From IE7 release notes: http://msdn2.microsoft.com/en-us/ie/aa740486.aspx
Functionality Removed and Changed in Internet Explorer 7
Offline Favorites--Offline Favorites and Scheduled Offline Favorites have been removed from Internet Explorer 7. Internet Explorer supports RSS feeds, which provide scheduled updates to web content and offline reading of this content. For more information about RSS feeds, read the RSS Blog.
Scriptlets--Internet Explorer 7 disables Dynamic HTML (DHTML) scriptlets by default. (Scriptlets were phased out in Internet Explorer 5). They can be re-enabled by system administrators by changing the advanced settings in the Internet Control Panel. To change the setting, open Internet Explorer, click Tools, and then click Internet Options. In Internet Options, click the Advanced tab, and then scroll down to find Allow Scriptlets. If you are a developer and your programs rely on scriptlets, we recommend that you use more efficient DHTML behaviors. Disabling scriptlets by default is done to deemphasize unsupported technology in Internet Explorer.
ActiveX controls--The new Internet Explorer 7 ActiveX Opt-In feature disables ActiveX controls on a user's machine. When the user visits a webpage that is trying to use a disabled ActiveX control, they see an Information bar to enable the control. Controls which were used in Internet Explorer 6 before upgrading to Internet Explorer 7, along with some pre-approved controls, are not disabled.
Channel Definition Format (CDF)--All CDF support was removed from Internet Explorer 7 and replaced with the RSS feed reading experience. Feeds that the user is subscribed to are available to other applications through the RSS Platform. For details, read the RSS Platform.
DirectAnimation--All DLLs to support the Internet Explorer DirectAnimation component were removed in Internet Explorer 7.
XBM-- XBM, an imaging format designed for X-based systems, is no longer supported.
SSL--Support for weak SSL ciphers was removed from Windows Vista and support for SSLv2 was disabled for Internet Explorer 7 on all platforms.
Windowed Select--The Windowed Select Element was replaced by Windowless Select in Internet Explorer 7. This results in some cosmetic changes.
BASE Element--Internet Explorer 7 strictly enforces the BASE element rule, as documented in the HTML 4.01 standard. We no longer allow BASE tags outside of the HEAD of the document. The standard specifies that the base element must appear within the head of the document, before any elements that refer to an external source.
window.opener and window.close--Internet Explorer 7 no longer allows the window.opener trick to bypass the window.close prompt. Browser windows cannot close themselves unless the windows were created in script. This security enhancement no longer allows browsing to a random site when the main browser window closes unexpectedly.
Changes that affect modal or modeless dialogs created from script--Modal or modeless dialogs created from script in Internet Explorer 7 might seem to be slightly bigger than their Internet Explorer 6 counterparts. This is caused by a change to the behavior of the dialogWidth and dialogHeight properties, which now set and retrieve dimensions of the content area of a dialog (from Internet Explorer 7 and later). It will no longer be necessary to calculate the area lost by elements of a dialog’s frame. Information on these changes will be posted on the Internet Explorer Blog.
Generic Spoofing Risk Reduction in Internet Explorer 7--The window.prompt script method is blocked and the gold Information bar is displayed by default in Internet Zone for Internet Explorer 7. The helps prevent websites from spoofing things such as the logon screens of other websites. This is a new security enhancement for Internet Explorer 7.
WWW-Auth--Internet Explorer 7 changes the precedence rules for WWW-Auth. Previous releases of Internet Explorer used the first header encountered. Internet Explorer 7 uses the first header except when the header is Basic. Internet Explorer 7 uses Basic authentication if no other authentication mechanism is present.
HTTPOnly Cookies--HTTPOnly cookies can no longer be overwritten from scripts.
_SEARCH--The _SEARCH sidebar is disabled by default in Internet Explorer 7. It is now a setting and can be turned by checking Enable websites to use the search pane in the Advanced tab of the Internet control panel.
View Source--The view-source protocol no longer works in Internet Explorer 7.
Gopher Protocol--Support for the Gopher protocol was removed at the WinINET level. (Gopher support was turned off by default in Internet Explorer 6.)
window.external.ImportExportFavorites--window.external.ImportExportFavorites has been removed in Internet Explorer 7.
Telnet--The Telnet protocol handler is no longer supported in Internet Explorer 7.
