I can modify the Document mode that IE renders the page in, by passing in a X-UA-Compatible in the response header. I can achieve this by modifying a setting in IIS.
Similarly is there a way to modify the Browser mode to Compatibility view by modifying any setting in the IIS?
Shown below is what I currently see in the F12 tool in ie.
To configure IIS 7 on a Windows Server 2008-based computer to include a custom HTTP response header:
Click Start, click Administrative Tools, and then click Internet
Information Services (IIS) Manager.
In the connections pane, expand the node for the server, and then
expand .
Click the Web site where you want to add the custom header.
In the Web site pane, double-click in the section IIS on HTTP Response Headers.
Under Actions, click Add.
In the Name box, type X-UA-Compatible.
In the Value box, type IE=EmulateIE9.
Click OK.
Hope this helps!
I was also looking into this issue and found my answer here:
http://www.nczonline.net/blog/2010/01/19/internet-explorer-8-document-and-browser-modes/
From that site:
There doesn’t appear to be any other way that and end user can trigger Internet Explorer 7 mode. As such, it appears that this is just a convenience tool for developers that frees us from needing to and so it appears to be a tool used primary for developers
The same thought can be applied to IE10 I guess. It's rather frustrating, but I hope it helps.
Related
I am building an app that requires the user to change a Chrome setting. It will be more convenient to send the user directly to chrome://settings instead of having them open it manually via the menu, but when I try and open it directly or through a hyperlink on a web page, it always goes to about:blank#blocked. I have tried this on Windows, MacOS, and ChromeOS (including through a link in a TextView in an Android app), but the result is the same. Is this possible, or is it completely blocked for security or some other purpose?
i'll save you the trouble and let you know its not possible, and yes you're right due to security reasons
For Chrome on my local machine chrome://settings/ works. Well surely not impossible but still not that easy maybe this helps
https://support.google.com/chrome/a/thread/11564174?hl=en
I made a button for a PDF download that is working well in Chrome but it doesn´t open in Mozilla.
This is the code I used:
<a target="_blank" href="http://gerster.com/docs/posamenten_neuheiten_2014_2.pdf">Jetzt PDF-Katalog herunterladen</a>
What could be wrong?
Note: No error is showing up.
Q Using window.open or "target=" such as blank it doesn´t open in ### Browser
What could be wrong?
It is up to each user to download or permit binary.PDF running in a browser viewport after download, this is especially true after download fron any non trusted site.
OOB many browsers assume they can sandbox the PDF download and then allow as default action review of the PDF file. Chromeium based browsers like Edge may be more inclined to use that before the user improves their security.
So the 1st task for a user should be to switch off Edge auto viewing of PDFs and switch to a more secure setting.
In that case Edge / Chrome and other browsers will NOT auto run the downloaded PDF but ask the user if they wish to View after Download or simply Download.
One of the possible values of that attribute is _blank, which tells the browser to open a new window (or tab, if that’s the user’s preference) when that link is clicked.
This used to be “invalid” in HTML
see A Bad Reason: The link is to a PDF
If you are going to do it, not only do you need the target attribute for the functionality, you need to rel attribute for security.
So do not open yourserver to security issues blacklist or pop-up blocking see https://mathiasbynens.github.io/rel-noopener/
Don’t use target=_blank (or any other target that opens a new navigation context), especially for links in user-generated content, unless you have a good reason
This is the weirdest bug.
For some reason, the ctrl-click context menu has stopped appearing only on Chrome - localhost. I can view localhost in Safari and get a context menu and I can even view the exact same site I am developing on it's url in Chrome and get a context menu. Any other site I view in Chrome will also generate a context menu.
The context menu stopped appearing recently, it had been working fine up until this point.
I haven't been able to find any information on why this is happening.
I found this help in chrome
I hope it helps you
Re-enable the possibility to use the context menu on sites that overrides it.
This extension re-enables the context menu.
Indeed, many sites prohibit the right-click on images, pretending to protect their content. I think it is illegitimate.
(This extension is AD supported. If you don't wish to support me you may disable it in the settings.)
Unfortunately, Google Chrome does not have advanced options for what javascript is allowed to do (on the contrary of Konqueror, Opera or firefox). If you think it should, please star (don't add a "me too" comment)
In the meantime, this extension provides a workaround, by resetting the oncontextmenu to its default behaviour on many elements of the page. Oh, as a bonus, it works for Flickr and Youtube html5 videos too!
If a site is not supported, please report it in the bug tracker, not in the comments.
If a site is broken by the extension, please report it in the bug tracker, not in the comments.
However, a nice comment is always welcome :-)
I think chrome introduced this in 57 or 58 .. A perhaps simpler workaround is to add an entry to your system's hosts file and access your server using that.
i.e.:
127.0.0.1 server.local
then, instead of http://localhost/ , use http://server.local/ (and/or https, and/or port number, etc. as the case may be)
Bam! Chrome gives you your context menu back!
In Firefox, I view my site and get no warnings about insecure mixed content.
