老黃賣瓜::自打嘴巴

IE 7.0 的正式版推出不到二十四小時﹐Secunia 已經在的網站上公佈 IE 7.0 的第一個安全漏洞。

Secunia has confirmed the vulnerability on a fully patched system with Internet Explorer 7.0 and Microsoft Windows XP SP2. Other versions may also be affected.

在一個 Fully patched 的 WinXP SP2 + IE 7.0都受影響，看來 IE 要改為名 Internet Exploiter。目前還沒有 patch，Internet Explorer 7.0 的使用者唯有祝你好運及請自求多福。

Update:
在 Microsoft 的 Security Blog 上（The Microsoft Security Response Center）也提到了這個安全漏洞：Information on Reports of IE 7 Vulnerability。

Microsoft 終於推出 ie 6 的後繼版本，Microsoft Internet Explorer 7 正式版可以下載了，雖然我比較少用 Internet Explorer，（其實就只有在做 Windows Update 時才用到），但新版對 CSS 的 Support 作出改善，（其實只是 ie 6 的 CSS Support 真是十分爛），有興趣的朋友可以下載試試看。

另外一提的是 Mozilla Firefox 2.0 RC3 也已經推出，如無意外 Mozilla Firefox 2.0 的正式版也快將推出﹐到時大家可以比較看看。

I just read Paul Thurrott’s article IE 7.0 Technical Changes Leave Web Developers, Users in the Lurch. Although it was written last August.
Summary:

• In a recent blog entry, Microsoft Internet Explorer (IE) Lead Program Manager Chris Wilson revealed many of the technical improvements that Microsoft will add to IE 7.0 for its final release. Almost all the improvements are related to bugs in IE’s implementation of Cascading Style Sheets (CSS). Many of these bugs are not fixed in the currently available IE 7.0 Beta 1.
• Microsoft doesn’t plan to fully support the latest CSS standard in IE 7.0.
• The most critical point in Wilson’s post, in my mind, is Microsoft’s admission that it will fail the crucial Acid2 browser-compliance test , which the Web Standards Project (WaSP) designed to help browser vendors ensure that their products properly support Web standards. Microsoft apparently disagrees. “Acid2 … is pointedly not a compliance check,” Wilson noted, contradicting the description on the Acid2 Web site. “As a wish list, [Acid2] is really important and useful to my team, but it isn’t even intended, in my understanding, as our priority list for IE 7.0.” Meanwhile, other browser teams have made significant efforts to comply with Acid2.
• Microsoft blames backward-compatibility problems for the stalemate over true Web standards compatibility. Put succinctly, the company has gone its own way for so long and now has to support so many developers who use nonstandard Web technologies that it will be impossible to make IE Web-standards-compliant without breaking half the commercial Web sites on the planet. Furthermore, by halting all IE development for several years before reconstituting the IE team to create IE 7.0, Microsoft has set back Web development by an immeasurable amount of time.
• My advice is simple: Boycott IE. It’s a cancer on the Web that must be stopped. IE isn’t secure and isn’t standards-compliant, which makes it unworkable both for end users and Web content creators.

Pretty strong words from Microsoft-advocate Paul Thurrott.

Web developer still need to take care IE user, we still need to write more IE only code, web user please use other more standard compilance browser like Mozilla Firefox, Apple Safari and Opera to make web developers’ life much more easier.

I’ve use many firefox plugins and the followings are my best favorite plugins for web developer.

Web Developer Extension (http://chrispederick.com/work/firefox/webdeveloper/)
The Web Developer extension for Mozilla Firefox and Mozilla adds a menu and a toolbar to the browser with various web developer tools.

LiveHTTPHeaders (http://livehttpheaders.mozdev.org/)
Help debugging web application.See which kind of web server the remote site is using. See the cookies sent by remote site.

MeasureIt (https://addons.mozilla.org/extensions/moreinfo.php?id=539)
Draw out a ruler to get the pixel width and height of any elements on a webpage.

ColorZilla (https://addons.mozilla.org/extensions/moreinfo.php?id=271)
Advanced Eyedropper, ColorPicker, Page Zoomer and other colorful goodies.