IE6 HTTP Bug with HTTP_Accept request header

Something I bumped into today: The first time Internet Explorer loads a URL, it sends an “HTTP_Accept” request header with the list of MIME types it accepts, like so:
HTTP_ACCEPT = application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*

Any subsequent request of the same URL, though, only sends “*/*”:
HTTP_ACCEPT = */*

Of course I watched this through an ASP page which wrote out Request.ServerVariables("HTTP_Accept").  I wasn’t sure if it was IIS or IE‘s fault tho, so I checked the raw headers with Fiddler, and it’s definitely IE.

What’s especially strange is that I can find little or no mention of the problem. Anyone else heard of (or conquered) this?

It rather messes up a page I’m working on…

UPDATE: See here for a bug and workaround demo article I just put together.

IE 7 beta 2, Running Observations

Observations as a user:


  • Address bar: I’m not sure I like it being locked to the title bar.  Any other toolbars go below — that’s weird.  Interestingly, I can drag the whole window from the chrome near it, so I think it may actually be part of the titlebar under the hood.
  • “Star”/start menu: Opens the sidebar containing Faves, History, and Feeds. I think I like this, an idea borrowed from live.com.  It’ll still take some getting used to, tho.
  • bug?: Backspacing/deleting characters in this MSHTML-enabled (contenteditable) area of .Text doesn’t work right.  Possibly machine-specific, but I haven’t noticed it before.
  • Tabs: I reeeally want to move the tabs to the bottom of the screen, as I do with Firefox (and like Excel worksheets).  I also want to be able to double-click to close tabs, but I’m happy that middle-clicks are “Open in a New Tab”.
  • New tab thing: The small “blank tab” for creating new tabs is Mystery Meat, and especially confusing since there’s a “plus” icon nearby.  I know MS is going for “uncluttered UI”, but this breaks usability in favor of pretty.  Just show a #8220;new document” icon the whole time, and it’ll be much clearer. 
  • Stop loading icon: The “X” icon also very confusing.  “X” means Delete, a “Stop Sign” icon means stop. 
  • Reload icon: OTOH, I like the color reversal here, the green in the background makes it stand out more.
  • Faster: address bar responsiveness.
  • Slow, like rendering of the new Quick Tabs, Classic toolbar and Google’s toolbar.

Observations as a developer:


  • CSS Visual Transitions: are these gone?!?  Strange, b/c CSS Visual Filters still work.

  • Modal/Modeless dialogs: IE6sp2 forced the status bar onto these.  IE7 now forces an address bar too, creating problems for web apps with sized dialogs.  Slowly but surely those dialogs are becoming just windows, EXCEPT that…

  • Modal/Modeless dialogs are still very buggy in IE7b2!

  • SELECT elements: As expected, much better now!

 


 

IE 7 beta 2 preview

Yeehaw it’s out!  I’m downloading now and am actually excited to testdrive it.  Already noteworthy to me is the functionality changes section in the release notes:




Scriptlets—Internet Explorer 7 disables Dynamic HTML (DHTML) scriptlets, by default. (Scriptlets were deprecated in Internet Explorer 5). They can be reenabled by system administrators, changing URLActions with the Internet Control Panel (INetCPl.) The INetCPL text should read “Allow Scriptlets.” If your programs rely on scriptlets, we recommend that you use DHTML behaviors which are more efficient. Disabling scriptlets is part of our continued work to ensure that unsupported technology is deemphasized in Internet Explorer.


I’m very happy about this.  It sounds like Microsoft listened (!) to my request to not remove Scriptlets after all, but to instead just disable them by default (which is certainly a good thing for security).  I have several good old IE components written as DHTML Scriptlets, and I need some option to keep using them in existing web apps.



  • ActiveX controls–ActiveX controls are disabled by default in Internet Explorer Version 7. The ActiveX Input TYPE=FILE control no longer submits a fully-qualified path; it now submits only a filename. The ActiveX control for XEnroll certificate enrollment was removed from Windows Vista and replaced with a new control.

This is a big big deal, and again a good one.  But does this include disabling the built-in ActiveX Controls too, like DSOs and XMLHTTPRequest??  (if so, then ouch!)  Good idea on the file input, but it sounds like it’ll cause some rewrites.



  • Channel Definition Format (CDF)–All CDF support was removed from Internet Explorer 7 Beta 2 Preview.

This surprises me.  It may be old tech, but it was big (remember all the “push” hulabaloo? man, those were the [something-] old days), and I do still see sites using it.  Not sure from that statement whether it’ll come back in a later beta or RC, tho…



  • DirectAnimation–All DLLs to support the Internet Explorer DirectAnimation component were removed in Internet Explorer 7 Beta 2 Update.

Another big change.  So what’s the replacement it, native SVG finally??



  • XBM–Support for XBM, an imaging format designed for X-based systems, was deleted.
  • SSL–Support for weak SSL ciphers was removed from Windows Vista and support for SSLv2 was disabled for all Internet Explorer 7 platforms

Good and better.



  • Windowed Select–The Windowed Select Element was removed from Internet Explorer 7 because IE7 is not using the Windows API. This results in some cosmetic changes in padding. The animation associated with the popup is gone as well, and the popup simply pops up.

Simply marvelous!



