Pro Internet Explorer 8 & 9 development : developing ... · Using Fiddler to Decrypt HTTPSTraffic...
Transcript of Pro Internet Explorer 8 & 9 development : developing ... · Using Fiddler to Decrypt HTTPSTraffic...
-
Pro Internet Explorer 8& 9 Development
Developing Powerful Applications for theNext Generation of IE
Matthew Crowley
Apress*
-
Contents at a Glance >v
About the Author xvii
About the Technical Reviewer xviii
Acknowledgments -xix
Preface xx
Chapter 1: Internet Explorer Architecture • 1
Application Architecture and Dependencies 1
Command-Line Parameters 3
Processor Support 4
Protected Mode (Low-Rights IE) 4
Loosely Coupled Internet Explorer 7
Browser Frame, Tabs, and Ul 8
Search and Navigation 8
Printing 10
Tab Management 10
Favorites Center, Feeds, and History Ul 10
Status and Notifications 11
Frame and Tab Extensibility 14
Developer Tools 18
Script Errors and View Source 19
Shell Document View 19
The Travel Log and Shared Features 19
v
-
CONTENTS
Trident (MSHTML) 19
Third-Party and Custom Document Objects 19
Trident Layout and Rendering Engine 20
Parser Subsystem 21
Document Modes and Compatibility View 21
Core Document Subsystem 21
Text, Layout, and Rendering Subsystem 22
Object Model Subsystem 22
Component Model Subsystem 23
Editing Subsystem 24
Networking and Zones 24
URLMon 24
WinlNET 25
Security, Trust, and Privacy Architecture 25
Security Ul and Feedback Mechanisms 25
Application Integrity and Browser Defenses 28
Extension Integrity Defenses 28
Privacy and Social Engineering Protections 31
High-Integrity Brokers 33
Hosting and Reuse 34
MSHTML 34
WebBrowser Control 34
HTML Applications 34
Scripting Interfaces and API Usage 34
Application Management Tools 35
Internet Explorer Administration Kit 35
Setup and the Windows 7 Uninstaller 35
Windows Error Reporting, Event Logging Infrastructure, and the CustomerExperience Improvement Program 35
Windows 7 Troubleshooter 35
\ri
-
CONTENTS
Default Programs 36
Online Services 36
Settings Management and Feature Controls 36
Internet Options Control Panel (inetcpl.cpl) , 36
Reset Internet Explorer Settings 36
Manage Add-Ons 37
Group Policy 37
Feature Control Keys 37
Summary 37
Chapter 2: Interoperability and Compatibility ....39
Standards Support and Interoperability 39
HTML 4.01, HTML 5, and DOM Spec Support Improvements 39
Document Modes and Versioning 41
Quirks Mode, Document Modes, and X-UA-Compatible 41
Document Modes 42
Targeting Quirks Mode and Document Modes in Markup 42
Targeting Document Modes from the Server Side 43
Feature Controls for Document Modes 44
Differences Between IE 7 Standards Mode and True IE 7 45
Compatibility View 45
The Microsoft Compatibility View List 46
Controlling Compatibility Settings 46
Version Targeting 48
Version Targeting Using Conditional Comments 48
User Agent String Sniffing Using JavaScript 50
Compatibility View and the UA String 51
The Web Developer's Dilemma 52
Summary 53
vii
-
CONTENTS
Chapter 3: Enriching Web Applications with AJAX and JSON 55
The XMLHttpRequest Object 55
The XMLHTTP Library and XMLHttpRequest Object 55
Native XMLHttpRequest 57
Cross-Browser AJAX Compatibility 57
Scripting and DOM Improvements 59
Native JSON Support 59
String Sanitization with toStaticHTML 62
Standards Compliance Improvements 65
Persisting Data with DOM Storage 72
DOM Storage and Subdomains 76
Securing Persisted Storage 78
Moving towards HTML 5 Storage 78
Networking and Connectivity 78
Online and Offline Events 78
XMLHttpRequest Timeout Events 80
AJAX Navigation Events 83
Concurrent Connections 87
Communicating Across Pages and Domains 89
Cross-Domain Requests 90
Cross Frame Messaging with postMessage() 95
Tips and Tricks for Secure Communication 98
Summary 99
Chapter 4: Connecting Services with Accelerators 101
The What and Why of Accelerators 101
User Experience and Data Flow 102
The OpenService XML Schema 103
Tags 103
Variables 104
viii
-
CONTENTS
Creating Basic Accelerators 105
Constructing an Accelerator's XML File 105
