Internet Explorer Download
Lync Click To Call Internet Explorer
Internet Explorer Updates
When Internet Explorer crashes, freezes or stops responding in your PC, don't worry. This article will provide you 5 effective methods to help you effectively fix Internet Explorer not working, crashing issue and just follow to repair IE browser in Windows 10/8/7 with ease now.
Another easy way to open Internet Explorer is to make use of the Run Command. Right-click on the Start button and then click on Run in the menu that appears. Alternatively, you can press Windows + R keys to open the Run command. In the Run Command dialogue box, type iexplore and click on OK.
The free plug-in supports modern versions of Chrome and Firefox on both Mac and Windows computers, as well as Internet Explorer 8 and higher. To make calls with Skype on the Web, visit Outlook.com.
Internet explorer (IE) can be opened from Run command by executing iexplore. If you want to open a website or web page directly from Run window, you can just specify the URL of the site/page with the iexplore command. For example, to open www.windows-commandline.com, you can execute the below command from Run window.
Input internet in the search box on the taskbar, and choose Internet Explorer from the result. Q: Is the new internet Explorer Microsoft edge? A: With the launch of Windows 10 comes Microsofts new built-in browser that is supposed to interchange web Explorer. Though Internet Explorer will nonetheless be included in windows, the older browser. --
This content refers to an older version of F12 developer tools. Please visit our latest F12 tools documentation.
If you're looking for the Tools menu or toolbars in Internet Explorer 11, try:
Download mavericks os x installer . If you got here by clicking an error message and simply want to avoid error messages in the future, try:
This is a quick reference to the tools, commands, and menus available in F12 tools, built into Internet Explorer 10. Each element of the interface is identified and has a short description of what it does. For more information about using the Developer tools in Windows Internet Explorer 8, see Developer Tools User Interface Reference. For more on using F12 tools in Windows Internet Explorer 9, see How to use F12 Developer Tools to Debug your Webpages.
The F12 tools screen
The Menu bar
The File menu
The Find menu
The Disable menu
The View menu
The Images menu
The Cache menu
The Tools menu
The Validate menu
The Browser Mode menu
The Document Mode menu
The F12 tools view panes and tabs
The HTML tab
The CSS tab
The Console tab
Script tab
The Profiler view
The Network tab
Search
Window controls
Related topics The F12 tools screen
F12 tools provide a set of tools that you can use to design, debug, or view webpage source code and behavior. F12 tools can be opened in a separate window or pinned to the bottom of the webpage that you're debugging. The tools range from a simple color picker to a full-featured script debugger for a debugging environment that's much like standalone development tools. The Profiler and Network capture tools can help you track down performance problems in your code or on the network. Each page you open in your browser can have its own F12 tools session, making it easy to work on multiple webpages at the same time. The Script debugger supports static and dynamic scripts for seamless debugging with HTML5 Web Workers threads.
To open F12 tools, press 'F12' from the webpage you want to debug or inspect. To close F12 tools, press 'F12' again.
This image shows a typical view of the main tools UI: Element name Description Menu bar Lists command menus that can be accessed at any time regardless of the selected View . The Menu bar persists on the screen even when the F12 tools interface is pinned to the Windows Internet Explorer window. Views Provides a list of views to select for your page. Selecting a view, such as HTML or CSS tab also changes the toolbar for this selected tab. View toolbar Provides commands and tools that are specific to the current view. Main view pane The left pane is the main view for all views. It displays views of your page's HTML source code, Cascading Style Sheets (CSS), console messages, script source, profile or network reports. Details pane This pane displays details for the current tab ( HTML , CSS , Script , and Network views). Depending on the current view, the divider between the two panes can be moved to resize each pane. For Console and Profiler tools, there are no separate detail panes. Detail views Depending on the current tab, you can select the type of details to see. File chooser When in Script view, this button displays a drop-down list of all files and dynamic scripts associated with the page. When in CSS view, it displays only the CSS files. The Menu bar
The following sections describe the details of each Menu item.
Note Some submenu settings can only be changed if Internet Explorer Protected Mode is turned off. If you make changes to these settings, such as Disable scripts , and then turn Protected Mode on, you won't be able to make changes until Protected Mode is turned off again. To turn off Protected Mode , follow these steps:
In Internet Explorer, click Tools , and then click Internet options .
Click Security , and then clear the Enable Protected Mode check box.
Click OK , and then close and restart Internet Explorer.
The File menu
The Find menu
The Disable menu
The View menu
The Images menu
The Cache menu
The Tools menu
The Validate menu
The Browser Mode menu
The Document Mode menu The File menu
On the File menu you can undo changes, choose your source viewer, view a Help link (this article), and close the tools. Command name Description Undo all Resets all the changes made to the current instance of Windows Internet Explorer and refreshes the webpage. Customize Internet Explorer view source Lets you change the source viewer to use when you click View Source :
Default viewer: Use the built-in color-coded syntax viewer.
Notepad: Use Notepad as the viewer.
