Q: Many websites offer a checkbox to “Remember this device” or “Remember me” but it often doesn’t seem to work. For example, this option on AT&T’s website shown when prompting for a 2FA code: …doesn’t seem to work. What’s up with that? A: Unfortunately, there’s no easy answer here. There is no browser standard forContinue reading “Q: “Remember this Device, Doesn’t?!?””
Tag Archives: Chrome
Q: Why do tabs sometimes show an orange dot?
Sometimes, you’ll notice that a background tab has an orange dot on it in Edge (or a blue dot in Chrome). If you click on the tab, the dot disappears. Why? The dot indicates that the tab wants “attention” — more specifically, that there’s a dialog in the tab asking for your attention. This mightContinue reading “Q: Why do tabs sometimes show an orange dot?”
Passkeys – Syncable WebAuthN credentials
Passwords have lousy security properties, and if you try to use them securely (long, complicated, and different for every site), they often have horrible usability as well. Over the decades, the industry has slowly tried to shore up passwords’ security with multi-factor authentication (e.g. one-time codes via SMS, ToTP authenticators, etc) and usability improvements (e.g.Continue reading “Passkeys – Syncable WebAuthN credentials”
Understanding Browser Channels
Microsoft Edge (and upstream Chrome) is available in four different Channels: Stable, Beta, Dev, and Canary. The vast majority of Edge users run on the Stable Channel, but the three pre-Stable channels can be downloaded easily from microsoftedgeinsider.com. You can keep them around for testing if you like, or join the cool kids and setContinue reading “Understanding Browser Channels”
New Recipes for 3rd Party Cookies
For privacy reasons, the web platform is moving away from supporting 3rd-party cookies, first with lockdowns, and eventually with removal of support in late 2023 the second half of 2024. Background: What Does “3rd-Party” Mean? A 3rd-party cookie is one that is set or sent from a 3rd-party context on a web page. A 3rd-partyContinue reading “New Recipes for 3rd Party Cookies”
Captive Portals
When you join a public WiFi network, sometimes you’ll notice that you have to accept “Terms of Use” or provide a password or payment to use the network. Your browser opens or navigates to a page that shows the network’s legal terms or web log on form, you fill it out, and you’re on yourContinue reading “Captive Portals”
Unexpectedly HTTPS?
While I’m a firm believer that every site should be using HTTPS, sadly, not every site is yet doing so. Looking at Chrome data, today around 92% of navigations are HTTPS: …and the pages loaded account for around 95% of browsing time: Browsers are working hard to get these numbers up, by locking down non-secureContinue reading “Unexpectedly HTTPS?”
Chromium Internals: PAK Files
Web browsers are made up of much more than the native code (mostly compiled C++) that makes up their .exe and .dll files. A significant portion of the browser’s functionality (and bulk) is what we’d call “resources”, which include things like: Images (at two resolutions, regular and “high-DPI”) Localized UI Strings HTML, JavaScript, and CSSContinue reading “Chromium Internals: PAK Files”
Smarter Defaults by Paying Attention
As a part of every page load, browsers have to make dozens, hundreds, or even thousands of decisions of varying levels of importance: should a particular API be available? Should a resource load be permitted? Should script be allowed to run? Should video be allowed to start playing automatically? Should cookies or credentials be sentContinue reading “Smarter Defaults by Paying Attention”
MHTML in Chromium
The MHTML file format (aka “Webpage, single file”) allows a single file to contain the multiple resources that are used to load a webpage (script, css, images, etc). Edge (Chromium) has an option to use the format when saving the current page via Ctrl+S or the Save page as… menu command: … but the browser’sContinue reading “MHTML in Chromium”
text/plain 