back to article 'Supporting Internet Explorer is hell': Web developers identify top needs – new survey

Mozilla has released the first "Web DNA Report", in which devs identify their top needs in terms of web development - and browser compatibility is the biggest issue by far, especially when it comes to supporting our old friend Microsoft Internet Explorer. Despite Mozilla's sponsorship, the new survey has cross-vendor support. …

  1. Pascal Monett Silver badge

    "If you allow web applications to be more like native apps"

    Then you can be sure that the mayhem we are currently witnessing will expand tenfold, then tenfold again.

    Look, I understand that this is interesting and important from a business point of view, but please, pretty please, DO NOT EXTEND THIS TO THE WEB IN GENERAL.

    Because that will just be the end of the web as we know it. For reals.

    Also, make sure you never program any SCADA interfaces with that, because God knows Russian hackers would just love to hijack that.

    1. Anonymous Coward
      Anonymous Coward

      Re: "If you allow web applications to be more like native apps"

      If they want native performance, API's etc, then write a damn application for the system, not a 'web app'.

      1. Anonymous Coward
        Anonymous Coward

        Re: "If you allow web applications to be more like native apps"

        by 'system' you mean hardware, right? And *real* assembler, right? Because that sounds like the direction of this recurring luddite whinge.

        1. Anonymous Coward
          Anonymous Coward

          Re: "If you allow web applications to be more like native apps"

          If the application calls for that and performance can be dramatically improved and that performance is needed then optimise those parts of code that will do that with assembler.

          But if actually having some form of brain that can see reoccurring trends, with how new generation developers want what the previous had but threw away because it was stupid and caused vast insecurities, except now they want in built into the damn browser with even more access is being a Luddite, I must be.

      2. Crisp

        Re: "write a damn application for the system, not a 'web app'"

        But marketing have heard that Competitor$ has a new web app out and they want one too now.

        It's just software, how hard can it be?

    2. DCFusor

      Re: "If you allow web applications to be more like native apps"

      Came to say roughly the same thing, but I think your emphasis on "muh Russians" is out of place in a world that has:

      1. The Chinese (an NORKs and ...)

      2. The 5 eyes

      3. Every kind of financial scammer spread out across all nationalities and cultures.

      4. Industrial espionage

      5. more - this is not a "one minute of hate will solve it" kind of thing.

      I mean, yeah, the Russians too - but they're getting lost in the noise anymore. That fascination with them seems mostly to be used by US and UK governments to distract us from all the other bad actors, including themselves.

      And yeah, here come the downvotes from those very people who use that to keep everyone they can in the dark about what really goes on. Or as a substitute for knowledge and observation, or are too lazy to think. You can't cancel the truth, even if you can't handle it.

      The sandbox is there for a reason. If devs had personal liability for the harms and costs their bugs create...they'd all quit!

      1. Killfalcon Silver badge

        Re: "If you allow web applications to be more like native apps"

        I for one am just lazy and use "the russians" as shorthand, since we've got nearly three generations of them being the baddies in Bond movies and the like.

        Also if I say "the NSA" too often they will put me on a List.

    3. J27

      Re: "If you allow web applications to be more like native apps"

      It's browser plugins all over again.

    4. Blackjack Silver badge

      Re: "If you allow web applications to be more like native apps"

      Agreed.

      Remove desktop is still a huge safety risk and that's with something that's actually designed and thought to take control of a computer remotely.

      Giving a Web App access to the computer and or device directly is pure madness.

      1. ThatOne Silver badge
        Facepalm

        Re: "If you allow web applications to be more like native apps"

        > Giving a Web App access to the computer and or device directly is pure madness.

        Unfortunately I can only upvote this once.

        When you see what bad actors already manage to do with the oh so limited means they have today, one should think it is obvious that giving them total control over hardware and file system is suicide. Just hand your computer over to anyone who wants it. And why? Just because it would be "cool" to use a browser to run stuff on a remote computer? Really? Which of humanity's many problems does that solve, pray tell?

        I think some developers should consider the "Common Sense for Dummies" book.

    5. Filippo Silver badge

      Re: "If you allow web applications to be more like native apps"

      "Also, make sure you never program any SCADA interfaces with that, because God knows Russian hackers would just love to hijack that."

      Some of my clients have started asking for exactly that. Start factory engines from the browser. I've flat out refused so far. Not sure how long I'll be able to keep doing it, though.

