Category: Web Browsers

Posted on
by

Via Weblog about Markup & Style:

Dive Into Mark provides an excellent example of why a browser shouldn’t second-guess file types.

Safari content sniffing for XHTML

It’s a screenshot of Safari looking at a text document… but the first line mentions XHTML, so it’s decided that’s what it must be. I’ve had lots of trouble with Internet Explorer doing the same thing, and Safari’s been aiming at bug-for-bug compatibility in order to “break” as few sites as possible.

[Edit: After the source blog was taken down, I grabbed the screenshot from archive.org and uploaded it here.)

Posted on
by

Well, it’s official. After months of rumors and vague announcements, Netscape 7.2 has been released!

It’s been just over a year since AOL closed down Netscape and spun off the independent Mozilla Foundation. Despite the uncertainty of that transition, no one can deny that Mozilla has flourished. People everywhere are switching to Firefox and recommending it on security, usability, and capability grounds.

It’s really quite surprising, particularly since Netscape the company no longer exists. But Mozilla has been marching ahead, and all that stood between AOL and an updated Netscape was updating their proprietary features, like the AIM sidebar and access to AOL email, to work with the new Mozilla code.

For the past year, I’ve been advocating that people switch from Netscape to Mozilla, since it seemed the best upgrade path. (Someone on Mozillazine pointed out that AOL is actually promoting the Mozilla connection — an interesting switch.) I’ve been skeptical about the new version actually materializing, but here it is.

I’m going to stick with Firefox myself, but for Netscape fans and those looking for the full browser suite (complete with AIM/ICQ)…

  • Download Netscape 7.2

Posted on
by

Great. Just great. Now there are ad networks using banners to install malware.

The article from Netcraft goes on to say that some phishing attacks are using banners to install keystroke loggers and other spyware. So now, just by using an insecure browser* to click on the link in a message claiming to be from your bank can make it possible for hackers to steal your passwords, credit card numbers, etc., even if you realize the site’s a scam and don’t fill in the form. Fun, fun, fun!

Time to look into those alternative browsers again…

* Yes, security holes have been found in Mozilla, Opera, etc. With the rise in popularity of Firefox, some attackers are starting to target Mozilla. But aside from looking at the sheer number of holes in IE compared to other browsers, just about everyone seems to have a better track record at fixing vulnerabilities than Microsoft does.

Posted on
by

Some people browse collections. I collect browsers. Mostly I just want to see what they’ll do to my web site, but I have a positively ridiculous number of web browsers installed on my Linux and Windows computers at work and at home, and I’ve installed a half-dozen extra browsers on our PowerBook.

One project I’ve worked on since my days at UCI was a script to identify a web browser. In theory this should be simple, since every browser sends its name along when it requests a page. In practice, it’s not, because there’s no standard way to describe that identity.

Actually, that’s not quite true. There is a standard (described in the specs for HTTP 1.0 and 1.1: RFC 1945 and RFC 2068), but for reasons I’ll get into later, it’s not adequate for more than the basics, and even those have been subverted. That standard says a browser (or, in the broader sense, a “user agent,” since search robots, downloaders, news readers, proxies, and other programs might access a site) should identify itself in the following format:

  • Name/version more-details

Additional details often include the operating system or platform the browser is running on, and sometimes the language.

Now here are some examples of what browsers call themselves: Continue reading