Other: Choose another program installed on your computer to be the viewer. Online Help F1 Displays this article. Exit F12 Closes this instance of F12 tools. The Find menu
On the Find menu, you can choose the 'Select element by click' command from a menu. A faster way to do the same thing is to use the Select Element by click button available in any view. Command name Description Select element by click (Ctrl+B)
Selects an element when you click it. A border is drawn around the element on the webpage, and the left pane switches focus to the HTML tab, and scrolls to bring the highlighted element into view. The right pane shows details of the selected element, based on the current detail view (such as Watch or Local variables , Call stack , or Breakpoints ). The Disable menu
These tools help you test how users experience your site based on their browser configuration. These commands toggle the features on and off (click to disable, and click again to enable). Command name Description Script Turns off all scripts on a webpage. When this setting is selected or cleared, it reloads the page to reflect the current setting. This setting can only be changed if Protected Mode is turned off. Pop-up Blocker Disables all pop-up blockers so that pop-ups are allowed on this website. This setting is not available if Internet Security has Protected Mode set to On . To activate this command, set Protected Mode to Off . CSS Turns off all CSS used on the page. When this setting is selected or cleared, it reloads the page to reflect the current setting. When the page is refreshed in the browser, the setting is cleared and CSS is turned on. The View menu
The View menu contains settings that put information about elements, such as class and id attributes, visually on the page. Class and ID, link path, tab indexes, and access key information are shown as text label overlays on the webpage. Double-click a label to select the text, right-click and select Copy , or press Ctrl+C to copy the text to the clipboard. Command name Description Class and ID information (Ctrl+I) Displays the class and id values for all HTML elements on a webpage. Link paths Displays the link paths for all links on a webpage. Link report Generates a list of all links found on this webpage, and reports it in a tab or window. Tab indexes Displays the tab indexes for elements on a webpage whose tabindex attribute is defined. Access keys Displays the access keys for elements on a webpage whose accesskey attribute is defined. Source Displays the Source submenu that is described next. The Source submenu
The Source submenu provides access to various source views of a document. When selected, the requested source is displayed in a new window. To get the Element source with style and DOM (element) options , select an HTML element first. You can use the Select element by click command, or click an element in the HTML tree. Command name Description Element source with style Displays only the selected element's HTML source, content, and CSS style rules in a new window. DOM (element) Ctrl+T Displays only the selected element's HTML source and its content in a new window. DOM (page) Ctrl+Shift+G Displays the full HTML source in a new window, showing element nesting. This view shows the full Document Object Model (DOM) structure of the page, including sources that are dynamically written to the DOM by scripts. This is the DOM as represented by Internet Explorer. Original Displays the original HTML source in a new window. This is equivalent to performing a View Source on a webpage in Internet Explorer. Dynamic content written to the DOM using scripts are not shown. The Images menu
This menu provides information about images on a webpage. The options that show image dimensions, file size, paths, or alt text are shown as text label overlays on the webpage. You can double-click a label to select, and then right-click or press Ctrl+C to copy the text. The following shows an image with all information displayed. Command name Description Disable images Disables rendering of all images on a webpage. This command causes the webpage to refresh without showing any images, and also disables the Show image file sizes command. This setting can only be changed if Protected Mode is turned off. Show image dimensions Displays the dimension of all images found on a webpage. Show image file sizes Displays the file size of all images found on a webpage. The file size is reported in bytes. Turning off images with Disable images also disables this command. Show image paths Displays the absolute path of all images found on a webpage. View Alt text Displays the alt text for all images whose alt attribute is defined. View image report Generates a list of all images defined on this page, and displays it in a new Internet Explorer instance. The Cache menu
These settings can help ensure your pages load into the browser as they exist on the server, and not from a local cached copy. This is helpful when you're regularly changing the source or testing the server response. Command name Description Always refresh from server Forces Internet Explorer to always download webpage content from the server rather than using cached content. This command persists until you clear it or the Internet Explorer instance is closed. This setting can only be changed if Protected Mode is turned off. Clear browser cache.. (Ctrl+R) Deletes the browser cache and all temporary files. Clear browser cache for this domain.. (Ctrl+D) Deletes only the browser cache and all temporary files that belong to the current domain. Disable cookies Disables the use of all cookies from this Internet Explorer instance. This command persists until you clear it or the Internet Explorer instance is closed. This setting can only be changed if Protected Mode is turned off. Clear session cookies Deletes all cookies acquired during this browser session. Clear cookies for domain Deletes all cookies from this domain. View cookie information Generates a list of all cookies stored in Internet Explorer, and reports it in a new Internet Explorer instance. See the cookie property reference for information about working with cookies. The Tools menu
These settings provide tools that help you with common tasks. You can do things such as test a page in different resolutions, measure elements on the page, and capture the specific color of a point on the page. Command name Description Resize
Provides a submenu with a list of predefined screen sizes, and a custom size option. When you pick a predefined screen size, the Internet Explorer window resizes to the new dimensions immediately. Preset screen sizes can be selected by using the shortcut keys shown in the submenu. You can create your own custom screen sizes. To Add a custom screen size, do the following:
Click Tools , click Resize , and then click Custom to open the Resize Browser dialog box.
Type the Width and Height you want, and click Add . This adds your custom screen size to the list.
To remove a custom size, select it in the list, and then click Delete .
To use a custom size, open the Resize Browser dialog box, click a size, and then click Resize . The list of custom sizes persists across browser sessions until you delete them. New screen sizes aren't available to browser sessions that are already open when you add the custom size. Click Close or press ESC to close the Resize Browser dialog box. Change user agent string
Lets you change the way Internet Explorer appears to a website by changing the user agent string (UA). A submenu lists versions of Internet Explorer on the PC and Windows Phone, as well as several other brands of browsers. The custom setting lets you add and set your own UA strings. The friendly name is shown on the list of available UA strings. The Default setting returns the browser to its current default setting. Clear entries on navigate
Lets you keep or clear console messages and the Network tab log when you navigate to a new webpage in a debugging session. By default, Internet Explorer clears all console messages, and the Network view capture logs when you leave a page. Show ruler (Ctrl+L)
Lets you to measure objects on the screen. The command opens the Ruler dialog box with options and hints for using the tool. Multiple colors and rulers are supported. For better precision, press CTRL+M to toggle a magnifier on or off. After a ruler is drawn, it shows the (x-y) coordinates of each end of the ruler relative to where the points are on the screen. The ruler length is shown at the center of the ruler in pixels. This information is also shown at the bottom of the Ruler dialog box when you hover over a defined ruler. A ruler can be moved, resized, or re-angled. To remove a ruler, select it and press the Delete key. When done, click the X button at the upper-right corner to close the dialog box. When the dialog box is closed, all rulers are hidden. They reappear when you reopen the Ruler dialog box. Show color picker (Ctrl+K)
The color picker tool can sample colors from any object on the page. The Color Picker dialog box shows the color sample, and the color's RGB and HEX values, that the picker is on. To see a color value used on a webpage, click the color of interest with the eyedropper cursor. To pick a different color sample, click the eyedropper icon on the dialog box and repeat the previous step. Click Copy and close to copy the HEX value to the clipboard for use in your webpage. Click the X button or Hide color picker on the Tools menu to close the dialog box. Outline Elements (Ctrl+O)
Helps you understand and debug page layout by making it easy to identify the size and position of elements. You can set a color to identify all elements of a certain element type. Use CSS selector syntax to specify elements on a webpage. For example, to highlight all paragraphs, use p in the selector field, and set a color. Elements are outlined after you close the dialog box. For more info about using selectors, see Understanding CSS Selectors. The Validate menu
This tool validates the current webpage or file using web-based validation services. You get a confirmation dialog box before sending your current page to the web, letting you cancel without sending. Validation reports open in a new window so you don't lose the page you're debugging.
