Chris WilsonIE Platform ArchitectMicrosoft

Browser guy since 1993(NCSA Mosaic, SPRY Mosaic)

Joined Microsoft in 1995

IE 2.0, 3.0, 4.0, 5.0, 5.5, 6.0

3-year stint in Avalon (WPF) team

Rejoined IE to drive platform for IE7

Web standards guy - HTML, CSS, DOM, I18n, XSL

Now “Platform Architect” of Internet Explorer

IE4/5/6 – progressively powerful platform

BUT…

Little actual adoption of rich web platform

Hard to build rich, sexy apps/content

Dot-com bubble burst

Focus on Rich Client APIs (WPF)

• Security Push

• Windows XP Service Pack 2

• "IE6 XP SP2"

With all this going on,

Microsoft seemed AWOL from the web platform…

Simple dev pattern – fetch & updateRealization/innovation on top of Web 1.0

“Caring about the quality of web UI”

Rebirth of the semantic WebWeb content describes its own meaning

RSS, Microformats & tagging are examples

This allows richer "mash-ups" of various data sources

In short, a rebirth of client-side web applications

February 2005: Microsoft announces IE7

July 2005 – Beta 1

MIX '06 (March) – “layout complete”

April „06 – Beta 2 released

June '06 – Beta 3 released

Oct 18 2006 - Microsoft ships IE7!

Secure and Trustworthy Browsing

End User Experience

Web Developer Platform

Putting the User in ControlAdd-on Manager (from XPSP2)

We warn user of insecure settings

Parental Controls (from Windows Vista)

Protection against web fraud

Integrated Anti-phishing service

User experience highlights security

Extended Validation certificates

14

When a security exploit is found in the browser, malicious web pages install malware or modify files

Protected Mode eliminates silent install of spywareDoes NOT prevent running Win32 code

Protects registry, file system from writes

Redirects writes for compatibility

Only available on Windows Vista

15

Change Settings,

Download a Picture

Exploit can install

MALWARE

Install an ActiveX

control

Cache Web content

Exploit can install

MALWARE

Admin-Rights Access

User-Rights Access

Temp Internet Files

HKLM

Program Files

HKCU

My Documents

Startup Folder

Untrusted files & settings

IExplore.exe

16

Change Settings,

Drag & Drop

Install an ActiveX

control

Admin-rights Access

HKLM

Program Files

User-rights AccessHKCU, My Documents

Startup Folder

Temp Internet Files

Untrusted files & settings

IExplore.exe in

Protected ModeIn

teg

rity

Contr

ol an

d U

IPI

Cache Web Content

Redirected Settings and Files

IEU

ser.

exe

IEIn

sta

ll.e

xe

17

Protect the user by default

Inform the user and put them in control

Provide a backstop

Streamlined and Improved User Interface

Tabbed Browsing with Quick Tabs

Extensible search in UI via OpenSearch

Great default print experience

Page Zoom

Spoof-resistant International Domain Names

RSS…

Feed Discovery and default feed view

The platform for all Windows "feed apps"Feedlist, storage, parser, sync engine

API from Win32 and .NET Framework

List extensions to RSS

20

We listened to web developers.

21

22

The overflow bug

Parser bugs: * html, _property or /**/ comment bug

Memory leaks in JavaScript engine

Select control: style-able and not always on top

Auto-sizing of absolute pos element with right & left

great for 3 column layouts

Relative positioning issues

% height/width for absolutely positioned elements

hover effect working not just over text

<?xml> prolog no longer causes quirks mode

HTML element truly independent of the Body

1 px dotted borders no longer render as dashed

…over 200 CSS bugs fixed in IE7…

23

Fixed inconsistencies with W3C specs

:hover on all elements not just on <a>

Other elements can overlap <select>

Background-attachment: fixed everywhere

Improved <object> fallback

24

Added standards features (CSS/HTML)Fixed positioning support

Min/Max-Width/Height support

Selectors: first-child, adjacent, attribute, child

CSS 3 attribute selectors: prefix, suffix, substring

25

Other heavily-requested features

Alpha channel in PNG images

“Native” XMLHTTPRequest

Improved the Programming Experience

Improved JavaScript GC performance

Fixed memory leaks, caching of gzipped files

26

Lots more to do in CSSe.g. Bugs with floating elements and hasLayout

Features like :before and :after

Lots to do in Scripting and Document Object Model

Events, APIs not matching DOM spec

Faster faster faster!

XHTML or other new formats

We want to get them right

27

We listened to users

We want Tabs, printing, simplified UI, search in the UI

28

We listened to hackers

Well, okay not “listened to” them, exactly. But we were paying attention.

29

We listened to developers

Make our lives easier! Fix your bugs! Give us some new features!

Other than security, we have one rule…

31

“I‟m really concerned that we‟re breaking stuff in the name of goodness and that all users and developers will walk away with is „stuff broke.‟”

32

Well, not really. But it is challenging.

Our challenge isn't "IE can't support standards."

The core of Trident is great code…

…although bits need updating to standards compliance

But we can’t break the web as it is today!

33

IE + your site = end user experience of the web

If a site is broken, the user doesn't know who to blameCompatibility is a critical adoption/deployment factor

IE has on the order of half a BILLION users

We believe enabling web developers to use standards is critically important …

… but we also believe in not breaking my mom‟s banking site in the process of enforcing standards

34

We must balance compliance with site compatibility

Therefore, in IE7 “quirks mode” stays the same - most standards changes are only in “strict mode”

But being in standards mode is increasingly popular, and a lot of developers expect no behavior changes

Half of the top 200 US web pages are in “standards mode”

"Quirks" is no longer sufficient to protect compatibility

We can't tell if authors intended standards, or if they expect behavior not to change

People argue both sides of this religiously

We will need authors to opt in to standardsNew versions of HTML can automatically opt in, of course

<!-- compatible with IE 8.0 --> ?

36

This gives us the freedom to do some great things

Break compatibility with layout/CSS

Change DOM APIs (pass the event object to the handler!)

…without breaking current pages

As new versions of HTML are standardized (e.g. new DOCTYPEs), we can opt in automatically.

Compatibility is crucial to Ajax deployment

This is evolution, not revolution

38

IE7 Readiness Toolkit

Web developer toolbar for exploring DHTML/CSS

ExpressionFinder – shows CSS hacks

Application Compatibility Toolkit

Fiddler HTTP monitor

And other tools

Info on the IE blog – http://blogs.msdn.com/ie

For testing, it's often useful to run multiple versions of IE to test content/apps against different releases

It‟s not technically possible to have EXACT multiple IE versions side-by-side on a single Windows install

IE really is a Windows component

(actually, a set of Windows components)

There are hacks. They‟re fragile, and aren‟t complete.

Virtualization to the rescue! Virtual PC is free!

Last year, we released a Windows XP/IE6 image

We expect to release these images on a regular basis

Updated the image a month ago, released IE7 image

Over 100,000 downloads of original 500MB image (!)

41

Update your pages for IE7 (if you haven‟t)

Participate in the IE Blog http://blogs.msdn.com/ie

Send feature requests and bug reports to us

42

Lots still to do in web developer platform –across layout, object model and Ajax

Invest heavily in layout and CSS 2.1

Increase compliance with the Object Model, allow more flexible programming patterns

Ajax needs more client-side APIs

e.g. local storage and mashup security model

43

Continue providing world-class user experience

Look at new user paradigms – e.g. RSS in IE7

And as always, security is job #1

Chris.Wilson@microsoft.com

http://blogs.msdn.com/cwilso

IE Team Blog: http://blogs.msdn.com/IE/

© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions,

it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.

MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.