The browser market is heating up, with the major players poised to release new versions this spring, and Google having entered the mix with its newly released Chrome browser. We analyzed beta code for Internet Explorer 8.0, Firefox 3.1, Opera 10, Safari 4, and looked at Google Chrome, and found many obvious changes – improved tabbing systems, better performance, privacy helpers, integration with Web applications, polished interface, and much more.
But there are underlying changes in the areas of security, networking and development that IT professionals who support users on their networks or run sites that must accommodate users wielding these browsers need to understand.
Part I: Security
The dramatic rise of phishing, malware and cross-site scripting (XSS) attacks has forced browser vendors to revisit security in their offerings. The most recent generations of browsers contain a number of subtle changes to improve browser security. Internet Explorer 8 in particular includes several important changes, but developers and administrators have to know they exist before they can take advantage them.
1. IE8 takes on cross-site scripting
Internet Explorer 8 tries to help stem the rising tide of XSS attacks by addressing what is dubbed a Type 1 or non-persistent XSS attack. To that end, Microsoft has added a filter to Internet Explorer 8 that looks at URLs for common patterns like “