News

Google Finds Way To Bypass Internet Explorer Engine

Google introduced a coding plug-in for Web site developers that instructs Microsoft Internet Explorer browsers to use Google Chrome technologies.

The plug-in, called "Google Chrome Frame," was announced on Tuesday and is still at the early release stage, according to a Google blog. The blog features a video suggesting that IE 8 will pass the Acid3 test while using Google Chrome Frame. It also suggests that developers will see better support for rich Internet applications by using the plug-in.

The switch is triggered by adding a single tag to a Web site's HTML markup. It tells IE to use the open source WebKit Web content engine favored by the Google Chrome browser rather than Microsoft's IE Trident layout engine.

Web developers can take advantage of upcoming HTML 5 technologies and "recent JavaScript performance improvements" by using Google Chrome Frame, according to Google's blog. However, HTML 5 is still at the draft stage. W3C documentation points to a release milestone for the HTML 5 recommendation sometime in 2009 to 2010. A Google spokesperson said that final changes to the HTML 5 spec might happen in October or November, but "it's still a long process after that."

HTML 5 will have offline capabilities allowing calendar or e-mail applications to sync, as well as audio and video tags that don't depend on the browser using Adobe Flash or Microsoft Silverlight, the Google spokesperson noted.

A spokesperson for Microsoft explained in a released statement that "HTML5 is still a standard in progress and the makers of it say it will be years at least before it's done, so no one can standardize on it." The spokesperson added that all browsers support parts of HTML 5. Internet Explorer supports the following features in the current spec:

  • "The DOM Store -- that allows developers to store content and data on the end users computer
  • Cross Document Messaging
  • Cross Domain Messaging
  • Ajax Navigation
  • ContentEditable"

The statement provided by Microsoft suggested that there could be security repercussions to using Google Chrome Frame.

"Given the security issues with plug-ins in general and Google Chrome in particular, Google Chrome Frame running as a plug-in has doubled the attack area for malware and malicious scripts," the statement explained. "This is not a risk we would recommend our friends and families take."

Microsoft referred people to studies by NSS Labs, funded by Microsoft, on the protections afforded by browsers against phishing attacks and malware. Those studies found IE 8 to be one of the safest browsers.

A statement from Google took a different view on the alleged security risks of its browser and plug-in.

"While we encourage users to use a more modern and standards compliant browser such as Firefox, Safari, Opera or Google Chrome rather than a plug-in, for those who don't, Google Chrome Frame is designed to provide better performance, strong security features, and more choice to both developers and users, across all versions of Internet Explorer."

Google's statement cited protections against malware and phishing, as well as its sandbox security technology, plus frequent browser updates to meet emerging online threats.

A Microsoft blog accused Google of messy coding practices with Google Chrome Frame. Felix Wang, a Microsoft Web evangelist, indicated that the use of Google Chrome Frame interfered with IE 8. It also mangled a Windows registry setting, he explained.

"If any googler wants to investigate, just drop me a line and I'm happy to provide MPS report or other troubleshooting data for diagnostics," Wang wrote.

The Google spokesperson said in a phone call that Google is currently working on a bug fix to the problem described by Wang.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

comments powered by Disqus

Featured

  • Compare New GitHub Copilot Free Plan for Visual Studio/VS Code to Paid Plans

    The free plan restricts the number of completions, chat requests and access to AI models, being suitable for occasional users and small projects.

  • Diving Deep into .NET MAUI

    Ever since someone figured out that fiddling bits results in source code, developers have sought one codebase for all types of apps on all platforms, with Microsoft's latest attempt to further that effort being .NET MAUI.

  • Copilot AI Boosts Abound in New VS Code v1.96

    Microsoft improved on its new "Copilot Edit" functionality in the latest release of Visual Studio Code, v1.96, its open-source based code editor that has become the most popular in the world according to many surveys.

  • AdaBoost Regression Using C#

    Dr. James McCaffrey from Microsoft Research presents a complete end-to-end demonstration of the AdaBoost.R2 algorithm for regression problems (where the goal is to predict a single numeric value). The implementation follows the original source research paper closely, so you can use it as a guide for customization for specific scenarios.

  • Versioning and Documenting ASP.NET Core Services

    Building an API with ASP.NET Core is only half the job. If your API is going to live more than one release cycle, you're going to need to version it. If you have other people building clients for it, you're going to need to document it.

Subscribe on YouTube