If you plan to use Complex Scripts (like Arabic, Hebrew, Thai, etc), you should ensure that you have support for complex scripts installed. I know that sounds obvious, but we wanted to make sure people know how and why to do this. Let us examine this in detail using an international URL issue that Dean recently encountered while dogfooding IE7.
What is the issue?
Internet Explorer will sometimes display Right-to-left (RTL) languages such as Arabic or Hebrew, in the address bar in left-to-right (LTR) order. Due to IE’s IDN homograph-spoofing mitigation; this would be an issue only for users who have that language in their language settings (otherwise navigating to an international URL will display the hostname as punycode). Still, this is a genuine customer scenario that should just work. For example, consider a Hebrew URL:
This would show up in the address-bar as http://xn--4dbcd.com by default. But a user with Hebrew in their accepted-languages might see:
We found it very surprising that such an important issue was not reported widely during Beta 1 and Beta 2, so we wanted to dig a little deeper.
What did our investigation reveal?
This happens only on machines where support for complex scripts is not installed. Complex Scripts are those which require contextual processing for display, editing, and other functions, such as:
- Bi-directional (BiDi) reordering (e.g. Arabic, Hebrew)
- Contextual shaping (e.g. Arabic, Indic family)
- Display of combining characters (e.g. Arabic, Thai, Indian)
- Specialized word-break and justification rules (e.g. Thai)
- Disallowing illegal character combinations (e.g. Indian, Thai)
IE’s address bar uses the Windows EDIT control which uses GDI to display characters. When support for complex scripts is not installed, GDI can just map a given Unicode codepoint to a glyph and display it, but can’t do context-specific stuff like changing the order or shape of characters. All this language specific complexity is handled by Uniscribe, which is installed when you install support for complex scripts. Inside the browser, of course, we support all these scripts ourselves, regardless of whether the Windows EDIT control support is installed – the problem only occurs in the address bar.
Who does this issue impact?
You can run into Unicode URLs incorrectly displayed in the address bar if:
- You are running a non-complex-language build of Windows XP/Server 2003, such as an English build. Uniscribe support is always installed on complex-language-builds of Windows XP/Server 2003. Windows Vista always has this support installed.
- You have not added support for input in any complex language using the system control panel. The complete support is installed if you install support for any complex script input.
- You have that particular complex/bidi language in your accepted-languages. As I mentioned above, if the language is not added to your accepted-languages, you’ll just see punycode in the address-bar.
We have not seen any bug-report mentioning this, and do not think this is an issue that a typical user of complex scripts would run into.
How can you fix the issue?
If the description above matches you, or if you just want to play it safe, you should install complex script and RTL languages support. This not only corrects the IE behavior, but will give you a more consistent experience when using complex scripts in other components and software running on Windows XP.
Go to “Control Panel-> Regional and Language Options” and check the setting shown below. You’ll need the Windows XP CD and will need to restart.
Feedback?
Comments and feedback are welcome! Make sure you try out IE7 Beta 3!
-Vishu Gupta
Developer
That’s fine since I know nothing about Arabic. 🙂
I browse to RTL websites and I have experienced this problem. However, i just thought it was an "unimplemented" feature. I didn’t think enough people in the world cared about it for you to actually fix it. I’m glad to know that it is supposed to work and I’m happy to see you provided me with exact steps on how to make it work. Now it works like a charm! Thank you.
I’ve always been rather curious why this text rendering support isn’t simply installed by default.
I have noticed that when using Internet Explorer Beta 3, it is much better about displaying websites, but there are still some very frustrating to use.
http://www.facebook.com is a very popular site used by college students. However, the pages are often displayed oddly with pictures or words not lined up properly, and instead off to the right or left of the screen.
Sometimes they are impossible to figure out because they scatter all over the screen. This happened with IE 7 BETAs 1 and 2 as well, but to more of an extent. There are other pages too where words or things are scattered and it’s almost like the frames on the page are messed up.
Help?
Hello brion,
It is turned on by default in Vista. As hinted at in http://blogs.msdn.com/michkap/archive/2005/05/27/422458.aspx over a year ago!)