    6. macjules

      Re: "If you allow web applications to be more like native apps"

      Just a though mind. Why don't we set up an overseeing commission to enforce standards across all platforms and browsers where the internet is required? We could even call it something like "World Wide Web Consortium"!

  2. iron Silver badge

    Shame they didn't ask me any of these questions...

    What is missing from the web?

    Security, Privacy, Control (of your own data and online persona)

    1. Persona Silver badge

      "What is missing from the web?" ..... add testing to your list. I sometimes wonder what some web pages have been tested on, apparently non of the three browsers I use.

      1. Anonymous Coward
        Anonymous Coward

        Exactly this. So many in house web applications would be better as desktop apps. I've replaced a number of these, essentially data management webapps, with desktop apps over the years. Typically writing them in Java, which despite its detractors can be cross platform and performant if you avoid non-public classes, use the built in cross platform support for things like filenames and know which data structures to use.

        And that last thing is where many web devs fail, using inappropriate data structures or algorithms and relying on throwing more resources at the thing to make it work well enough. That's less of an option on a desktop machine where the resources are more constrained. Too many devs I interview seem to have skipped the algorithm part of their education, and don't even know "big O" notatuon.

        1. Anonymous Coward
          Anonymous Coward

          I learned everything I know about "big O notation" from watching Office Space...

      2. Killfalcon Silver badge

        My main recurrent nightmare isn't webpages that haven't been properly tested, it's the adverts they let a third party display alongside.

        Something on this very page is currently using 79% of my CPU. Like... how? When will the advertising ecosystem get around to downranking poorly written adverts?

        1. LeahroyNake

          That 79% processor usage... If they were clever it would be farming coins, its probably just really badly written code.

    2. Ken Hagan Gold badge

      "Security, Privacy, Control (of your own data and online persona)"

      That's three aspects of every new feature that will, inevitably, be things that may or may not be supported on the customer's browser (depending on that customer's settings). These same devs who moan about having to code for different browsers seem to be determined to demand new "differences that they will have to code for".

  3. JohnFen

    Sigh

    " WebAssembly plays a key role. "WebAssembly is going to change the web … from being a mostly consumption light editing environment to a fully featured editing environment," says one respondent, while another says, "If you allow web applications to be more like native apps, then you can basically replace many of these native apps with web pages.""

    I hope that this doesn't go too far. I strongly dislike WebAssembly for a number of reasons, and don't allow any of it to execute. Replacing native applications with WebAssembly means that there are fewer applications that are available to me.

    1. Buzzword

      Re: Sigh

      Yep. WebAssembly isn't what most people think it is either. It's just an engine for high-speed number-crunching. It doesn't help at all with large string processing or DOM fiddling, which are the most common choke points for large web apps.

      1. Charlie Clark Silver badge

        Re: Sigh

        If your data isn't in a DOM you don't need to to worry about fiddling with the DOM and web assemby makes this possible. Makes sense for games in the browser, less so for other tasks but it's best argument against proprietary plugins.

  4. cornetman Silver badge
    Coffee/keyboard

    "Therefore, when asked what is missing from the web, the answers are things like access to hardware, access to the file system, performance limitations, and access to native APIs."

    Jesus Christ! What?

    1. Mad Chaz

      That's what I was thinking. Keep the web in it's little sandbox please. It's already dangerous enough visiting web pages!

      1. Fatman

        RE: Keep the web in it's little sandbox please.

        <quote>Keep the web in it's little sandbox please. It's already dangerous enough visiting web pages!</quote>

        Like those web sites that issue calls to $DEITY knows where for ad slingers to infect your system with all kinds of shit???

    2. SVV

      If you think that access to your hardware and file system is what is missing from the web, then what will soon be missing from your computer is access to your hardware and file system, never mind the web.

    3. Anonymous Coward
      Anonymous Coward

      But do you know how much profiling data can be slurped with such access??

    4. Bibbit

      Local preference

      Perhaps the article forgot to mention the survey was conducted in St Petersburg?

      1. Fatman

        Re: Local preference

        <quote>Perhaps the article forgot to mention the survey was conducted in St Petersburg?</quote> Russia??

      2. Anonymous Coward
        Anonymous Coward

        "Perhaps the article forgot to mention the survey was conducted in St Petersburg?"

        ?

        "This report would not exist without the input of more than 28,000 developers and designers from 173 countries"

    5. Anonymous Coward
      Anonymous Coward

      "Therefore, when asked what is missing from the web, the answers are things like access to hardware, access to the file system, performance limitations, and access to native APIs."

      Missing? I think they mean "patched" to prevent malware exploits and other security risks.

  5. Henry Wertz 1 Gold badge

    Webassembly and other junk

    Webassembly? I don't care; this is simply to allow something like llvm to produce runnable code, it otherwise is treated as Javascript in terms of security and what it can actually do to the computer. It makes debugging the code (probably) terrible but doesn't really affect anything else.

    Access to native hardware? Sounds terrible, it already has access to my screen, keyboard, mouse, speakers, and (potentially) speaker and mic, and as far as I can tell access to read or write in my home directory. It DOES NOT need more access!!

    Access to native APIs! HELL NO!!! Then you'll end up with abominations like Microsoft was encouraging about 20 years ago (with early .NET), so-called portable applications that are actually totally platform-specific due to use of platform-specific APIs. Also horrible for security; the Javascript runtime could be as secure as you want, but with access to native APIs this can let a bad actor punch right through whatever security the Javascript runtime has set up.

    1. DCFusor

      Re: Webassembly and other junk

      And don't forget the ability to cause port forwarding so things like Skype or G+ can work (and many others...).

      Which when misused can create one whale of an attack surface as soon as someone notices and exploits that one too.

      Oh, snap. Sorry.

  6. Anonymous Coward
    Anonymous Coward

    Straight from the horse's, um. mouth, we have this: "Internet Explorer is a compatibility solution ... rather than a browser".

    https://www.theverge.com/2019/2/8/18216767/microsoft-internet-explorer-warning-compatibility-solution

    https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/The-perils-of-using-Internet-Explorer-as-your-default-browser/ba-p/331732

    1. Killfalcon Silver badge

      It's a great tool for running legacy webapps where the developer retired 10 years ago and your outsourced techies quote 100 days work to change in any way. The dark secret of enterprise isn't that the backend mainframe is running 40 year old cobol, it's that you're required to support 5 year old IE 9 appplications...

      Also if you have the misfortune of supporting office automation written for IE.... Edge, Chrome, all the "real" browsers work in completely different ways. I'm not even sure if VBA *can* automate Edge.

  7. Carpet Deal 'em

    The other theme is that in this particular community, there is a strong desire for the limitations of web applications to be removed. Therefore, when asked what is missing from the web, the answers are things like access to hardware, access to the file system, performance limitations, and access to native APIs.

    This makes perfect sense! We can call these "Active" APIs, and tack an "X" on at the end for generality. What could possibly go wrong?

    1. Ken Hagan Gold badge

      "What could possibly go wrong?"

      All sorts of things, obviously, but don't worry. If the good devs mark their ActiveX code as "safe" then we can put a switch in the browser to only run the good ones.

      (Edit: It has just occurred to me that some of my readers may be too young to get the joke. For their benefit, then: Yes, Microsoft actually did this.)

      1. DCFusor

        They just cleared the "evil" bit?

        For young'ns: https://en.wikipedia.org/wiki/Evil_bit

      2. RuffianXion

        I'm a little bit younger and quite a bit newer to the web and it's associated technologies than many here, but ActiveX in my mind is basically a synonym for malware, did I get that right?

        1. chivo243 Silver badge
          Windows

          consider it the beacon for malware... runway lights and a guy waving the malware in pointing where to park!

      3. Franco

        Funnily enough I'm in the middle of creating a new Windows 10 deployment Task Sequence in SCCM for a client. Default browser is Chrome (which I hate, but it has ADMX templates so can be controlled) then Edge, but they still need IE for one ancient LOB app which will only run via an unsigned ActiveX.

        I have pointed out the risk of this, but they wanted the ActiveX installed by default in the image, so the only way I could find to get this thing working is a batch script to copy the DLLs and OCXs to the SysWOW64 folder, then manually registering each of them as part of the script. The date stamp on the CAB file containing the files is from 2000.

        Thankfully I normally only have to deal with ActiveX plugins on old servers where the DRAC or iLO still use them, and they are getting rare too.

    2. vmistery

      We still have some LOB apps which require IE and some horribly unsafe settings to make it work. We’ve now got some settings which switch them to Edge for other pages which are not on a list which mitigated part of the issue but if any of those legacy apps which haven’t been improved in 15+ years get compromised (which lets be honest would probably not be hard) then bye bye org. I really hope we’re not going to see ActiveX mk2, one of those things that sounds great in a developers head at the time and is sold to the marketing team.

  8. Anonymous Coward
    Anonymous Coward

    " Only 8.2 per cent of the respondents identified as women, which the authors say is "unfortunately a common problem with many developer surveys.""

    Sorry, if 8.2 per cent of the respondents were actually women, that means that your statement is bullshit. Perhaps everyone who answers your next survey should check the box for female. Then what would you do, admit that the rest of your survey results are likely garbage?

    1. Anonymous Coward
      Anonymous Coward

      " Only 8.2 per cent of the respondents identified as women, which the authors say is "unfortunately a common problem with many developer surveys."

      Maybe I should start checking the "female" box on surveys then. I might be 40 years too old to actually make the change, but I could at least pretend.

    2. RuffianXion

      Just because 8.2 per cent 'identify' as women, that doesn't mean 8.2 per cent actually ARE women. It's 2019, we're on the verge of a whole new decade where gender means whatever you want it to mean, making statistics such as this utterly meaningless (sorry statisticians).

  9. arctic_haze
    Mushroom

    Supporting Internet Explorer?

    I would think nuking it from the orbit is a much better decision.

    1. RuffianXion

      Re: Supporting Internet Explorer?

      Didn't we already nuke it from Chrome?

  10. DJV Silver badge

    "use what is provided by Google, Facebook or Microsoft"

    What, for "security"? Not in a million years!

  11. Anonymous Coward
    Anonymous Coward

    Interesting that the communty here seems almost unified for once

    It helps that giving people who are whining about CSS being to hard unfettered access to hardware from a web page is like handing a monkey a loaded gun, but usually with this lot there is at least an even spit of contrarians to balance the threads out.

    It's like a Christmas miracle.

    1. RuffianXion

      Re: Interesting that the communty here seems almost unified for once

      Well, anyone who agrees that CSS is too hard probably won't have found their way here anyway, or if they did, found that forums are too hard as well and went home.

      1. Anonymous Coward
        Anonymous Coward

        Re: Interesting that the communty here seems almost unified for once

        Hmm. Have you ever tried to get CSS to put some arbitrary Thing in some arbitrary position relative to another Thing?

        Come back and say that again when you can do that in less than a couple hundred lines of thoroughly twisty CSS.... Or more likely a couple of tens of kilobytes.

        (Not a webdev, but I sometimes have to put one hand over my eyes and use the other to poke at it with the 11-foot-pole-for-poking-things-you-wouldn't-touch-with-a-10-foot-pole.)

    2. ThatOne Silver badge
      Facepalm

      Re: Interesting that the communty here seems almost unified for once

      > giving people who are whining about CSS being to hard unfettered access to hardware

      Yes, it's funny how people who can't even manage the simple tools they have, think they need to be given much more complicated ones. "I can barely drive! You need to give me a muscle car!"

      Given the quality (or lack thereof) of many commercial shopping sites I've seen, I wouldn't trust those developers with a pair of scissors, much less with my computer(s).

      1. Mike 137 Silver badge

        Re: Interesting that the communty here seems almost unified for once

        ""Given the quality (or lack thereof) of many commercial shopping sites I've seen..."

        Thanks ThatOne.

        As an example, the CSS on this site and its subsidiaries locks up an entire processor core at around 100% even with JavaScript turned off. Disable the style sheet and the load goes down to 5%. And that's essentially a static page. I haven't been faffed to reverse engineer it to find out why - I just go somewhere else.

        1. Paul Crawford Silver badge
          FAIL

          Re: Interesting that the communty here seems almost unified for once

          Yes, the Farnell site (and CPC, Newark, as they are all the same organisation) is quite crap in this respect and also I found a couple of months ago that using uBlock was breaking the site's search options. WTF did they do? Have every search going back to Google?

          Reported it and got the usual lame "have you cleared your cookies/cache?" sort of shit.

        2. chronicdashedgehog

          Re: Interesting that the communty here seems almost unified for once

          Seems to be using Aurora CMS. CM systems aren't renowned for their efficiency

  12. J27

    I think all web devs should band together and just stop supporting IE at all. If every website you visit tells you to download Chrome or Firefox then you'll have to do it.

    1. Anonymous Coward
      Anonymous Coward

      There are many that don't support IE especially; especially those old enough to remember the bad old days of IE6. You basically had to make one site for IE6 and one for everything else.

      IE doesn't have the market share for that kind of twattery nowadays, so the stance I take is they can conform to standards or fuck off.

  13. a_yank_lurker

    Hardware Access

    There is a good reason to limit the hardware access from a web site; security. The less a site can directly access the less damage malicious code can cause. One could argue that there is too much access already via the browser to cause mischief so adding more access should be non-starter.

    Cross platform code can be written using the JVM and more most applications whatever performance penalty this might incur is probably noticeable to the user. One problem I have seen with a web app is they can be browser dependent and even worse browser version dependent; I see that at work.

  14. Jamie Jones Silver badge

    "Should we all just use (say) chromium"

    No, no, no! And it's not to do with the "competition" angle mentioned, but as soon as you assume a browser quriks, you end up locking out systems that don't even have that browser available.

    It would be a return to that "best viewed in internet explorer" or the ever inappropriate one often seen on commerce sites "This site will only work with internet explorer 6. You must upgrade to continue" - A lovely way to treat potential customers who were most likely "upgraded" far beyond what IE6 offered.

    In a similar vein, how many of these "browser quirks" today are real, and not down to badly written html/css/code that doesn't conform to standards?

    1. The obvious

      Re: "Should we all just use (say) chromium"

      When Opera is and even Edge is about to be a crappy chrome-skin anyway, we pretty much are... it’s not looking great for standards.

  15. Blackjack Silver badge

    How about you know... stop supporting it?

    We aren't back in the era when Internet Explorer was used by 80% to 90% of people who used a web browser.

    Then again Chrome for Android recently screwed web apps over.

  16. Ian Johnston Silver badge

    Only 8.2 per cent of the respondents identified as women, which the authors say is "unfortunately a common problem with many developer surveys."

    That would only be a problem with developer surveys IF there were significantly more or fewer women working as developers AND if women developers' requirements and experiences were significantly different from mens'.

  17. chivo243 Silver badge

    Develop for IE?

    The missus has never asked for a winstall to check her work. She tests on phones, tablets and her mac(s). She's found over time that fewer and fewer people use a computer to access her company's website. I don't remember the figures, but tablets and mobiles are at the top for her customer base. Yes, her company is at the opposite end of the spectrum from corporate entities that rely on M$ technology.

  18. Will Godfrey Silver badge
    WTF?

    usenet never looked so attractive

    If this comes about, and I can't find a browser without such crud, that's where I'll be heading again.

  19. J.G.Harston Silver badge

    "Only 8.2 per cent of the respondents identified as women, which the authors say is "unfortunately a common problem with many developer surveys.""

    So........ round up 25,000 women at gunpoint and force them to become web developers? You're complaining about a fundamental factor of being human - individual choice.

  20. J.G.Harston Silver badge

    "making a design look the same"

    There's your problem right there. They're in the wrong job, they're print media designers.

    1. -tim
      Facepalm

      Style vs Content

      I don't care about design, I care about content.

      So many CSS "experts" don't seem to understand they need to define things relative to character sizes and not pixels. If I zoom in to read something, everything needs to zoom in which seems to be something the chrome broke a long time ago and has just made worse with the newer versions. I use Safari because I can right click on all images and open them in a new window where I can zoom them enough to see. Lately Chome has decided I don't need that option on all images.

      There is other idiocy as well like why does Atlassian have its own font and why can't they make it so it isn't fuzzy? Why can't my bank make a PDF that doesn't need the latest version of Acrobat to display? Oh they put style over contend and don't put their magic font in the file.

  21. Anonymous Coward
    Anonymous Coward

    Why wasn't IE killed with fire years ago?

    1. Kiwi
      Trollface

      Why wasn't IE killed with fire years ago?

      This evening, from my home in Lower Hutt New Zealand, I admired a beautiful if somewhat red sun - the effect in our atmosphere from the scrub burning in NSW some 2,200 km (~1400miles) away. While most of this material will be relatively benign and potentially beneficial, it does remind me of the widespread effects of pollution especially from things burning.

      There are some things so toxic that they should not be burnt ever - not even in the core of the sun. Launch them at an enemy solar system (preferably even outside our galaxy), but don't burn them in our own.

      IE is a level of toxic that should only be burnt in another universe.

  22. TeeCee Gold badge
    WTF?

    "especially the aged IE11"

    Anyone who thinks supporting that is hard should ask somebody over 16 what it was like supporting IE6.

    "Aged"? Some of my T-shirts are older than IE11.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like