The local HTML and CSS options open the validation website where you can manually enter a URL, browse for a local file, or paste in some code to validate. Command name Description HTML
Validates the HTML of the current webpage. CSS
Validates the CSS of the current webpage. Feed
Validates Really Simple Syndication (RSS)feeds. Links
Validates all links in the current webpage. Local HTML..
Opens a new window with the option to enter a URL, choose a local HTML file, or paste in code to be validated. Local CSS..
Opens a new window with the option to enter a URL, choose a local CSS file, or paste in code to be validated. Accessibility
Validates the current webpage using one of the following accessibility validation services:
WCAG Checklist is the World Wide Web Consortium (W3C) Web Content Accessibility Guidelines (WCAG). It defines guidelines for creating accessible webpages.
Section 508 Checklist is the US government's accessibility guidelines for creating accessible webpages. Multiple validations..
You can run one or more validation checks in a single request. Select the type of validation you want, and then click OK to start the request. You'll only get one confirmation dialog box regardless of how many validations are selected. Each selection opens in a new tab and contains the resulting validation report. The Browser Mode menu
The Browser Mode menu allows you to test how your page appears and behaves for users running Internet Explorer 10 and earlier versions of Internet Explorer. Command name Description Internet Explorer 10 Use this mode if you want to test how Internet Explorer 10 users experience your website. This enables HTML5, CSS3, and other standards Internet Explorer 10 supports. Internet Explorer 10 Compatibility View Tests how Internet Explorer 10 users experience your webpage if they choose the Compatibility View option on the address bar. Internet Explorer 9 Internet Explorer 9 browser mode. This enables HTML5, CSS3, and other standards that Internet Explorer 9 supports. Internet Explorer 8 Use this mode if you want to test how Internet Explorer 8 users experience your website. Windows Internet Explorer 7 Use this mode if you want to test how Internet Explorer 7 users experience your website.
When you first load a webpage, F12 tools determines the default Browser Mode and selects the appropriate mode. A check mark appears next to the current mode of the document. Changing the mode causes the webpage to refresh. The page remains in this mode until another mode is chosen or you close the browser. For more info, see Testing Browser and Document Compatibility Modes with the Developer Tools, and IE10 Compat Inspector on the Internet Explorer blog. The Document Mode menu
With this tool you can modify the document mode of the current page without modifying the DOCTYPE or META tag in the source. Command name Description Standards (Alt+S) .This is the most standards-compliant behavior available in Internet Explorer 10. Quirks (Alt+Q) This behavior provides enhanced HTML5 support in an interoperable Quirks mode based on the behavior defined in the HTML5 standard. This HTML5-based quirks mode is the default Quirks mode in Internet Explorer 10. For more info, see Interoperable HTML5 Quirks Mode in IE10 Internet Explorer 9 standards (Alt+9) This is the most standards-compliant behavior available in Internet Explorer 9. Internet Explorer 8 standards (Alt+8) This is the most standards-compliant behavior available in Internet Explorer 8, and is the mode used by default in Internet Explorer 8 when rendering a document with a strict or unknown document type. Internet Explorer 7 standards (Alt+7) This behavior matches that of Internet Explorer 7 rendering a document with a strict or unknown document type. Internet Explorer 5 quirks (Alt+U) This behavior matches that of Internet Explorer when rendering a document with no document type or a Quirks document type. It is similar to the behavior of Microsoft Internet Explorer 5 and the Quirks mode behavior of Microsoft Internet Explorer 6, and is the same as the Quirks mode of Internet Explorer 7.
When you first load a webpage, F12 tools determines the default Document Mode and selects the appropriate mode. The text Page default in parentheses indicates the default mode of the webpage. A check mark appears next to the current mode of the document. Changing the mode causes the webpage to refresh, and remains in this mode until another mode is chosen or the browser is closed. For more info, see the article on Testing Browser and Document Compatibility Modes with the Developer Tools. The F12 tools view panes and tabs
The primary pane (left side) and details pane (right side) provide views of HTML, CSS, or Script source, or status and reports for the console, profiler, and network views. In HTML view you can edit the source in the left pane. You can resize the viewable area of the left and right pane by moving the divider bar between the two views.
When the view changes, so does the toolbar and the details view. The following tables describe the views, details, and toolbars you can use.
The HTML tab
The CSS tab
The Console tab
Script tab
The Profiler view
The Network tab The HTML tab
The HTML tab lets you to inspect your document sources and to make changes to test their effect. These changes can then be saved into a text file that can be used to incorporate new or modified material into the main site.
