Starting in Microsoft Edge 77 (and Chrome 77), the prompt shown when launching an AppProtocol from the browser was changed to remove the “Always allow” checkbox. That change was made, in large part, because this prompt is the only thing standing between every arbitrary site on the Internet (loaded inside your browser’s sandbox) and aContinue reading “Bypassing AppProtocol Prompts”
Category Archives: web
Browser Password Managers: Threat Models
All major browsers have a built-in password manager. So we should use them, right? I Do Should You? The easy answer is “Yes, use your browser’s password manager!“ The more nuanced answer begins: “Tell me about your threat model?” As when evaluating almost any security feature, my threat model might not match your threat model,Continue reading “Browser Password Managers: Threat Models”
Demystifying Browsers
Last update: October 29, 2024 Web browsers are conceptually pretty simple, but their code and the ecosystems that arise around the platforms they expose are immensely complicated. I started building browser extensions more than 22 years ago, and I started building browsers directly just over 16 years ago. At this point, I think it’s fairContinue reading “Demystifying Browsers”
App-to-Web Communication: Launching Web Apps
In recent posts, I’ve explored mechanisms to communicate from web content to local (native) apps, and I explained how web apps can use the HTML5 registerProtocolHandler API to allow launching them from either local apps or other websites. In today’s post, we’ll explore how local apps can launch web apps in the browser. It’s Simple…Continue reading “App-to-Web Communication: Launching Web Apps”
Microsoft’s Three Browsers
It’s an interesting time. Microsoft now maintains three different web browsers: Internet Explorer 11 Microsoft Edge Legacy (Spartan, v18 and below) Chromium-based Microsoft Edge (v79+) If you’re using Internet Explorer 11, you should stop; sometimes, this is easier said than done. If you’re using Legacy Microsoft Edge, you should upgrade to the new Microsoft EdgeContinue reading “Microsoft’s Three Browsers”
text/plain 