What I’d like to see is BOM removed from UTF-8 notepad based files for Vista. I can’t find ~ANY~ UTF-8 editor that can display all the various langauges I’ve got translation links for on my site on a single file like Notepad but BOM screws up the browsers somehow.
One of the reasons no-one has opened bugs about Hebrew rendering errors in URLs is that there are very little, if any, URLs in Hebrew. 🙂
In this wondrous age of Unicode it may be possible to have Hebrew characters in URLs, but this is a relatively new occurence. Most Hebrew-speaking computer users are only slowly warming up to the concept of a filesystem that supports Hebrew characters (though that’s been available for years) and recovering from such catastrophes as backup software that ignores Hebrew-named files.
Given all that, do we trust all DNS servers to properly store Hebrew names for addresses? Sorry, no. Not quite yet.
I don’t know what the situation is like for other RTL/complex scripts, though. English teaching in Israeli schools may not result in perfect English speakers, but it gives most people enough to understand English URLs. 🙂
i found another issue and it might be related with this. I use turkish chr set and if i type a wrong address like http://www.mıçrosoft.com by using turkish chrs. it just locks the IE 7.
do you have any suggestion other than trying to type carefully 🙂
my viev it good and i see the window of IE7 in right to left because i from israel and i speak hebraw so my IE7 is fiffrent but because that the symobls upsude to and this is anuing.
@Avener Kashtan: International domain names are stored using Punycode, which is plain ASCII. Hence, there’s no need for a DNS server to handle Hebrew, because as far as it’s concerned, it’s just responding to an ASCII address that starts with xn--.
We expect that International Domain Names will become increasingly popular as IE7 is deployed worldwide.
http://channel9.msdn.com/ShowPost.aspx?PostID=212952
Security hole,or what ?
Work on IE7 Beta 3.
@Matrix: This is a (rarely used) feature, and it’s a real stretch to call it a "hole". In order to exploit this, a bad guy would have to be able to drop his code on your desktop. If he can do that, there are far more interesting things he could do instead.
Note, it’s this same feature that allows you to type the name of one of your Favorites in the address bar and have it navigate.
http://www.zdnet.com.au/blogs/securifythis/soa/Windows_shortcut_trick_remains_unexplained/0,39033341,39259246,00.htm
An article that anyone who ever thinks about right-to-left scripts can be seen in IEBlog, it is entitled…
Anybody seen this:
http://en.wikipedia.org/wiki/Internationalized_domain_name#Spoofing_concerns
The actual site is:
http://web.archive.org/web/20050211033410/http://www.xn--pypal-4ve.com/
though since the site is down now, it probably won’t display it since it’s only for the domain.
Hi,
I have been trying to find a way to enable script debugging in IE but it just doesnt seem to work. I have just installed IE7 B3 after uninstalling B2 but the same problem continues.
I uncheck the disable script debugging checkbox in the options and fail to get teh view->script debugger option. Nor does the control break at debugger; statement
CAn you please help?
Abhi.
This webpage is causing 99% CPU usage. IE stops responding after this page completely loads.
http://www.expressindia.com/fullstory.php?newsid=70717
defsd
>This webpage is causing 99% CPU usage. IE stops
>responding after this page completely loads.
>
>http://www.expressindia.com/fullstory.php?newsid=70717
Not for me Dileepa. The page takes a fair few seconds to load, but task manager shows the CPU not going beyond 30% (and this is only a 1GHz processor).
It does however show:
Internet Explorer could not open [url].
Operation Aborted.
in an error messagebox. Whatever that means!
Steve
After loading IE 7 (worked fine) my software
for HP-printer/scanner did not work anymore.
Uninstalling HP and reloading a newer version
resulted in loss of many XP-functions.
Reason was that uninstalling HP stopted many
services in XP.
I tried several times with new-installing XP,Works,Norton,upgrades, etc.
Installing HP kept proper working until IE 7was
installed,after de-installing IE 7 everything,
XP etc, kept proper working.
I dont dare anymore to uninstall HP so IE 7
remains remains a wish.
PS:HP means a PSC1315 with old and new software
both with all updates.
