous
    June 16, 2009
    PingBack from http://fixmycrediteasily.info/story.php?id=5485

  • Anonymous
    June 18, 2009
    PingBack from http://thestoragebench.info/story.php?id=888

  • Anonymous
    June 18, 2009
    PingBack from http://patiocushionsource.info/story.php?id=86