Pro Internet Explorer 8& 9 Development

Developing Powerful Applications for theNext Generation of IE

Matthew Crowley

Apress*

Contents at a Glance >v

About the Author xvii

About the Technical Reviewer xviii

Acknowledgments -xix

Preface xx

Chapter 1: Internet Explorer Architecture • 1

Application Architecture and Dependencies 1

Command-Line Parameters 3

Processor Support 4

Protected Mode (Low-Rights IE) 4

Loosely Coupled Internet Explorer 7

Browser Frame, Tabs, and Ul 8

Search and Navigation 8

Printing 10

Tab Management 10

Favorites Center, Feeds, and History Ul 10

Status and Notifications 11

Frame and Tab Extensibility 14

Developer Tools 18

Script Errors and View Source 19

Shell Document View 19

The Travel Log and Shared Features 19

v

CONTENTS

Trident (MSHTML) 19

Third-Party and Custom Document Objects 19

Trident Layout and Rendering Engine 20

Parser Subsystem 21

Document Modes and Compatibility View 21

Core Document Subsystem 21

Text, Layout, and Rendering Subsystem 22

Object Model Subsystem 22

Component Model Subsystem 23

Editing Subsystem 24

Networking and Zones 24

URLMon 24

WinlNET 25

Security, Trust, and Privacy Architecture 25

Security Ul and Feedback Mechanisms 25

Application Integrity and Browser Defenses 28

Extension Integrity Defenses 28

Privacy and Social Engineering Protections 31

High-Integrity Brokers 33

Hosting and Reuse 34

MSHTML 34

WebBrowser Control 34

HTML Applications 34

Scripting Interfaces and API Usage 34

Application Management Tools 35

Internet Explorer Administration Kit 35

Setup and the Windows 7 Uninstaller 35

Windows Error Reporting, Event Logging Infrastructure, and the CustomerExperience Improvement Program 35