Probably Vista can give the same results.
It still does for me:
In my hurry to post it here, I left out a few impt details:
IE7 B3 on Windows XP SP2 (all the latest patches). The system has both Office 2K and Office 2007 B2. And WMP11 Beta. And Yahoo Messenger 8 Beta.
And it happens everytime I open the URL:
http://www.expressindia.com/fullstory.php?newsid=70717
@m1t0s1s: Yes, everyone working on the IDN feature has read the background on the Paypal spoof which is referenced in the Wikipedia article. Mitigating spoofing concerns was the primary design goal for our IDN implementation.
how useless… this "new" internet explorer is just a copy off of firefox
My friend uninstalled beta 3 so he could install beta 4, He’s a msdn subscriber, and his computer crashed… it was almost a total loss, but i was wondering if there was a patch or was it a 1 in a million thing? I have my backup ways and everything but i don’t really want to re load my computer…
Plz e-mail me or something at lttony1990@sbcglobal.net
when you have an url in your favorites that has a long description…it stretches your favrorites menu which is normal…but when you delete it it doesn’t shrink back to the size of the next biggest link…until you restart ie.
There is a traitor amongst the Microsoft ranks.
http://blogs.msdn.com/ryanrogers/archive/2006/07/08/660423.aspx
He eschews the American Dream of profit and competition, and actually wants to EMULATE and LEARN from the slothful, disgusting fat libearl Mountain-Dew guzzling Democ-rat open source hippies.
Please fire him.
This is not a comment about Displaying tfeL-ot-thgiR Scripts, It’s a request.. sorry for that but I can’t find any other way to contact you.
Could you release an Internet Explorer 7 wallpaper?(based on http://www.ieaddons.com/ background) It’s very beautiful. Thanks and sorry again.
IE7 Beta 3 does not view pdf
The security pop-up does not have an option to disable the pop up if security is set to customer satisfaction
I think IE7 rocks!
Does anybody know how to send feedback for the Windows Media Player 11 version. I just can’t find the place.
You can send feedback for the windows media player 11 version here
http://www.microsoft.com/windows/windowsmedia/community/newsgroups/WindowsMedia/default.mspx?dg=microsoft.public.windowsmedia&lang=en&cr=US
Hey Good job Bill gates ! 😉
IE 7 is kool.
I love the way u make life so easy for all of us. Its a pity there are a lot of critics around as well.
Could the development team please hide the URL which is now visible in pop ups. I wouldnt want my users to see the URL. They might just copy and play with it.
Thanx
Daemon007 [XBOX 360 Id]
Name: Rohit Kumar
@Daemon007: One of the things that the industry has learned over time is that security through obscurity simply doesn’t work. Even if the Address bar is hidden, you wouldn’t be able to stop folks from using a HTTP Debugger (e.g. http://www.fiddlertool.com) from sniffing the secret URLs and playing around with them.
EWAEEWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRREEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE3333333333333333333333333333333333333333333444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR444444444444444444444444RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
EWAEEWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRREEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE3333333333333333333333333333333333333333333444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR444444444444444444444444RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
EWAEEWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRREEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE3333333333333333333333333333333333333333333444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR444444444444444444444444RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
I just installed Norton Internet Security 2006 on my Win XP Pro P4 computer and am getting an error message when I open the AntiSpam section. The error message reads:
Internet Explorer Script Error
Line: 15
Char: 1
Error: Object expected
Code: 0
URL: res://C:ProgramsCommon DataSymantec SharedAntiSpamas.Res.LOC/nasstatus.htm
Do you want to continue running scripts on this page?
Yes No
After searching the Symantec Database, I tried re-installing the MS Scripting Host 5.6 but that didn’t solve the problem. I tried de-installing and re-installing NIS but that also didn’t work. The AntiSpam section of NIS shows all parts in the status of "Refreshing" but it seems to be stuck there. Does anyone know of a possible solution?
Thanks,
John
testing
good blog.
this is awesome!
PingBack from http://greenteafatburner.info/story.php?id=2550
PingBack from http://quickdietsite.info/story.php?id=5475