This view contains the DOM structure of the HTML tree for the current document. When a page first loads, or the Refresh button is clicked, the tree view is collapsed. This view can be expanded or collapsed by clicking the plus (+) sign by an element or node. You can use the tree structure to drill down to the element you want to inspect, or use Select element by click to find the element within the document for you. You can click on any attribute name or value to edit it directly. When you click an element, the properties associated with it show in the right pane . The HTML tab toolbar
This toolbar provides commands you can use in the HTML tab. Command name Description Select element by click (Ctrl+B) Lets you quickly find the source for an element on the current webpage. Click this button and then click the element on the webpage. The element is outlined on the webpage, and the element's source is highlighted in the left pane. The details view shows style, trace style, layout, or attribute information about the selected element. This button is available on all views. Clear browser cache.. (Ctrl+R) Clear the browser cache to get fresh page content from the server at next refresh. This button is available on all views. Save HTML (Ctrl+S) Opens the Save As dialog box to save the source displayed in the HTML view. The file is saved in a .txt file format to prevent writing over the original source file. Refresh (F5) Refresh the content in the HTML view to its default state. The Refresh button has no effect when Edit mode is on. Element source with style (Ctrl+T) Displays a new window with the selected element's HTML source and CSS styles with nested element structure. Before using this command, select an element in the body of the document either from the HTML view, or using Select element by click . This is a shortcut to the same command found in the View / Source command menu. Edit (Alt+E) Edit the current HTML file in the HTML view. This source is the internal representation that Internet Explorer uses to render the page. To wrap long lines of text, click Word Wrap . To see the results of your changes, click the edit button again. This switches out of the Edit mode and refreshes the page to reflect any new changes. Word Wrap (Alt+W) Wraps long lines within the HTML view when you're in Edit mode. Otherwise, this command is disabled. The HTML details view
The details view shows information about elements selected in the HTML view. Detail view Description Style The Style view shows how CSS rules, properties, and values are applied to the selected element. Click or clear the check box to the left of each rule to turn it on or off. This can help you see how rules affect the element and page, or let you experiment with different combinations. The rules for an element are shown in cascading order so that the last rule on the list is currently being applied. Previous rules or rules higher on the list are struck out to show that they have been overridden. The rules are grouped by defined style rules. Trace Styles The Trace Styles view shows the same information as the Style view, except it is grouped by properties rather than elements. Expanding the property shows a list of style rules that have this property defined. Layout The Layout view shows the attributes of the element's box model. This view shows how the element flows in relation to the objects around it. For more info about the box model, see the W3C's box model discussion. Attributes The Attributes view shows all the attributes and values for the currently selected element. The CSS tab
The CSS tab shows the content of the currently selected style sheet and helps you see the effect style sheets have on a webpage especially with multiple style sheets where rules can overlap. Use the View styles drop-down list to switch between style sheets. You can change styles in the CSS view and save them to a text file using the Save CSS button.
The check boxes let you to enable and disable specific properties or entire rules. When the style rule's check box is checked, all properties of that rule are enabled. When cleared, the all properties of that rule are disabled. Each property also has its own check box to turn that property on or off. Click a property name or value to edit it. Press 'Enter' to accept and apply changes immediately.
Note For numeric properties, you can click the value and use the up and down arrow keys to change the value like a spin control.
The CSS view The CSS tab toolbar
In the CSS tab, the toolbar changes to provide these commands: Command Name Description Select element by click (Ctrl+B) Lets you quickly find the source for an element on the current webpage. Click this button and then click the element on the webpage. The left pane switches to the HTML view, and highlights the element source. The details view shows style, trace style, layout, or attribute information about the selected element. Clear browser Cache.. (Ctrl+R) Clear the browser cache to get fresh page content from the server at next refresh. Save CSS (Ctrl+S) Opens the Save As dialog box to save the source displayed in the CSS view. The file is saved in a .txt file format to prevent over writing the original source file. View styles Opens a drop-down list to switch between all external style sheet files that are associated with the current webpage. The Console tab
The F12 tools console tab offers a full width view of the same information you see in Script view, where you see the Console view in the right pane. You can receive error messages from Internet Explorer, as well as send your own messages back from your code without having to break the flow of your execution.
You can also use the F12 tools Console view to immediately run script statements outside your program code. Command name Description Select element by click (Ctrl+B)
Lets you quickly find the source for an element on the current webpage. Click this button and then click the element on the webpage. The left pane switches to the HTML view, and highlights the element source. The details pain displays Style, Trace Styles, Layout, or Attribute information about the selected element. Clear browser Cache.. (Ctrl+R) Clear the browser cache to get fresh page content from the server at the next refresh.
For more info about using the Console view and APIs, see Using the F12 Tools Console to View Errors and Status. For a list of Console view errors, see F12 tools console error messages. Script tab
The Script tab lets you see and interact with the JavaScript source on the webpage . Click the View sources drop-down button to pick other script files. Script view shows line numbers and syntax coloring. Click the left margin or a line number to set or clear breakpoints. You can select text in this pane, and right click for a context menu that offers additional commands. For more info, see Using F12 Developer Tools to Debug JavaScript Errors. The Script tab toolbar
The following image shows the toolbar command icons.
The following table describes each of the preceding commands in more detail. Command name Description Select element by click (Ctrl+B) Lets you quickly find the source for an element on the current webpage. Click this button and then click the element on the webpage. The left pane switches to the HTML view, and highlights the element source. The details pain displays Style, Trace Styles, Layout, or Attribute information about the selected element. Clear browser Cache.. (Ctrl+R) Clear the browser cache to get fresh page content from the server at the next refresh. Continue (F5) Continues running script without pausing, until another breakpoint or script error is hit. Break All (Ctrl + Shift + B) Pauses execution immediately before the next script statement is to be executed. Step Into (F11) Executes the next line of script and pauses, even if the next line is inside a new function. Step Over (F10) Continues until the next line of script in the current function, and then pauses. Useful for stepping over function calls. Step Out (Shift + F11) Continues executing script until the next line in the calling function . This command is helpful to return to the point where the current function was called. Configuration (Ctrl + Alt + 0)
Displays a drop-down list of the following settings:
Break on uncaught exception (Ctrl+Shift+E) - Breaks if the script throws an exception that isn't within a try/catch structure.