Constructing a Web Service Handler 106
Handling Accelerator Contexts 107
Using the Selection Context 108
Using the Link Context 109
Using the Document Context 110
Implementing Previews 111
Installation and Deployment 114
Installing and Deploying via JavaScript 114
Installing and Deploying via Desktop Applications 115
Working with Categories and Defaults 123
Managing Accelerators 123
Advanced Topics 124
Updating Installed Accelerators 124
Building Rich Previews 125
Localizing Accelerators 127
Cross-Browser Integration 128
Best Practices for Building Accelerators 128
Providing Relevant Information 129
Designing Secure Accelerators 129
Designing Performant Accelerators 129
Designing Preview Web Pages 130
An Accelerator Design Checklist 130
Summary 130
Chapter 5: Debugging and Inspecting Pages with Developer Tools 131
Navigating the IE Developer Tools 131
View Source 132
The File Menu 133
-
CONTENTS
Inspecting Markup 133
The HTMLTab and the DOM Explorer 133
The Attributes Pane 135
The Find, View, and Outline Menus 136
Exporting Changes 138
Markup Inspection in Action 138
Inspecting Layout and Styles 140
The Style Pane 140
The Trace Styles Pane 140
The Layout Pane 141
The Attributes Pane 142
The CSS Tab 142
CSS and Layout Inspection in Action 143
Using the Extended Toolset 145
The Disable Menu 145
The Images Menu 146
The Tools Menu 146
The Extended Toolset in Action 148
Testing for Compatibility and Interoperability 150
The Browser Mode and Document Mode Menus 150
The Validate Menu 151
Debugging JavaScript 152
The Script Tab 152
The Source Pane 153
Breakpoints and the Breakpoints Pane 154
The Locals, Watch, and Call Stack Panes 155
The Debugging Console Pane and the console Object 156
JavaScript Debugging in Action 160
JavaScript Measurement and Optimization 163
The JavaScript Profiler 163
x
-
CONTENTS
The Profiler Ul 163
Profile Views— 164
Exporting Data 165
JavaScript Performance Testing in Action 166
Managing Cookies and the Cache 168
Tips for Debugging and Inspecting Web Sites 170
Summary, 170
Chapter 6: Scripting with Mutable DOM Prototypes 171
A Primer: Prototypes, Properties, and the DOM 171
Prototypes 171
Properties (Getters and Setters) 172
JavaScript and the DOM 173
Mutable Prototypes and Properties in IE 8 , 174
Manipulating DOM Objects 174
Manipulating DOM Object Get and Set Properties 176
IE Improvements in Practice 179
Downlevel IE Compatibility 179
Cross-Browser Interoperability 181
Security and Sanitization 182
Input Validation 185
Summary 192
Chapter 7: Debugging and Inspecting Pages with Fiddler 193
Getting Started with Fiddler 193
Installing and Running Fiddler 193
Navigating the Fiddler User Interface 195
Scripting Fiddler with Rules 195
Viewing and Inspecting Sessions 197
Deciphering the Session List 197
Inspecting the Request-Response Sequence 198
xi
-
CONTENTS
Comparing Sessions 201
Filtering Sessions 202
Using the Top-Level Filter Commands 202
Using the Filters Tab 202
Debugging and Manipulating Sessions 205
Using the Request Builder 205
Using the Filters Tab to Modify Session Data 206
Setting and Using Breakpoints 206
Analyzing Site Performance 207
Quantifying Request Items, Types, and Times 208
Evaluating Cache Performance 210
Optimizing Compression Settings 211
Simulating Performance Scenarios Using Built-in Rules 212
Using Fiddler to Decrypt HTTPS Traffic 212
Grabbing Simple Captures with FiddlerCap 214
Installing and Running FiddlerCap 214
Capturing Traffic with FiddlerCap 215
Summary 216
I Chapter 8: Content Syndication with Web Slices 217
Basics of Web Slices 217
Web Slice Structure: The hAtom Microformat 219
Designing and Deploying Basic Web Slices 220
Structuring and Creating a Web Slice 221
Installing and Viewing Web Slices 222
Managing Web Slices 224
Update and Expiry Management 225
Defining Update Intervals with TTL 225
Defining Expiration with the endtime Selector 227
Using CSS Styles and Stylesheets 230
xii
-
CONTENTS
Inline Styles and In-Document Stylesheets 230