Windows 7 Troubleshooter 35

\ri

CONTENTS

Default Programs 36

Online Services 36

Settings Management and Feature Controls 36

Internet Options Control Panel (inetcpl.cpl) , 36

Reset Internet Explorer Settings 36

Manage Add-Ons 37

Group Policy 37

Feature Control Keys 37

Summary 37

Chapter 2: Interoperability and Compatibility ....39

Standards Support and Interoperability 39

HTML 4.01, HTML 5, and DOM Spec Support Improvements 39

Document Modes and Versioning 41

Quirks Mode, Document Modes, and X-UA-Compatible 41

Document Modes 42

Targeting Quirks Mode and Document Modes in Markup 42

Targeting Document Modes from the Server Side 43

Feature Controls for Document Modes 44

Differences Between IE 7 Standards Mode and True IE 7 45

Compatibility View 45

The Microsoft Compatibility View List 46

Controlling Compatibility Settings 46

Version Targeting 48

Version Targeting Using Conditional Comments 48

User Agent String Sniffing Using JavaScript 50

Compatibility View and the UA String 51

The Web Developer's Dilemma 52

Summary 53

vii

CONTENTS

Chapter 3: Enriching Web Applications with AJAX and JSON 55

The XMLHttpRequest Object 55

The XMLHTTP Library and XMLHttpRequest Object 55

Native XMLHttpRequest 57

Cross-Browser AJAX Compatibility 57

Scripting and DOM Improvements 59

Native JSON Support 59

String Sanitization with toStaticHTML 62

Standards Compliance Improvements 65

Persisting Data with DOM Storage 72

DOM Storage and Subdomains 76

Securing Persisted Storage 78

Moving towards HTML 5 Storage 78

Networking and Connectivity 78

Online and Offline Events 78

XMLHttpRequest Timeout Events 80

AJAX Navigation Events 83

Concurrent Connections 87

Communicating Across Pages and Domains 89

Cross-Domain Requests 90

Cross Frame Messaging with postMessage() 95

Tips and Tricks for Secure Communication 98

Summary 99

Chapter 4: Connecting Services with Accelerators 101

The What and Why of Accelerators 101

User Experience and Data Flow 102

The OpenService XML Schema 103

Tags 103

Variables 104

viii

CONTENTS

Creating Basic Accelerators 105

Constructing an Accelerator's XML File 105

Constructing a Web Service Handler 106

Handling Accelerator Contexts 107

Using the Selection Context 108

Using the Link Context 109

Using the Document Context 110

Implementing Previews 111

Installation and Deployment 114

Installing and Deploying via JavaScript 114

Installing and Deploying via Desktop Applications 115

Working with Categories and Defaults 123

Managing Accelerators 123

Advanced Topics 124

Updating Installed Accelerators 124

Building Rich Previews 125

Localizing Accelerators 127

Cross-Browser Integration 128

Best Practices for Building Accelerators 128

Providing Relevant Information 129

Designing Secure Accelerators 129

Designing Performant Accelerators 129

Designing Preview Web Pages 130

An Accelerator Design Checklist 130

Summary 130

Chapter 5: Debugging and Inspecting Pages with Developer Tools 131

Navigating the IE Developer Tools 131

View Source 132

The File Menu 133

CONTENTS

Inspecting Markup 133

The HTMLTab and the DOM Explorer 133

The Attributes Pane 135

The Find, View, and Outline Menus 136

Exporting Changes 138

Markup Inspection in Action 138

Inspecting Layout and Styles 140

The Style Pane 140

The Trace Styles Pane 140

The Layout Pane 141

The Attributes Pane 142

The CSS Tab 142

CSS and Layout Inspection in Action 143

Using the Extended Toolset 145

The Disable Menu 145

The Images Menu 146

The Tools Menu 146

The Extended Toolset in Action 148

Testing for Compatibility and Interoperability 150

The Browser Mode and Document Mode Menus 150

The Validate Menu 151

Debugging JavaScript 152

The Script Tab 152

The Source Pane 153

Breakpoints and the Breakpoints Pane 154

The Locals, Watch, and Call Stack Panes 155

The Debugging Console Pane and the console Object 156

JavaScript Debugging in Action 160

JavaScript Measurement and Optimization 163

The JavaScript Profiler 163

x

CONTENTS

The Profiler Ul 163

Profile Views— 164

Exporting Data 165

JavaScript Performance Testing in Action 166

Managing Cookies and the Cache 168

Tips for Debugging and Inspecting Web Sites 170

Summary, 170

Chapter 6: Scripting with Mutable DOM Prototypes 171

A Primer: Prototypes, Properties, and the DOM 171

Prototypes 171

Properties (Getters and Setters) 172

JavaScript and the DOM 173

Mutable Prototypes and Properties in IE 8 , 174

Manipulating DOM Objects 174

Manipulating DOM Object Get and Set Properties 176

IE Improvements in Practice 179

Downlevel IE Compatibility 179

Cross-Browser Interoperability 181

Security and Sanitization 182

Input Validation 185

Summary 192

Chapter 7: Debugging and Inspecting Pages with Fiddler 193

Getting Started with Fiddler 193

Installing and Running Fiddler 193

Navigating the Fiddler User Interface 195

Scripting Fiddler with Rules 195

Viewing and Inspecting Sessions 197

Deciphering the Session List 197

Inspecting the Request-Response Sequence 198

xi

CONTENTS

Comparing Sessions 201

Filtering Sessions 202

Using the Top-Level Filter Commands 202

Using the Filters Tab 202

Debugging and Manipulating Sessions 205

Using the Request Builder 205

Using the Filters Tab to Modify Session Data 206

Setting and Using Breakpoints 206

Analyzing Site Performance 207

Quantifying Request Items, Types, and Times 208

Evaluating Cache Performance 210

Optimizing Compression Settings 211

Simulating Performance Scenarios Using Built-in Rules 212

Using Fiddler to Decrypt HTTPS Traffic 212

Grabbing Simple Captures with FiddlerCap 214

Installing and Running FiddlerCap 214

Capturing Traffic with FiddlerCap 215

Summary 216

I Chapter 8: Content Syndication with Web Slices 217

Basics of Web Slices 217

Web Slice Structure: The hAtom Microformat 219

Designing and Deploying Basic Web Slices 220

Structuring and Creating a Web Slice 221

Installing and Viewing Web Slices 222

Managing Web Slices 224

Update and Expiry Management 225

Defining Update Intervals with TTL 225

Defining Expiration with the endtime Selector 227

Using CSS Styles and Stylesheets 230

xii

CONTENTS

Inline Styles and In-Document Stylesheets 230

Linked and Imported Styles 232

Alternative Sources 234

Alternative Update Source 234

Alternative Display Sources 235

Authentication 237

Basic and Digest Authentication 237

Cookie-Based Authentication 238

Advanced Topics 238

Specifying a Page's Default Web Slice 239

Script-Based Installation 239

Disabling In-Document Web Slice Advertisement 240

Summary 240

Chapter 9: Building Search Provider and Search Suggestion Extensions 241

Understanding Search Providers 241

The OpenSearch Description Format, JSON Search Suggestions,and XML Search Suggestions Specifications. 244

