Back in May, I wrote about Client Certificate Authentication, a mechanism that allows websites to strongly validate the identity of their visitors using certificates presented by the visitor’s browser. One significant limitation for client certificate authentication is that there is no standards-based mechanism for a user to “log out” of a site that uses thatContinue reading “Client Certificates and Logout”
Author Archives: ericlaw
Web “Sessions” in Private Mode
I’ve written about Private Browsing Mode a lot previously, and I’ve written a bit about the behavior of “Session restore” previously, but one topic I haven’t covered is how “Sessions” work while in Private mode. Session Sharing Historically, one of the top-reported Private Mode issues was that users unexpectedly found that opening a new PrivateContinue reading “Web “Sessions” in Private Mode”
Images Keeping You Awake?
A Microsoft Edge user recently complained that her screensaver was no longer activating after the expected delay, and she thought that this might be related to her browser. It was, in a way. To troubleshoot issues where your PC’s screensaver and power-saving options aren’t working correctly, you can use the Power Config command line tool.Continue reading “Images Keeping You Awake?”
Debugging Browsers – Tools and Techniques
Last update: March 29, 2021 Earlier this year, I shared a post on how you can become an expert on web browsers from the comfort of your desk… or anywhere else you have an internet connection. In that post, I mostly covered how to search through the source, review issue reports, and find design documentation.Continue reading “Debugging Browsers – Tools and Techniques”
Local Data Encryption in Chromium
Back in February, I wrote about browser password managers and mentioned that it’s important to understand the threat model when deciding how to implement features and their security protections. Generally speaking, “keeping secrets from yourself” is a fool’s errand, so it’s a waste of time and effort to encrypt data if you have to storeContinue reading “Local Data Encryption in Chromium”
Web Debugging: Watching Element Changes
Recently, I was debugging a regression where I wanted to watch change’s in an element’s property at runtime. Specifically, I wanted to watch the URL change when I select different colors in Tesla’s customizer. By using the Inspect Element tool, I can find the relevant image in the tree, and then when I pick aContinue reading “Web Debugging: Watching Element Changes”
Browser Memory Limits
Web browsers are notorious for being memory hogs, but this can be a bit misleading– in most cases, the memory used by the loaded pages accounts for the majority of memory consumption. Unfortunately, some pages are not very good stewards of the system’s memory. One particularly common problem is memory leaks– a site establishes aContinue reading “Browser Memory Limits”
Web-to-App Communication: The Native Messaging API
One of the most powerful mechanisms for Web-to-App communication is to use an extension that utilizes the NativeMessaging API. The NativeMessaging API allows an extension running inside the browser to exchange messages with a native-code “Host” executable running outside of the browser sandbox. That Host executable runs with the full privileges of the current userContinue reading “Web-to-App Communication: The Native Messaging API”
Font Smoothing in Edge
Update, June 2021: See the Microsoft Edge blog post. Text rendering quality is an amazingly complicated topic, with hardware, settings, fonts, differing rendering engine philosophies, and user preferences all playing key roles. In some cases, however, almost everyone can agree that one rendering is superior to another. Consider, for instance, the text of this GizmodoContinue reading “Font Smoothing in Edge”
Managing Edge via Policy
The new Microsoft Edge offers a rich set of policies that enable IT administrators to control many aspects of its operation. You can visit edge://policy/ to see the policies in effect in your current browser: Clicking on a policy name will take you to the documentation for that policy. The Status column indicates whether theContinue reading “Managing Edge via Policy”