Linked and Imported Styles 232
Alternative Sources 234
Alternative Update Source 234
Alternative Display Sources 235
Authentication 237
Basic and Digest Authentication 237
Cookie-Based Authentication 238
Advanced Topics 238
Specifying a Page's Default Web Slice 239
Script-Based Installation 239
Disabling In-Document Web Slice Advertisement 240
Summary 240
Chapter 9: Building Search Provider and Search Suggestion Extensions 241
Understanding Search Providers 241
The OpenSearch Description Format, JSON Search Suggestions,and XML Search Suggestions Specifications. 244
OpenSearch Description Format Specification 244
JSON Search Suggestion Extension 252
XML Search Suggestion Extension 253
Building a Basic Search Provider 256
Installing and Using Search Providers 256
Advertising Search Providers 258
Managing Search Providers 259
Returning Visual Suggestions with XML 260
Advanced Topics 260
Building Cross-Browser Search Providers 260
Adding Search Providers to the IE Add-Ons Gallery 261
User Preference Protection 264
xiii
-
m CONTENTS
Summary .265
Chapter 10: Building Lightweight Buttons and Menu Extensions 267
Understanding Lightweight IE Extensions 267
Adding Toolbar Buttons 269
Common Toolbar Button Properties 270
Running Script Using a Toolbar Button 271
Launching an Executable via a Toolbar Button 273
Invoking COM Objects via a Toolbar Button 275
Opening Explorer Bars with Toolbar Buttons 283
Extending the Tools and Help Menus 283
Common Menu Item Properties 283
Running Script Using a Menu Item 284
Launching an Executable via a Menu Item 287
Adding Entries to the In-Page Context Menu 289
Understanding the Context Menu Registry Structure 289
Example: Browser Selection Context Menu Extension 291
Turning Off the Context Menu 294
Creating Context Menus with JavaScript 294
Summary 298
Chapter 11: Developing Applications with the WebBrowser Control 299
Building a Simple WebBrowser Application 299
Preparing to Use the WebBrowser Control , 299
Creating an Instance of the WebBrowser Control (AxWebBrowser) 301
Handling Basic Events 303
Accessing the Object Model 304
Attaching to Document and Window Objects 305
Accessing the Browser Object Model 306
Sinking Object Model Events 307
Achieving Tight Integration with IE 308
xiv
-
CONTENTS
Setting Up the Application 309
Integrating WebBrowser Events with the IE Ul 309
Mimicking Window Behavior of IE 310
Surfacing and Executing OLE Commands 311
Summary 314
Chapter 12: Enhancing Page Content with Managed ActiveX Controls 315
Getting to Know ActiveX Controls 316
Architecting a Basic Control in .NET 316
Designing the Public Interface 316
Building the Control 319
Signing the Control 320
Running the Control 321
Constructing Uls 323
Adding a Ul to a Managed Control 323
Setting a Control's OLE Ul Flags 326
Exposing Events to ActiveX Hosts 326
Creating the Event Interface 326
Practicing Safe ActiveX with lObjectSafety 329
Staying Safe in the Great lUnknown 329
Implementing lObjectSafety 330
Looking At Alternative Platforms and Technologies 332
Summary 332
Chapter 13: Building In-Process Extensions with Browser Helper Objects 333
Understanding BHOs 333
Building a Generic BHO 335
Registering and Running BHOs 337
Sinking Browser Events 339
Summary 342
XV
-
S CONTENTS
Chapter 14: Extending the Browser Frame Using Band Objects 343
Understanding Band Objects 343
Building a Generic Band Object 345
Registering Band Objects 351
Constructing a Toolbar 355
Constructing a Vertical Explorer Bar 357
Constructing a Horizontal Explorer Bar 360
Summary 362
Chapter 15: Scripting and Automating Internet Explorer 363
Using IE with the Command Line 363
Getting to Know the IE Command Line 363
Changing IE Registry Settings 364
Invoking IE APIs Using RunDLL32 365
Writing Basic Scripts for IE 367
Creating IE Objects with the Windows Scripting Host 367
Creating IE Objects with PowerShell 368
Sinking Events Using VBScript and CreateObject 368
Learning Common IE Scripting Techniques by Example 369
Summary 373
Index 375
xvi