I can understand the principle of locking down web browsers on server machines, but there should at least be a straightforward way of overriding it.
The other week we were connected to a remote server trying to debug some ASPX code. That’s remote as in: on another continent, and not using the fastest connection. (It was designed to be fast for a remote population of users, not us.)
A good way to debug the code without switching on debug errors for everybody is to RDP onto the box and browse it from there.
This didn’t work because, despite Windows 2008 IE ESC (Internet Explorer Enhanced Security Configuration) not being enabled, it was blocking cookies, and every option I could find to try and turn it back on was either disabled, or did nothing.
‘Cos you know, browsing localhost (which has your own code on it ferchrissake) is a terrible security risk. Sigh.
In a rush to resolve it, we eventually resorted to downloading and installing Firefox on the machine. (I love Chrome, but its automatic updates and things scare me slightly; probably not good for a server. Some day I’ll dig around and figure out if it can be turned off. Come to think of it I should make sure FF doesn’t do the same thing.)
Firefox brought its own problems. Straight after installation, it decided to load up some hideously slow (on this less than ideal link) page with video. No, actually, two pages — using two tabs — and despite it proclaiming how fast and responsive it is, wouldn’t respond. Blargh. Thanks a bundle, Mozilla.
It must have taken a minute or more to come back — a long frustrating time when you’re in a hurry.
This solution did, however, work — we could finally see the debug messages, thank goodness.
Is there an official way of getting IE to behave itself?
In the homescreen of the Server Explorer there is an option to config IE ESC (Enhanged Security Configuration). It is the first thing I kill on a new server (and then I download Chrome 🙂 )
It seems to be an IE issue, but not related to ESC. This may help:
Yep, it’s not an ESC problem. Thanks @mgm, will try that.
No idea about IE, but if you want Chrome without the Google spystuff in it, get Iron, made by SRWare. It’s the same browser (Chromium), minus Google’s built-in call-home stuff or auto update. And if you get the portable edition, which doesn’t mess with your system, it should be the least intrusive and secure in a server environment.