Using FireBug, I can see that every request is https.
In Chrome, I get the https crossed out in the address bar.
I viewed source in Chrome and then ran this regex /http(?!s)/ but the only things it found were the href attributes for some external links and the doc type and http-equiv meta tags.
Using Chrome's Resource Tracking revealed all requests were https too.
This includes Google Analytics, jQuery from Google's CDN and Facebook like scripts.
Is there any specific tool I can use to show non https requests, or anything further I can try?
I found that I get the "mixed content"-warning in Chrome even when there is no mixed content, if sometime during the session mixed content was already encountered on the domain.
(Also mentioned here: Why is Chrome reporting a secure / non secure warning when no other browsers aren't?)
In Chrome's Developer Tools, the Console tab shows the resources that it won't load because they unsecure.
You can add the "scheme" column to the Chrome developer tools network tab to show which requests were sent over http or https:
Press F12 to show the developer tools
Switch to the Network tab
Right click in the column headers and select "Scheme"
Reload the page to show which elements are loaded over http or https
In situations like this where it's helpful to see exactly which protocol is being used to load resources, I would recommend Fiddler2 as a browser-agnostic solution that can show you exactly what traffic is occurring on each request.
From the site:
Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language.
Edit: In-browser debugging tools are becoming really good so this third-party tool may not be as useful as it was when this answer was first written.
Open up the Web Inspector and find the yellow triangle (warning) in the top right. Click on it and it will display all security issues.
In 48-th version of chrome they added a security panel. Using it you can quickly identify the mixed content resources:
Do you have the HttpFox plugin for FireFox? That'd work, I think.
Among other things, it reports on the URL, Method, Result Code, and bytes of all the assets that a web page requests. It's what I've used to trap the occasional non-HTTPS graphic, etc. I'm sure the other suggested tools would do the same...
You can use SslCheck
It's a free online tool that crawls a website recursively (following all internal links) and scans for nonsecure includes - images, scripts and CSS.
(disclaimer: I'm one of the developers)
I know this post is old, but I ran across it and had the same issue. I clicked on the Chrome menu (top right corner), scrolled down to Tools> and selected Developer Tools. Clicked on the Console tab and it told me exactly what the problem was... the favicon was served over http, not https, but of course it was not in the page source code. Corrected the problem in my CMS, which loads the favicon without code in the page... and no more error!
Note that 'mixed content' and 'mixed scripting' are detected seperatly. Check this site for the meaning of the icons in Chrome: https://support.google.com/chromebook/answer/95617?p=ui_security_indicator&rd=1 (click 'see details' link).
Grey icon = mixed content, red icon = mixed scripting.
For testing
I don't want to upload CSS to FTP on each change until the site is complete, but the site and content is online. (I'm not talking about saving page locally then apply CSS)
Can I just apply the CSS locally to any online page?
It would be easier to edit and see changes locally until the CSS work is done.
I want to see the applied effect on Firefox and Internet Explorer.
Is this at all possible?
http://getfirebug.com/firebuglite
I think this is the closet way
http://209.85.229.132/search?q=cache:_7_eRIBRrhoJ:www.nealgrosskopf.com/tech/thread.php%3Fpid%3D60+http://www.nealgrosskopf.com/tech/thread.php%3Fpid%3D60&cd=1&hl=en&ct=clnk&gl=in&client=firefox-a
but only for firefox
Edit : 29 April 2010
I found another better way
http://www.tomjewett.com/accessibility/508-eval-tools.html
In FireFox, from the Web Developer toolbar, select CSS -> Add User Style
Sheet, browse to wherever you stored
it and click the Open button. When you
are finished, just un-check the "Add
User Style Sheet" on the toolbar CSS
menu.
In Microsoft Internet Explorer, select Tools -> Internet Options... ->
Accessibility... and check the "Format
documents using my style sheets" box.
Using the Browse button, open the
lowvis.css style sheet from wherever
you stored it, and click OK to both
the Accessibility and the Internet
Options panels. When you are finished,
simply un-check the "...my style
sheets" box on the Accessibility
panel.
I'd use a proxy such as Charles and use its URL remapping features to divert requests for the stylesheets to local files.
Sounds like you could use version control. Try http://git-scm.com/ or http://subversion.tigris.org/ ( http://tortoisesvn.tigris.org/ for a non-command line version)--it does a lot more, but it would allow you to do what you want, and what else it does it sounds like you might need.
Talk to your server admin about setting one or another up.
If you have web developer toolbar then you can view the current css and edit the same and then can see the changes ....
Its available for both firfox and IE
Ie web developer toolbar for IE
and Firefox web developer toolbar for firrefox
If the site you are testing for is not facing the public so speed doesn't matter, you could set up a service like dynDNS and turn your work PC into a web server. (Caveat: It's lots of work and you need to secure it.) You could then have all your style sheets on your local computer, and have your on-line site reference them like this:
<link rel="stylesheet" href="http://jitendra.dyndns.org/styles/styles.css">