Break on caught exception - Breaks execution if a script throws an exception that is within a try/catch structure.
Continue after exception - Effectively ignores an exception and continues to the next line in the current scope, rather than stopping.
Word wrap Alt+W - wraps long lines of source code to the width of the left pane.
Format JavaScript - breaks up javascript code that has had unnecessary characters removed (minified) into a more readable format. Start debugging Click button to start debugging. Click again to stop debugging. The debugger control is enabled after Start debugging is clicked and disabled after debugging has stopped. If F12 tools is pinned to the browser window, it opens in its own window when debugging starts. When you stop debugging, you must re-pin F12 tools manually. Script Chooser Click to display a list of external scripts associated with this webpage to show in the Script view pane . The Script details pane
The details pane in the Script view displays information about the code in the left pane. Click to choose one of the detailed views that include console and error messages, local variables, watch variables, function call stack, and the list of breakpoints. Command Name Description Console
The console receives error messages from Internet Explorer. Using the console API, your code can send messages to the console without having to break the flow of your execution. This is less intrusive than using the traditional alert() 3d character creator for mac . method or printing to the screen.
The Console command line can run single and multi-line script statements outside your program code. Statements are executed immediately and results appear in the Console 's pane.
For more info about the console, see Using the F12 Tools Console to View Errors and Status. Watch
View variables from any scope. To add local or global variables and objects, do one of the following:
In the right pane, click the Click to add line and type a variable or object name.
Right-click a variable or object in the left pane and choose Add watch .
This command requires that the debugger be started and execution be stopped at a breakpoint. Locals
When the debugger is running and execution stops at a breakpoint, you can view local variables within the scope of the current function. If you step into another function, the local variable view reflects the new current function. Call stack
Trace the flow of function calls made by executing code. The current function is on top and the function that calls it is below it in the stack. You can double-click a function to go to that function definition in the source. This command requires the debugger to be started and execution be stopped at a breakpoint. Breakpoints
Set breakpoints to stop execution at this point of the script in order to inspect the code. From the Script view pane, you can set breakpoints by doing one of the following:
Right-click a line of code and choose Insert breakpoint .
Click the line number.
Position the cursor on a line of code and press F9. Breakpoints can be set at any time. When a breakpoint is set, the line of code is highlighted and an icon appears next to the line number.
You can also set a conditional breakpoint that stops execution when the condition is true, such as when an exception happens or a variable exceeds a specified value. To set a condition to a breakpoint, right-click a breakpoint in either the left or right pane, and select Condition .
From the Breakpoints pane, you can view a list of all the breakpoints set that are related to the webpage or site you're debugging. You can double-click a breakpoint item to go to that breakpoint in the code. Right-click the pane for a context menu with more options. For more info, see Using the F12 Developer Tools to Debug JavaScript Errors. The Profiler view
F12 tools provides a built-in script profiler that lets you to profile your running JavaScript code in Internet Explorer.
The Current view controls how profiled information is presented. Right-click anywhere in the viewable area, choose Add / Remove columns , and then click the column names you want in the report (any names preceded by a check mark should already be visible in the report list). Click the title of a column to sort the report based on that column. You can double-click an entry to open the Script view and display the code where this item is defined. The Profiler view toolbar
The profiler toolbar lets you change views, export data, start and stop profiling, and view profiling reports. Command name Description Select element by click (Ctrl+B)
Use this command to quickly find an element on a webpage. Click this button and then click the element on the webpage. The left pane switches to the HTML view, and highlights the element source. Clear browser Cache.. (Ctrl+R)
Clears the browser cache to get fresh page content from the server at next refresh. Export Data Save the profile data of the current report to a CSV file. Type the name of the file in the Save As dialog box that appears. Click Save to export the profile data to the file. Start profiling
Click this button to start collecting profile information. When the profiler is started, click the activities you want to profile on your webpage. These script activities are collected and presented to you in a Report . Click the Stop Profiling button to stop profiling and view the report. The session is logged into a report and the information displayed. Repeat this process to record another profiling session. Current view
Set the current view of the profile report. You can view profile report using either the Functions or Call Tree views.
Functions lists all the functions used during the profiling session.
Call Tree shows a hierarchy of calls during the profiling session. In both views, profile data is presented in different columns in the Primary Content Pane . To add or remove columns, right-click anywhere in the pane and select Add / Remove Columns from the shortcut menu. To sort the report on a particular column, click the column header or select the column from the Sort By menu item in the shortcut menu. To rearrange the columns, drag column headers. Current report
Each recorded profile session creates a numbered Report . Click the Report drop-down list to switch between reports. Click Export Data to export the data to a CSV format file. Close report
Closes the current report. The closed report is removed from the report list. The next report on the list becomes the current report. .
For more info about using the Profiler, see Using the Profiler Tool to analyze the performance of your code. The Network tab
The Network tab can help you diagnose network-related issues by showing all the traffic that is related to a page and exposing details about individual connections. You can see the relative timing that each item on a webpage takes to load and render, so you can quickly see and solve problems. Command name Description Select element by click (Ctrl+B)
Use this command to quickly find an element on a webpage. Click this button and then click the element on the webpage. Os x 10 13 3 . The left pane switches to the HTML view, and highlights the element source. Clear browser Cache.. (Ctrl+R)
Clear the browser cache to get fresh page content from the server at next refresh. Export Captured traffic
The Save button lets you save the network capture log to an XML or comma delimited (.CSV) file for further analysis in a spreadsheet or database. Start/Stop capturing
Click to record network traffic. Click again to stop recording and view the report that is generated. Go to detailed view / Back to summary view
The summary view (default) shows all network activity recorded. Click button to change to the detailed view, which drills down on a single URL.
When in detailed view , the next and preview buttons appear to the right of this button, and let you page through the details of each URL in the report. Clear
Click to remove all recorded data from the report.
For more info about the Network view, see Using Internet Explorer Developer Tools Network Capture Search
The Search box provides a way to quickly find specific text in the currently open file or report. Search is context-sensitive and what it can find is based on the currently selected view. For example, in the HTML view, the Search box displays the message 'Search HTML' and searches in the HTML view. Likewise, in the CSS view, the box shows 'Search CSS' and finds text in the CSS view.
Search highlights all matching words and next and previous buttons let you navigate the matches. As you traverse the list of matches, the current match is highlighted and brought into view.
In the HTML view, you can use W3C Selectors API syntax to search for specific elements. For example, use the keyword '@div' to find all the div elements in the page. You can search for CSS class names by '@.myClassName' to find all elements defined as 'myClassName' . You can also narrow your search down by element. For example, '@div.myClassName' only finds div elements with 'myClassName' defined. Search terms are case sensitive when searching for selector class names. For more info about CSS selectors read Understanding CSS Selectors.
For all other views, such as the CSS view, use regular text keywords. Search is not case sensitive in this case. Window controls
Each Internet Explorer instance has its own instance of F12 tools. When working with multiple webpages, use the Pin feature to attach each instance of F12 tools to its associated Internet Explorer instance. When script debugging starts, F12 tools opens in a separate window.
The F12 tools window offers the normal Minimize , Maximize , Restore , and Close window controls, as well as additional pinning controls.
Click the Pin button to attach the F12 tools interface to the Internet Explorer session that opened it. This is useful when multiple instances of F12 tools are opened. However, when debugging is started in Script view, F12 tools always opens in its own window.
Click the Unpin button to detach F12 tools from the Internet Explorer instance.
To resize a pinned F12 tools session, stretch the upper edge of the window to size. Click the Minimize button or press Ctrl+M to minimize the pinned F12 tools session. In a minimized state, F12 tools remains attached to the window and only the Menu Bar is visible. Related topics --
This article can help you to isolate and fix the causes of various errors that you may experience when you access websites that are configured to use Kerberos authentication in Internet Explorer. The number of potential issues that may occur is almost as large as the number of tools that are available to solve them. Common symptom when Kerberos fails
You try to access a website for which Windows Integrated Authenticated has been configured and for which you expect to be using the Kerberos authentication protocol. When you access the website, your browser immediately prompts you for credentials, as follows:
Although you enter a valid user name and password, you're prompted again (three prompts total). Then, you're shown a screen that indicates that you aren't allowed to access the desired resource. The screen displays a HTTP 401 status code that resembles the following error:
On the Microsoft Internet Information Services (IIS) server, the website logs contains requests that end in a 401.2 status code, such as the following log:
Alternatively, the screen displays a 401.1 status codes, such as the following: Determine whether Kerberos is used
When you troubleshoot Kerberos authentication failure, we recommend that you simplify the configuration to the minimum (one client, one server, one IIS site that's running on the default port). Additionally, you can follow some basic troubleshooting steps. For example, use a test page to verify the authentication method that's used. If you use ASP.NET, you can create this ASP.net authentication test page.
If you're using classic ASP, you can use the following Testkerb.asp page:
You can also use tools such as Fiddler, HttpWatch, Network Monitor, or the developer tools in your browser to determine whether Kerberos is used. For more information about how such traces can be generated, see client-side tracing.
When Kerberos is used, the request that's sent by the client is large (more than 2,000 bytes). This is because the HTTP_AUTHORIZATION header includes the Kerberos ticket. The following request is for a page that uses Kerberos-based Windows Authentication to authenticate incoming users. The size of the GET request is more than 4,000 bytes.
If the NTLM handshake is used, the request will be much smaller. The following client-side capture shows an NTLM authentication request. The GET request is much smaller (less than 1,400 bytes).
After you determine that Kerberos authentication is failing, check each of the following items in the given order. Things to check if Kerberos authentication fails
The following sections describes the things that you can use to check if Kerberos authentication fails. Are the client and server in the same domain
Using Kerberos requires a domain because a Kerberos ticket is delivered by the domain controller (DC). Advanced scenarios are also possible in which the client and server aren't in the same domain but in two domains of the same forest, or in two different forests. These possible scenarios are discussed in the Why does Kerberos delegation fail between my two forests although it used to work section of this article. Is IIS configured to use integrated authentication Is integrated authentication enabled in Internet Explorer Does the URL that's used resolve to a security zone for which credentials can be sent
You should always run this check for sites that are matched to the Local Intranet zone of the browser or for sites in the Trusted Sites zone. You can check in which zone your browser decides to include the site. To do this, open to the File menu of Internet Explorer, and then select Properties . The Properties window will display the zone in which the browser has decided to include the site that you're browsing to.
You can check whether the zone in which the site is included allows Automatic logon by opening the Internet options menu of Internet Explorer, and selecting the Security tab. After you select the desired zone, select the Custom level button to display the settings and make sure that Automatic logon is selected. (Typically, this feature is turned on by default for the Intranet and Trusted Sites zones).
Note
Even through this configuration is not common (because it requires the client to have access to a DC), Kerberos can be used for a URL in the Internet Zone. In this case, unless default settings are changed, the browser will always prompt the user for credentials. Kerberos delegation won't work in the Internet Zone. This is because Internet Explorer allows Kerberos delegation only for a URL in the Intranet and Trusted sites zones. Is the IIS server configured to send the WWW-Authenticate: Negotiate header
If IIS doesn't send this header, you will have to use the IIS Manager console to set the Negotiate header though the NTAuthenticationProviders configuration property (see Windows Authentication Providers providers). You can access the console through the Providers setting of the Windows Authentication details in the IIS manager.
Note
By default, the NTAuthenticationProviders property is not set. This causes IIS to send both Negotiate and Windows NT LAN Manager (NTLM) headers. Are the client and server installed on the same computer
By default, Kerberos isn't enabled in this configuration. To change this behavior, you have to set the DisableLoopBackCheck registry key. For more information, see KB 926642. Can the client get a Kerberos ticket
You can use the Kerberos List (KLIST) tool to verify that the client computer can obtain a Kerberos ticket for a given service principal name (SPN). In this example, the SPN is http/web-server.
Note
KLIST is a native Windows tool since Windows Server 2008 for server-side operating systems and Windows 7 Service Pack 1 for client-side operating systems.
If the Kerberos ticket request fails, Kerberos authentication isn't used. NTLM fallback may occur if the Kerberos ticket request fails. This is because the SPN requested is unknown to the DC. If the DC is unreachable, no NTLM fallback occurs. Internet Explorer Download
In order to declare an SPN, see How to use SPNs when you configure Web applications that are hosted on Internet Information Services. Does the web server use a port other than default (80)
By default, Internet Explorer doesn't include the port number information in the SPN that's used to request a Kerberos ticket. This can be a problem if you use IIS to host multiple sites under different ports and identities. In this configuration, Kerberos authentication may work only for specific sites even if all SPNs have been correctly declared in Active Directory. To fix this issue, you must set the FEATURE_INCLUDE_PORT_IN_SPN_KB908209 registry value. (See the Internet Explorer feature keys section for information about how to declare the key.) This setting forces Internet Explorer to include the port number in the SPN that's used to request the Kerberos ticket. Does Internet Explorer use the expected SPN
If a website is accessed by using an alias name (CNAME), Internet Explorer first uses DNS resolution to resolve the alias name to a computer name (ANAME). The computer name is then used to build the SPN and request a Kerberos ticket. Therefore, even if the URL that is entered in the Internet Explorer address bar is http://MYWEBSITE , Internet Explorer requests an SPN for HTTP/MYSERVER if MYWEBSITE is an alias (CNAME) of MYSERVER (ANAME). You can change this behavior by using the FEATURE_USE_CNAME_FOR_SPN_KB911149 registry key. (See the Internet Explorer feature keys for information about how to declare the key.)
A Network Monitor trace is a good method to check the SPN that's associated with the Kerberos ticket, as in the following example: Does the application pool identity match the account associated with SPN
When a Kerberos ticket is sent from Internet Explorer to an IIS server, the ticket is encrypted by using a private key. The private key is a hash of the password that's used for the user account that's associated with the SPN. Therefore, only an application that's running under this account will be able to decode the ticket.
The following procedure is a summary of the Kerberos authentication algorithm:
Internet Explorer determines an SPN by using the URL that's entered into the address bar.
The SPN is passed through a Security Support Provider Interface (SSPI) API (InitializeSecurityContext) to the system component that's in charge of Windows security (the Local Security Authority Subsystem Service (LSASS) process). At this stage, you can see that the Internet Explorer code doesn't implement any code to construct the Kerberos ticket. Internet Explorer calls only SSPI APIs.
LSASS uses the SPN that's passed in to request a Kerberos ticket to a DC. If the DC can serve the request (known SPN), it creates a Kerberos ticket, and then encrypts the ticket by using a key that's constructed from the hash of the user account password for the account that's associated with the SPN. LSASS then sends the ticket to the client. As far as Internet Explorer is concerned, the ticket is an opaque blob.
Internet Explorer encapsulates the Kerberos ticket that's provided by LSASS in the Authorization: Negotiate header, and then it sends the ticket to the IIS server.
IIS handles the request and routes it to the correct application pool (by using the host header that's specified).
The application pool tries to decrypt the ticket by using SSPI/LSASS APIs and by following these conditions:
If the ticket can be decrypted, Kerberos authentication succeeds, and all services that are associated with the ticket (impersonation, delegation if ticket allows it, and so on) are available.
If the ticket can't be decrypted, a Kerberos error (KRB_AP_ERR_MODIFIED) is returned. This error is a generic error that indicates that the ticket was altered in some manner during its transport. Therefore, the ticket cannot be decrypted. This error is also logged in the Windows event logs.
If you don't explicitly declare an SPN, Kerberos authentication works only if the application pool identity is one of the following:
Network Service
ApplicationPoolIdentity
Another system account such as LOCALSYSTEM or LOCALSERVICE
However, these identities are not recommended because they are a security risk. In this case, the Kerberos ticket is built by using a default SPN that's created in Active Directory when a computer (in this case, the server that IIS is running on) is added to the domain. This default SPN is associated with the computer account. Under IIS, the computer account maps to Network Service or ApplicationPoolIdentity.
If your application pool has to use an identity other than the listed identities, you'll have to declare an SPN (using SETSPN), and then associate it with the account that's used for your application pool identity. A common mistake is to create similar SPNs that have different accounts. For example: Lync Click To Call Internet Explorer
SETSPN http/mywebsite UserAppPool1
SETSPN http/mywebsite UserAppPool2
This configuration won't work because there is no deterministic way to know whether the Kerberos ticket for the http/mywebsite SPN will be encrypted by using the UserAppPool1 or UserAppPool2 password. This configuration typically generates KRB_AP_ERR_MODIFIED errors. To determine whether you are in this (bad) duplicate SPNs scenario, you can use the tools that are documented in Why you can still have duplicate SPNs in AD 2012 R2 and AD 2016. From Windows Server 2008 onwards, you can also use an updated version of SETSPN for Windows that allows the detection of duplicate SPNs by using the setspn X command when you declare a new SPN for your target account. For more information, see Setspn.
