I'm trying to find or compile a list of the last versions of the most common browsers (i.e. IE, Firefox, Chrome, Safari, Opera) which supported only SSLv2.
Please note, I have seen this question, but I also found a Microsoft Answer which states otherwise, so I'm not considering it as reliables
The list so far:
Internet Explorer: IE6 (no service packs)
( IE7 uses SSLv3 by default, updated IE6 will also use SSLv3 [source] )
The Microsoft Answer you link to doesn't contradict the answer to the question you link to. It just says that IE7 was the first one to use SSLv3 by default. Whether IE7 is the first version of IE to do this by default doesn't really matter.
Your question is specifically about which browser did not support anything above SSLv2 at all.
This Apache Httpd/mod_ssl FAQ suggests that IE 5.x already had support for SSLv3 (albeit broken when used against some versions of OpenSSL):
The next problem is that 56bit export versions of MSIE 5.x browsers
have a broken SSLv3 implementation, which interacts badly with OpenSSL
versions greater than 0.9.4.
SSLv3 was introduced with Netscape 3 and also is in IE3 too.
Related
I have a particularly knarly IE11 bug that appears to be caused by HTTP/2. At present the only evidence I have is that if Fiddler is intercepting (therefore forcing HTTP/1.1) the bug goes away.
In order to isolate it I really need to turn off HTTP/2 in IE11.
I've disabled HTTP/2 in Internet Options and rebooted the computer but IE11 stubbornly carries on using HTTP/2.
Does anyone who what this setting actually does?
Does anyone know how to disable HTTP/2 in IE11?
It’s a design change of Wininet component which enabled HTTP2 by default for AppContainer and LowIL processes. As we know , most of IE content process (internet and restricted zone) run as Low integrity level.
So we have two workaround:
1. Disable LCIE;
2. Add the specified URL to trust site zone or intranet zone.
Why is Opera SRI support unknown? On a Mozilla Developer Network page, it shows various browsers and if they support SRI. Opera is unknown, why is Opera unknown? Is there not a way of testing Opera, for SRI support?
Of course there is a way to test Subresource Integrity support in opera. You just need two things for that, first you need to have opera installed, and second you need some time to start opera, trying to visit a page which should fail the integrity check (possibly setting it up first) to document the result.
It just seems the author of the Wiki entry decided to not spend time on downloading, installing or testing Opera hisself. As it's a Wiki, anyone willing to spend the time on testing opera is likely welcome to add the result.
Several users have emailed us to report that they cannot access our site using Firefox because we're using SSLv3. The problem is, we discontinued support for SSLv3 a while ago. I've tested our site using the Qualys SSL Labs scanner and the report says we don't support SSLv3. I've also tried initiating a handshake from the command line using SSLv3 and it returns the correct error.
Has anybody dealt with this? Could anybody guess what's going on here? It's driving me nuts. I've tried restarting our servers, changing what ciphers we support (not protocols-- we only support TLSv1), promoting new servers to master via keepalived, and more. Users continue to complain that Firefox won't let them access our site.
I want to serve mobile content for browsers older than IE7. All I could find on Google was that the User Agent for IE 6 is "MSIE 6". What about IE 5 and below? And Netscape and early versions of FF and Opera?
This site has the user agent strings for most browsers (old versions and new versions).
http://www.useragentstring.com/pages/useragentstring.php
Internet Explorer:
http://www.useragentstring.com/pages/useragentstring.php?name=Internet+Explorer
Firefox:
http://www.useragentstring.com/pages/useragentstring.php?name=Firefox
Opera: http://www.useragentstring.com/pages/useragentstring.php?name=Opera
user-agents.org has a pretty comprehensive list of user agents including browsers, spiders, robots and crawlers.
If you want to serve the same content but styled differently a better approach is CSS media queries.
To support really old browsers from microsoft conditional comments are easy to implement as well.
Any older than that I would strongly recommend not doing anything for. On the contrary suggest to those users to upgrade to newer browsers.
You can still find user agent strings on sites like http://www.user-agents.org/
This seems like a pretty exhaustive list. - Browser ID Strings (aka User Agent ID)
As we all know that Microsoft and Mozilla had released the latest browsers IE9 and Firefox 4 recently, and I want to use them in our projects/sites, but I don't know what's the risk if I upgrade them, which means I'm not sure our sites can be shown correct or not on these latest browsers, if someone can give me some advices on this issue will be helpful, thanks.
When you say that you "want to use them in [your] projects/sites", am I correct in believing that you want your sites to test well against them?
If so, then I humbly submit that's the wrong way to look at it. The greater danger is in NOT supporting the new browsers, because your visitors will be using them, regardless of your decision. Therefore, you MUST test your sites against them, because if your site breaks, then your visitors won't return. (If these are completely internal visitors, like for an intranet, then you block your staff from being able to stay current with other current web applications.)
The real question is whether you want to keep supporting older browsers. For now, that's required, too. You must build your sites in such a way that they work correctly in ALL relevant browsers. IE7 is still used by a lot of people, so you might continue supporting it (for now). IE8 is a must, as is Firefox 3, Chrome 10.0, and Safari. (I don't know the current Safari.)
Many websites publish statistics on the commonly used browsers. It's your decision how low of a percentage you want to support. Personally, I would support any browser having market share above 10%, unless you're a VERY highly trafficked site, in which case, I MIGHT support any browser above 2%.
If you're concerned about how you can continue testing against older browsers, then Internet Explorer has a "Developer Tools (F12)" feature that allows you to change your rendering to match older versions. I don't know about other browsers, but I think you can have both Firefox 3 & Firefox 4 installed on the same machine. Until you have a way to continue testing Firefox 3, do not install Firefox 4, at least until it surpasses Firefox 3 in use.