OpenSearch Description Format Specification 244

JSON Search Suggestion Extension 252

XML Search Suggestion Extension 253

Building a Basic Search Provider 256

Installing and Using Search Providers 256

Advertising Search Providers 258

Managing Search Providers 259

Returning Visual Suggestions with XML 260

Advanced Topics 260

Building Cross-Browser Search Providers 260

Adding Search Providers to the IE Add-Ons Gallery 261

User Preference Protection 264

xiii

m CONTENTS

Summary .265

Chapter 10: Building Lightweight Buttons and Menu Extensions 267

Understanding Lightweight IE Extensions 267

Adding Toolbar Buttons 269

Common Toolbar Button Properties 270

Running Script Using a Toolbar Button 271

Launching an Executable via a Toolbar Button 273

Invoking COM Objects via a Toolbar Button 275

Opening Explorer Bars with Toolbar Buttons 283

Extending the Tools and Help Menus 283

Common Menu Item Properties 283

Running Script Using a Menu Item 284

Launching an Executable via a Menu Item 287

Adding Entries to the In-Page Context Menu 289

Understanding the Context Menu Registry Structure 289

Example: Browser Selection Context Menu Extension 291

Turning Off the Context Menu 294

Creating Context Menus with JavaScript 294

Summary 298

Chapter 11: Developing Applications with the WebBrowser Control 299

Building a Simple WebBrowser Application 299

Preparing to Use the WebBrowser Control , 299

Creating an Instance of the WebBrowser Control (AxWebBrowser) 301

Handling Basic Events 303

Accessing the Object Model 304

Attaching to Document and Window Objects 305

Accessing the Browser Object Model 306

Sinking Object Model Events 307

Achieving Tight Integration with IE 308

xiv

CONTENTS

Setting Up the Application 309

Integrating WebBrowser Events with the IE Ul 309

Mimicking Window Behavior of IE 310

Surfacing and Executing OLE Commands 311

Summary 314

Chapter 12: Enhancing Page Content with Managed ActiveX Controls 315

Getting to Know ActiveX Controls 316

Architecting a Basic Control in .NET 316

Designing the Public Interface 316

Building the Control 319

Signing the Control 320

Running the Control 321

Constructing Uls 323

Adding a Ul to a Managed Control 323

Setting a Control's OLE Ul Flags 326

Exposing Events to ActiveX Hosts 326

Creating the Event Interface 326

Practicing Safe ActiveX with lObjectSafety 329

Staying Safe in the Great lUnknown 329

Implementing lObjectSafety 330

Looking At Alternative Platforms and Technologies 332

Summary 332

Chapter 13: Building In-Process Extensions with Browser Helper Objects 333

Understanding BHOs 333

Building a Generic BHO 335

Registering and Running BHOs 337

Sinking Browser Events 339

Summary 342

XV

S CONTENTS

Chapter 14: Extending the Browser Frame Using Band Objects 343

Understanding Band Objects 343

Building a Generic Band Object 345

Registering Band Objects 351

Constructing a Toolbar 355

Constructing a Vertical Explorer Bar 357

Constructing a Horizontal Explorer Bar 360

Summary 362

Chapter 15: Scripting and Automating Internet Explorer 363

Using IE with the Command Line 363

Getting to Know the IE Command Line 363

Changing IE Registry Settings 364

Invoking IE APIs Using RunDLL32 365

Writing Basic Scripts for IE 367

Creating IE Objects with the Windows Scripting Host 367

Creating IE Objects with PowerShell 368

Sinking Events Using VBScript and CreateObject 368

Learning Common IE Scripting Techniques by Example 369

Summary 373

Index 375

xvi