SysImage URL Scheme--The SysImage URL Scheme has been removed from Internet Explorer 7.
Status Bar Scripting--Scripts will no longer be able to set the status bar text through the window.status and window.defaultStatus methods by default in the Internet and Restricted Zones. This helps prevent attackers from leveraging those methods to spoof the status bar. To revert to previous behavior and allow scripts to set the status bar through window.status and window.defaultStatus, follow these steps:
- Open Internet Explorer, click the Tools button, click Internet Options, and then click the Security tab.
- Click Internet or Restricted sites, and then click the Custom level button.
- Scroll down to Allow status bar updates via script, select Enable.
- Click OK until you return to Internet Explorer.
Security Settings for Script Access to the Clipboard--New security-related updates for Microsoft Internet Explorer 7 include a change in the default security settings for Script Access to the clipboard. Sites using scripts to access the clipboard in the Internet and Trusted sites zones will receive a prompt that will inform the user that their clipboard is being accessed by script. The prompt will require user permission to continue. Giving permission will allow the website to save information to the clipboard, and read any existing information from the clipboard. This security setting is designed to help prevent the possibility of information disclosure through script access to the clipboard.
Installing Internet Explorer 7 with The Microsoft Windows Server® 2003 operating systems with Service Pack SP1 (SP1)--The home page will be reset to the secure page (res://shdoclc.dll/hardadmin.htm).
Upgrading from Internet Explorer 6 to Internet Explorer 7 on Windows Server® 2003 operating systems with Service Pack SP1 (SP1)--Users upgrading from Internet Explorer 6 to Internet Explorer 7 on Windows Server® 2003 with the setting Enhance Security Configuration turned on might notice that the machine will not be set to the correct Enhanced Security Configuration (Internet Explorer Hardening) defaults for Internet Explorer 7. To change the settings back to the correct defaults, an administrator should turn OFF Enhanced Security Configuration and then turn it ON again. To do this,
- Open the Control panel.
- Select Add/ Remove Programs.
- Locate the Enhanced Security Configuration option.
- Turn it OFF.
- And now turn it ON again.
Your server settings would be set to the correct Enhanced Security Configuration defaults for Internet Explorer 7.
Active Desktop--Active Desktop has been removed from Windows Vista. It is still available on 32-bit versions of Windows 2003 Server and Windows XP SP2 with reduced functionality. The following features have changed:
- Synchronization of Active Desktop with online content is no longer supported.
- The ability to restore Active Desktop if software or the operating system stops responding is no longer supported.
- The Active Desktop item’s window does not show the title of the webpage (it shows the address of the webpage).
- For a webpage restricted by Content Advisor, the Action Cancelled page is not displayed.
Solutions:
1.
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=962189&SiteID=1
I've had the same issue... and did a bit of research on my own to see if I could find a work-around for this.
I have created a simple testing example online to try out different methods of opening new windows and having them self-close: http://sky.prohosting.com/savage25/AutoCloseExample.html
As you can see from the descriptions within it, IE6 and IE7 react differently in several of the cases. Hence the "issue" that IE7 has created...
In particular, the one that is causing me issues is the FORM submission using a "_blank" target window. It closes without confirmation in IE6, but does not in IE7.
A work-around that I discovered: IE7 may actually have become less secure when JAVASCRIPT redirects the current page (within the same window), and then this redirected-to site closes the window... the page then closes without any confirmation. I was able to use this "bug" (?) to my advantage as a work-around to solve the problem.
Instead of calling "window.close()" to close the current window... do this:
window.open('close.html', '_self');
Where "close.html" contains:
<html><body>
<script language="JavaScript">window.close();</script>
</body></html>
This should work in both IE6 and IE7 to close the current window without confirmation.
I am currently using it in my application and it works well.
Paul Narsavage
Bethlehem, PA, USA
savage_25 at yahoo.com
Hi Paul,
Thanks for the great tip. The window closes with a prompt in IE7 now but now the prompt appears in IE6.
We need to add window.opener=top; to the close.html before calling window.close() for it to work in IE6 and IE7.
So, the final HTML will be
<html><body>
<script language="JavaScript">window.opener = top;window.close();</script>
</body></html>
2. http://www.developersdex.com/asp/message.asp?p=2978&r=5426935
window.open('','_parent','');
window.close();