Thursday, July 26th, 2007

Chris Wilson keynote at TAE

Category: Conferences, IE, The Ajax Experience

<p>Chris Wilson (Platform Architect of Internet Explorer) led off Day 2 of The Ajax Experience with his keynote: “Moving The Web Forward”. The talk centered on challenges faced by browser vendors and web developers to achieve more secure, stable, interoperable, and performant solutions. Here’s a bit of a summary…

Security and privacy are incredibly important to developers, browser vendors, and the average user. Ajax introduces some challenges in providing these protections due to code sharing, proxying, script inclusion, etc. It’s as important as ever to have a security model and spend some time “hacking yourself” to find loopholes.

Privacy is a growing concern for not only IT departments but governments. While cookies are perhaps the best known vulnerability (Chris recommends checking this out), many new “danger points” have been introduced by mashups and syndication. Having a privacy model and letting your users know just what you’re doing with their information is key.

Stability and interoperability are a tough pair. The volume of applications relying on non-standard implementations is staggering. Producing a strictly standards compliant version of IE is not an option as many users (and companies) would simply not be able to move to the new version. While many sites (attempt to) implement entirely standards compliant solutions already, many sites (even medium/large sites) do not. Often these violations are implemented without developers even realizing what’s happening. To maintain stability (and not “break the web”) interoperability is something that must be approached methodically (by way of things like “standards-comliant” mode).

Performance is another major concern voiced by users, unfortunately it’s hard to determine exactly what this means to them. Performance can be measured in a variety of different ways against a variety of implementations and approaches. While it’s always a goal to make the browser itself more efficient, many of the largest performance gains are via better designs and implementations of applications themselves.

Chris closed with what is pushing the web and what we can all do to move it forward right. To paraphrase Ben Galbraith (from last years TAE): “Caring about the quality of web UI” is what’s pushing us today. Enabling online social experiences, providing friendlier layouts, graphics, and imaging drives people to sites and gets them participating.

Making browsers (and other devices) interoperable is a huge step in improving what we can provide on the web. While vendors move towards that goal, it’s vital the developers be as careful as possible to implement standards based solutions, even in environments that facilitate non-standard solutions.

The QA:

Would IE be more secure if under a more permissive license? and will we ever see it?
Not really. It’s already frighteningly easy to get a copy of the windows source code (which includes IE). The challenge is making sure that lots of very smart people look at the code very closely for vulnerabilities. This is something the IE team has been quite proactive about, especially since 2002.

Chris doesn’t know of or anticipate any plans to change the license like this but won’t say never

Outlook 2007 doesn’t use the IE renderer and seems to be much less standards compliant, “Why did Microsoft do this to me?!?”

While Chris isn’t part of that team, he sees what they were trying to do: increase consistency between what is used for rendering received email and what is used for creating outgoing mail. He believes that team does realize that it’s a problem and will be working on it.

You had mentioned an issue of when developers don’t know they are relying on something that isn’t standard or writing something that isn’t standard. How can that be resolved or limited?

Workarounds are sometimes going to be necessary – Things need to work and you often can’t wait for the browser vendor to fix it. Developers need to (1) educate themselves on what is standard and what’s not and (2) document anything non-standard that they are doing or relying on to check back with when the next version is released.

Many problems are regarding the inclusion of frameworks included to get some widget or behavior. These frameworks may do something non-standardized under the covers that the developer is not aware of. To framework creators: Stay compliant wherever possible. Releasing a patched framework to accommodate new browser versions is good but there’s still trouble as people often won’t know to update (they’ve forgotten all about that).

What are your top 5 tips to making IE a good debugging env?
(Microsoft Download Center)
1. Install Visual Web Developer Express.
2-4. Get IE Debug Toolbar.
5. Keep updating the debug toolbar.
6. Get the full version of Expression Web Designer. (it’s pay-for so he’s making it #6).
oh, and #3. Fiddler

I’ve heard developing on Vista is broken.
It’s not broken, the challenge is IE runs in “protected mode” by default which sandboxes IE process to prevent others from connecting to it – and it from connecting to others. Disable protection mode and it will work.

Should i start with FF and then fix bugs with IE? What does Microsoft recommend?
Remember the tips before for debugging.
Reference the IE Developer Center for what the platform contains.

As for the general process: start with the standard and test with multiple browsers as you go. What you’re testing in any browser is that browser’s implementation of the standard – so, even if two browsers implement the same standard – you can run into trouble. By testing in several as you go, at least you know when you’re hitting incompatibilities.

What are the big things users are asking for?
Users don’t give very consistent answers to this question but research told us the important things for IE7 were tabs and printing. When starting IE7 they had no plans for enhanced printing but people were really mad about the right hand side being cutoff. They ended up getting a big win with their printing improvements.

Now (post IE7) people want performance but it’s hard to know what that really means to them. Normally the “feel” of browsing is pretty similar, to the normal user, when just casually browsing.

Another request is enabling customization and hiding portions of the UI that the “normal user” isn’t utilizing. Part of this task is to enable more customization while another large part is making existing customizability more friendly and accessible.

Related Content:

Posted by Jim Halberg at 2:14 pm
10 Comments

++++-
4.5 rating from 112 votes

10 Comments »

Comments feed TrackBack URI

Microsoft has finally succeeded: I’ll develop Flex/AIR web applications in the future. No more HTML/JS/CSS for me.