  • BASE Element–Internet Explorer 7 strictly enforces the BASE element rule, as documented in the HTML 4.01 standard. We no longer allow BASE tags outside of the HEAD of the document. The standard specifies that the base element must appear within the head of the document, before any elements that refer to an external source.
  • window.opener and window.close–Internet Explorer 7 no longer allows the window.opener trick to bypass the window.close prompt. Browser windows can’t close themselves unless the windows were created in script. This security enhancement no longer allows browsing to a random site when the main browser window closes unexpectedly.

Ah, lovely bug fixes.  More please!
(actually, I wish I had known about that window.opener trick a long time ago.  Darn!)



  • WWW-Auth–Internet Explorer 7 changes the precedence rules for WWW-Auth. Previous releases of Internet Explorer used the first header encountered. Internet Explorer 7 uses the first header except when the header is Basic. We use Basic auth if no other authentication mechanism is present.
  • HTTPOnly Cookies–HTTPOnly cookies can no longer be overwritten from scripts.
  • _SEARCH–The _SEARCH sidebar is no longer supported in Internet Explorer 7. It can be reenabled using a URLAction.

All sounds good to me.  I’ll be a little sad about _search, tho, but only a little.



  • View Source–The view-source protocol no longer works in Internet Explorer 7 Beta 2 Update.

It actually stopped working back in IE6sp2, which was a pain for me.  It was a Netscape standard, albeit de facto, but it was still quite handy for sharing code (and non-abusable, that I know).



  • Gopher Protocol–Support for the Gopher protocol was removed at the WinINET level. (Gopher support was turned off by default in Internet Explorer 6.)
  • windowexternalImportExportFavorites–windowexternalImportExportFavorites has been removed in Internet Explorer 7 Beta 2 Preview.
  • Telnet–The telnet protocol handler is no longer supported in Internet Explorer.

Gopher, sure — I haven’t touched that in 10yrs. 
The Favorites method — eh, not a big fan, but I’ve seen some very cool specific uses (uploading to bookmark sites, in particular). 
But why no telnet://?  All that ever did was open the default telnet client.  This’ll definitely be a pain for some sites. 



  • SysImage URL Scheme–The SysImage URL Scheme has been removed from Internet Explorer.

I actually have no idea what this is, which is unusual with IE.  Anyone wanna enlighten my ignorance?



  • Status Bar Scripting–Script will no longer be able to set the status bar text through the window.status and window.defaultStatus methods by default in the Internet and Restricted Zones. This small step helps prevent attackers from leveraging those methods to spoof the status bar. To revert to previous behavior (allowing script to set the status bar through window.status and window.defaultStatus) select the “Security” tab from “Internet Options” in the Control Panel. Select “Custom level…” for the Internet (or Restricted sites) zone. Find “Allow status bar updates via script” and change the setting to “Enable”.

I wont miss this one much.  When I’ve used it, it’s been more a toy or bandaid for ugly URLs.  Much more often I’ve seen it abused, so all good here.


I’ll post more if I find my test-drive interesting.


There’s more good discussion about it over on the IEBlog.


 

The IE team has chosen wisely.

Or SELECTed wisely… (ok, so the quote doesn’t quite work).

Considering my frustrations with IE’s buggy SELECT element (dropdown list), or my workarounds for those problems, it should be no surprise that I’m quite excited about IEblog’s news about SELECT element fixes in IE7:
For the SELECT few….

z-index fixed, styles fixed, title fixed. Finally! (But no mention of scripting bugs… hopefully they get those too!)

I haven’t changed any hardware in over 6 months,

…yet I got this message when I logged in today:

—————————
Windows Product Activation
—————————
Since Windows was first activated on this computer, the hardware on the computer has changed significantly. Due to these changes, Windows must be reactivated within 3 days.
Do you want to reactivate Windows now?

—————————
Yes No
—————————

Very strange. Any ideas?

(Tip: you can capture the text of many Windows dialogs into the clipboard by pressing Control-C while viewing them. The above example came that way. Couldn’t use printscreen while logging in, tho, or I’d’ve shown the dialog too.)

Canvas in IE

This is just awesome:

…Okay, so it’s a slightly ugly picture, why is it awesome? Read about it here: http://me.eae.net/archive/2005/12/29/canvas-in-ie/.  Basically, Emil Eklund of WebFX extended IE to support Canvas elements, the currently most-buzzed new technology in web browsers.

Awesome-er (to me) is that he accomplished in a couple days with IE‘s DHTML Behaviors, just like my xDOM Suite, or Dean Edwards’ Star-Light do.  Just like them, it uses DHTML Behaviors to basically improve (fix, enhance, or extend) IE‘s rendering engine.  Developers can apply this extension by copying two files and adding a single line of code to pages which use Canvas.

Easy development, 3rd-party browser extensions, easy deployment ….All good examples of why DHTML Behaviors are totally awesome, and great reasons why other browsers should adopt them… 

(via Ajaxian, screenshot borrowed from same.)

Links: old but interesting

I just found this list I sent to some friends, over a year ago now.  Still quite interesting…


IQ/Personality:

The Classic IQ Test – Apparently I’m an “Insightful Linguist …natural fluency of a writer and the visual talents of an artist. …a creative and expressive mind” (there’s flattery for ya).

What Different IQ Scores Mean (down, cached copy here)  – Checking my above IQ here calls me “highly gifted” (aka “sub-genius”?).

What kind of thinker are you? – Says I’m a “Musical Thinker” (like Jimi Hendrix, except sooo white).

 

Oh, he’s talking about me!

Real coders, real code – scary & sad but true

 

Interesting:




 

Fun: