Application Compatibility Logging in Internet Explorer 7 and later versions | introduction to MS Application Compatibility Logging Toolkit for Troubleshooting Windows

Page content

Application Logs: An Introduction

Almost all of the major applications create a log that notes down specific actions including the time at which the different modules of the application started, if they loaded successfully or failed, error codes in case of failures, and much more. These application logs give out plenty of information about the functioning of the application if studied properly. In case of severe errors, these application log files help the computer technicians in troubleshooting Windows application. In short, you can use the application logs both to study how an application functions as well as to troubleshoot Windows application.

Application Compatibility Logging in Internet Explorer 7 and Use of MS-ACT

Microsoft introduced plenty of security features with the Internet Explorer 7 and Internet Explorer 8 versions. These security features sometimes conflict with any webpage, its URL, content, scripts, or anything making the website unavailable to the user. The Application Compatibility Logging feature helps the user determine what is causing the problem.

Microsoft is also offering a debugging tool that allows you to test your webpage’s compatibility with the Internet Explorer 7 or Internet Explorer 8 prior or after hosting it. Named the MS Application Compatibility Toolkit (MS-ACT), the software is available as free download to programmers and web developers so that they can test any program, script or webpage on different platforms (includes different OS other than browsers) before actually deploying it.

The program also helps in identifying and debugging the problems as and when they occur while you use the Microsoft Windows. You must have encountered several instances when IE or a MS program fails and asks you whether it shall send details to Microsoft. The data sent is mainly from the log entries that helps the MS team work towards fixing the problem. The resolution is later released as a security patch or any other form of update.

Toggling Application Compatibility Logging ON or OFF in Internet Explorer 7 or 8

You may not be able to toggle the application feature ON and OFF from within the Internet Explorer 7 or later versions. The default state is OFF. When it is turned on, the Internet Explorer 7 creates log files per user on the computer and stores it in the Event Viewer under Computer Management. You can access the Event Viewer by right clicking on the My Computer icon and then selecting Manage from the context menu.

Advanced users may alter the Registry key Feature_Enable_Compat_Logging (under Hkey_Current_Users) by setting its “iexplore” (DWORD) to 0 or 1. If the value is set to 0, the Internet Explorer will not create a log file. To enable Internet Explorer 7 application compatibility logging, set the value to 1. However, an average user does not need to go into the details as the Application Compatibility Logging is used normally by the web application developers only.

In the coming section, let us see what all is logged and how does the data help the web program developers when they use MS Application Compatibility Logging Toolkit.

Note: Hereafter, when we refer to Internet Explorer 7, we will also be considering the later versions of the browser, such as the IE 8 beta, IE 8 RC, and IE 8.

Application Compatibility Logging - What all is Logged by Internet Explorer 7

Most of the items that the Internet Explorer 7 reports in the log file are the mal-functioning or malicious URLs owing to its enhanced security features. Let us take a bird’s eye on what all can a web application developer find useful in the Event Viewer.

1 URL Parsing

Whenever a user enters or clicks a link to open a website, the security features in Internet Explorer 7 and 8 check for the URL’s compatibility with the RFC’s guidelines. RFC, or Request for Comments was an attempt to create a standard for several aspects of Internet computing. Though many features of the RFC are already being used as a standard, the drafts are still awaiting a clearance for worldwide adoption.

Plenty of fake websites use URLs that are almost similar to the real ones. For example, if you misspell a letter in bank’s URL, you are taken to a site that resembles the actual bank’s website. You might have received several links in your emails wherein you were asked to update your credit card or bank information by clicking on the link. These are mal-formed or malicious URLs that try to fool the Internet Explorer 7 and thereby you into believing that you are at the right place. However, the security features of Internet Explorer are smart enough to detect the fake URLs.

Generally, when you enter an URL in the address bar of the Internet Explorer 7, it creates a log in the event Viewer if it finds the URL to be malicious. It has its own technique to identify a malicious URL. The most common method is to re-create the URL and navigate to it. If the URL fails to be re-constructed, it is logged to the Event Viewer. The Event Viewer will contain both the URL and the reason why the reconstruction failed.

Note: Sometimes a URL creation may also fail because of insufficient memory. The reason can be detected by using the Microsoft Application Compatibility Logging Toolkit.

2 Website Certificate Problems

If the Internet Explorer finds that a website has an invalid certificate, it will log the URL and the problem with the certificate. The problems with a website’s certificate can be one of the following: Invalid date; Invalid Domain; Name and Domain Mismatch; Unknown Certification Authority; and a host of other reasons.

3 Cross Domain Scripts

Whenever the Internet Explorer 7 finds a script on a webpage that attempts to navigate you to another page without your knowledge, it will create a record of the event in the Event Viewer. You might have seen a bar at the top of your browser saying that a script was blocked, which often relates to this problem/threat. Though some of such scripts are safe, plenty of scripts attempt to take you to a page where they can download malicious software to your computer or procure confidential data using any methods.

4 Active X Scripts

If the Internet Explorer finds any Active X Control on the page that is not created by the first party application vendor, it blocks the script and logs the event. It notes down the script name, date and time, publisher of the script, and reason why it was blocked.

5 Phishing Filter

Internet Explorer 7 invested a lot in creation of a list of phishing websites. The list keeps on growing each day. Apart from restricting or warning the user about the characteristics of the site, Internet Explorer also alerts the user of any website it finds suspicious. All this is again logged into the Event Viewer.

Summary of the Article

There are plenty of security features in Internet Explorer 7 and the Internet Explorer 8 that help you stay safe when you are browsing the Internet. The Application Compatibility Logging creates records in the Event Viewer that can be used to know the reason why a website, a script, or an Active X was blocked, that is, if you want to know the reason. However, most users do not venture into the detailed enquiries. This saves you time and keeps you protected as you browse the web.

There are some genuine websites that too get restricted because of these security features in the Internet Explorer 7. But as they say, “prevention is better than cure”, these security features are praiseworthy measures that Microsoft has taken to keep its customers safe while on the Internet. As regards the genuine websites’ prohibition, the web developers can always use the MS Application Compatibility Logging Toolkit to locate the problem recorded in the Event viewer and rectify it. Stay safe and upgrade to Internet Explorer 7 or its successors.


MSDN Library