There are many different authentication primitives built into browsers. The most common include Web Forms authentication, HTTP authentication, client certificate authentication, and the new WebAuthN standard. Numerous different authentication frameworks build atop these, and many enterprise websites support more than one scheme. Each of the underlying authentication primitives has different characteristics: client certificate authentication isContinue reading “Seamless Single Sign-On”
Category Archives: web
Beating Private Mode Blockers with an Ephemeral Profile
Back in 2018, I explained how some websites use various tricks to detect that visitors are using Private Mode browsers and force such users to log-in. The most common reason that such sites do this is that they’ve implemented a “Your first five articles are free, then you have to pay” model, and cookies orContinue reading “Beating Private Mode Blockers with an Ephemeral Profile”
Revealing Passwords
The Microsoft Edge browser, Edge Legacy, and Internet Explorer all offer a convenient mechanism for users to unmask their typing as they edit a password field: Clicking the little eye icon disables the masking dots so that users can see the characters they’re typing: This feature can be very useful for those of us whoContinue reading “Revealing Passwords”
Web Proxy Auto Discovery (WPAD)
Back in the mid-aughts, Adam G., a colleague on the IE team, used the email signature “IE Networking Team – Without us, you’d be browsing your hard drive.” And while I’m sure it was meant to be a bit tongue-in-cheek, it’s really true– without a working network stack, web browsers aren’t nearly as useful. BackgroundContinue reading “Web Proxy Auto Discovery (WPAD)”
Same Origin Policy & CORS
I wrote some foundational web platform explanation posts back in my IEBlog days and they keep getting lost. So I’m linking them here. Same Origin Policy, the security policy which determines whether one site may interact with content from another site, and what limits apply, is one such foundational concept that is core to understandingContinue reading “Same Origin Policy & CORS”
text/plain 