Browser Changes from Internet Explorer 6 to Internet Explorer 9

  • Article

To help navigate the range of web application compatibility issues that may influence an organization, this document classifies compatibility into four major areas, as shown in the table below:

Changes from Internet Explorer 6 to Internet Explorer 7 Changes from Internet Explorer 7 to Internet Explorer 8 Changes from Internet Explorer 8 to Internet Explorer 9

Versioning
  • Version Vectors

  • User Agent String
  • Version Vectors

  • User Agent String
  • Version Vectors

  • User Agent String

Standards
  • HTML 4.01 improvements

  • CSS 2.1 improvements
  • Additional HTML 4.01 improvements

  • Full CSS 2.1 compliance

  • Some HTML 5.0 support

  • ECMAScript 3rd edition support and some ECMAScript 5th edition support (including native JSON)
  • Additional HTML5 support

  • Some ECMAScript 3rd edition improvements, additional ECMAScript 5th edition support

  • Additional DOM L3 support, some non-standard or older DOM events are deprecated

  • Native SVG support

Security
  • HTTPS improvements

  • More secure scripting

  • Protected Mode (Windows Vista® and later)
  • Better protection from malware

    • DEP/NX & XSS filter on by default

    • HTTP/HTTPS mixed mode

  • AJAX more secure
  • MIME-handling improvements

  • Tracking Protection and ActiveX® Filtering

Architecture
  • Loosely Coupled Internet Explorer

Versioning

One of the most common application compatibility issues experienced with new versions of Internet Explorer is associated with user agent (UA) strings, version vectors, and conditional comments. Windows® Internet Explorer® 9 has a new UA string to detect which version of Internet Explorer that users are running. Similar to previous versions of Internet Explorer, the value associated with Internet Explorer (MSIE) in the UA String has increased to 9. Internet Explorer 9 also increments the value of the Trident token, which was introduced with Internet Explorer 8, from 4.0 to 5.0. The Trident token helps detect if Internet Explorer 9 is running in Compatibility View. Most importantly, Internet Explorer 9 now sends a short user agent string by default, for improved performance, interoperability, and compatibility. This means that pre- and post-platform registry tokens (like .NET CLR) will no longer be displayed. Websites must now use the nagivator.userAgent property to detect these tokens.

Standards

Internet Explorer 9 contains a new Javascript engine (Chakra), rendering and layout engines, and a new Document Object Model (DOM). Microsoft re-engineered the rendering and layout engine with the HTML5 and CSS3 specifications in hand, including built-in support for Scalable Vector Graphics (SVG), and created a new Javascript engine according to ECMAScript 3 and ECMAScript 5 specifications. Finally, the new Document Object Model was written to support parts of DOM Level 2 and DOM Level 3. The impact of broader support of web standards in Internet Explorer 9 can result in some of your web applications failing to operate properly. These standards improvements provide web developers with rich, interoperable capabilities. For a complete description of new platform capabilities in Internet Explorer 9, see the Internet Explorer 9 Guide for Developers.

For more information about issues related to JavaScript changes, see Site Compatibility and Internet Explorer 8.

Security

Starting with Internet Explorer 7, Internet Explorer now runs in a security context called Protected Mode when run on Windows Vista or later. This runs Internet Explorer in a lower privilege setting than that of a standard user application. This means that certain functionality will be limited, especially for ActiveX controls and certain types of plug-ins.

Beginning with Internet Explorer 8, Internet Explorer also enables Data Execution Prevention (DEP) by default, which helps mitigate the potential for running arbitrary code in online attacks. However, add-ons not designed correctly to run only code located in memory that has been specifically marked as executable may not be compatible with this security feature. This could include some code built using an older version of the ActiveX Template Library (ATL) framework. Internet Explorer 8 and later also protects users against potential security vulnerabilities using scripts. For example, you are no longer able to navigate from a URL in a less trusted zone to a URL in a more trusted zone except through explicit user interaction. Also, you cannot hide certain elements of the browser’s user interface (such as the address bar) in an un-trusted (Internet) zone. Internet Explorer 9 continues to improve end-user security with a few MIME improvements that may impact compatibility.

For more information about Protected Mode and its impact on compatibility, see Understanding and Working in Protected Mode Internet Explorer.

Architecture

Loosely-coupled Internet Explorer (LCIE) is an architectural modification to improve the browser’s reliability by separating its components and loosening their interdependence; most notably, it is an attempt to isolate the Internet Explorer frame and its tabs into separate processes. In Internet Explorer 8, this isolation brings about improved performance and scalability. This architectural change may influence the compatibility of extensions and add-ons, including ActiveX Controls, Browser Helper Objects (BHOs), and UI Toolbar components that are built with older programming techniques.

For a full list of browser changes from Internet Explorer 6 to Internet Explorer 9, see Appendix 1: Internet Explorer 6 to Internet Explorer 9 Browser Changes.