The Internet Explorer has hindered web development for years now and there seems to be is no end. There is one question I am particular interested in: How many billions of Dollars have been wasted to create workarounds for the IE?

In the company I am working for we spend a tremendous amount of time to fix IE issues…

I really hate Microsoft for making the web such an unpleased place.

Comment by AndiSkater — July 26, 2007

I think it’s funny that the Platform Architect of Internet Explorer called his keynote “Moving The Web Forward”. Guess he doesn’t realize that his product has been HOLDING THE WEB BACK all these years!

Comment by GMFlash — July 26, 2007

The only way to move the web forward is for all web developers to unite and say no to IE hacks and work-arounds. I doubt many will adopt this so we’ll keep on whining and the IE team will keep on preaching web standards.

Comment by cdude — July 26, 2007

If we are to move forward and start running IE in standards compliant mode, I have one simple requirement and it’s a single CSS property: support box-sizing.

http://www.w3.org/TR/css3-ui/#box-sizing

In setting up the Backbase widget library my experience has been that not having support for this property can easily lead to ugly hacks and attempts at writing non standards compliant code, only for IE.

The content-box model specified in CSS2.1 is just not the most suitable for all situations, so a document level switch (the way IE implemented control over box sizing) is clearly insufficient and hinders adoption of the standards.

Comment by Michael van Ouwerkerk — July 27, 2007

So where do I get Visual Web Developer Expres? The download center doesn’t list it.

Comment by Tim Cooijmans — July 27, 2007

All I want is for IE to give me the *actual* line number on the *actual* file that my javascript error is coming from. “Line 20: Object does not support that method” leaves me no closer to understanding the source of the error than I was before I double-click on the error prompt.

Comment by Mike Ritchie — July 27, 2007

What I loved about the keynote:

1. Chris stated that because of IE7, 50% of the top 200 websites are now running in ‘standards’ mode and not ‘quirks’ mode……but in reality, the reason they’re running in ‘standards’ mode is because they know they have to code for Firefox and other standards compliant browsers. So they’ve gone ahead and coded it the right way, and then hacked the code to work in IE.

2. He more or less said that IE7 is not standards compliant because M$ doesn’t want to ‘break the web’. He used some mundane examples of how his mothers bank website wouldn’t work if they made major changes to IE7. But what he failed to mention is that ANY respectable financial institution has allready coded their site for FF, so she has the option to use a browser that works, while IE7 gets their asses in gear.

3. What Chris failed to realize is that every waking moment that they ship a sub par, non-standards compliant product, that means more and more websites get created using the hacks that he says will ‘break the web’ if they get removed. So all of his answers for why IE is non compliant pose paradoxes.

One solution that I see to this, is to start fresh with IE8. Fix whatever issues there are in IE7, then mothball the project. Allow IE8 to be a separate and non mandatory install that will not overwrite IE7. This way, you start with a new code base that can be made standards compliant and not use cloogy proprietary technology. It would also allow for all current websites to still work, thus not ‘breaking the web’ but then give them the ability and time to remove any hacks that might exist and create their sites they way they should be created.

M$ doesn’t charge for their browser, so why develop it in a manner that lends itself to competition? Theres no need for market share in a browser. I may be wrong on that, and i challenge anyone to show me the fault in that statement, because i would love to know. But if they do in fact want to keep their “market share” they need to immediately tuen 180 degrees and begin listening to the people. If that doesnt not happen, the effect will be that FF takes over as the market share leader, and they wont have to look back. As long as they would stay compliant, there would be nothing that IE could do to regain the ground.

Comment by todd — July 27, 2007

Here’s a though MS, don’t move the refresh button to a tiny button the other side of the URL location. I can’t tell you how many times a day I fumble around with that. Start watching yourself and you’ll have a very clear and continuous non-CSS / JS hack annoyance with IE. Whatever usability wonk told them this was a good idea esp. with all the other browsers doing it the old way out to be run out of the industry.

Comment by Whoops I annoyed you — July 27, 2007

I think that Microsoft is overly concerned about not breaking the Web to the point where they become enablers of abuse. The idea that a page could declare a standards mode DOCTYPE but IE would say “well you said you wanted standards mode but we don’t really think that’s what you meant, so if you really want standards mode you’ll need to also declare something in a conditional comment or meta tag” is absolutely ridiculous. They are concerned that currently lots of people are using standards mode not realizing what they are getting/doing and there’s a lot of existing pages built this way. Well IE, if you hadn’t done it wrong in the first place, there probably wouldn’t be this problem. But don’t hold the development of the Web back just because a set of people don’t know what they’re doing. Don’t diverge again from all the other browsers and standard just to enable people to use things incorrectly. What about me? I really do want standards mode and if I specify the right DOCTYPE I should get it. Period. I shouldn’t have to also use yet another IE specific way of doing things.

Comment by ktrott — July 27, 2007

It doesn´t look like Microsoft will redesign IE8 to be standards compliant. I would just take it as it is and hope we don´t get another non-standards non-IE6 non-IE7 next version of the explorer (the third way). I kind of made peace with the situation – because there is no way I could change whatever Microsoft is up to. From a business point of view: cross browser testing will never be a part of a fixed price project here.

Comment by Frank Thuerigen — July 27, 2007

Leave a comment

You must be logged in to post a comment.