We also recommended that you review the following articles: Does Kerberos authentication fail in IIS 7 and later versions even though it works in IIS 6
Kernel mode authentication is a feature that was introduced in IIS 7. It provides the following advantages:
Performance is increased because kernel-mode-to-user-mode transitions are no longer made.
Kerberos ticket decoding is made by using the machine account (not by using application pool identity). This lets you have multiple applications pools running under different identities without having to declare SPNs.
Warning
If an SPN has been declared for a specific user account (also used as application pool identity), kernel mode authentication can't decrypt the Kerberos ticket because it uses the machine account. This problem is typical in web farm scenarios. This is because this scenario usually declares an SPN for the (virtual) NLB hostname. To prevent this from occurring, you can do either of the following:
Disable Kernel mode authentication. (Not recommended from a performance standpoint.)
Set useAppPoolCredentials to true . (Doing this retains the performance benefit of kernel mode authentication while allowing the Kerberos ticket to be decoded under the application pool identity). For more information, see New in IIS 7 - Kernel Mode Authentication. Why does delegation fail although Kerberos authentication works
In this scenario, check the following items:
The Internet Explorer Zone that's used for the URL. Kerberos delegation is allowed only for the Intranet and Trusted Sites zones. (In other words, Internet Explorer sets the ISC_REQ_DELEGATE flag when it calls InitializeSecurityContext only if the zone that is determined is either Intranet or Trusted Sites.)
The user account for the IIS application pool hosting your site must have the Trusted for delegation flag set within Active Directory. Internet Explorer Updates
If delegation still fails, consider using the Kerberos Configuration Manager for IIS. This tool lets you diagnose and fix IIS configurations for Kerberos authentication and for the associated SPNs on the target accounts. For more information, see the README.md. You can download the tool from here. Why do I get bad performance when I use Kerberos authentication
In older versions of Windows Server, such as Windows Server 2008 SP2 and Windows Server 2008 R2, Kerberos is a request-based authentication protocol. This means that the client must send the Kerberos ticket (that can be quite a large blob) with each request that's made to the server. This is contrary to authentication methods that rely on NTLM. By default, NTLM is session-based. This means that the browser will authenticate only one request when it opens the TCP connection to the server. Each subsequent request on the same TCP connection will no longer require authentication for the request to be accepted. In newer versions of IIS, from Windows 2012 R2 onwards, Kerberos is also session-based. This means that only the first request on a new TCP connection has to be authenticated by the server. Subsequent requests do not have to include a Kerberos ticket.
You can change this behavior by using the authPersistNonNTLM property if you are running under IIS 7 and later versions. If the property is set to true , Kerberos will become session based. If the property is set to false , it will be session-based. Therefore, it will have worse performance because we have to include a larger amount of data to send to the server each time. For more information, see Request based versus Session based Kerberos Authentication (or the AuthPersistNonNTLM parameter).
Note
It may not be a good idea to blindly use Kerberos authentication on all objects. Using Kerberos authentication to fetch hundreds of images by using conditional GET requests that are likely generate 304 not modified responses is like trying to kill a fly by using a hammer. Such a method will also not provide obvious security gains. Why does Kerberos delegation fail between my two forests although it used to work
Assume that you have a scenario in which the users of your application are located in a domain inside forest A, your application is located in a domain inside forest B, and you have a trust relationship between the forests. You may find the Kerberos delegation stops working even though it used to work previously and you have not made any changes to either forests or domains. Notice that Kerberos authentication still works in this scenario. It is only delegation that fails. This problem might occur because of security updates to Windows Server that were released by Microsoft in March 2019 and July 2019. These updates disabled unconstrained Kerberos delegation (the ability to delegate a Kerberos token from an application to a back-end service) across forest boundaries for all trusts (new and existing). For more information, see Updates to TGT delegation across incoming trusts in Windows Server. Internet Explorer feature keys
These are registry keys that turn some features of the browser on or off. The keys are located in the following registry locations:
HKEY_USERSUserSIDSoftwareMicrosoftInternet ExplorerMainFeatureControl if defined at the user level
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMainFeatureControl - if defined at the machine level
Feature keys should be created in one of these locations, depending on whether you want to turn the feature on or off for all users on the computer or for only a specific account. These keys should be created under the respective path. Inside the key, a DWORD value that's named iexplorer.exe should be declared. The default value of each key should be set to either true or false , depending on the desired setting of the feature. By default, the value of both feature keys, FEATURE_INCLUDE_PORT_IN_SPN_KB908209 and FEATURE_USE_CNAME_FOR_SPN_KB911149 , is false . For completeness, here is an example export of the registry by turning the feature key to include port numbers in the Kerberos ticket to true:
Lync Click To Call Internet Explorer
Internet Explorer Updates
When Internet Explorer crashes, freezes or stops responding in your PC, don't worry. This article will provide you 5 effective methods to help you effectively fix Internet Explorer not working, crashing issue and just follow to repair IE browser in Windows 10/8/7 with ease now.
Another easy way to open Internet Explorer is to make use of the Run Command. Right-click on the Start button and then click on Run in the menu that appears. Alternatively, you can press Windows + R keys to open the Run command. In the Run Command dialogue box, type iexplore and click on OK.
The free plug-in supports modern versions of Chrome and Firefox on both Mac and Windows computers, as well as Internet Explorer 8 and higher. To make calls with Skype on the Web, visit Outlook.com.
Internet explorer (IE) can be opened from Run command by executing iexplore. If you want to open a website or web page directly from Run window, you can just specify the URL of the site/page with the iexplore command. For example, to open www.windows-commandline.com, you can execute the below command from Run window.
Input internet in the search box on the taskbar, and choose Internet Explorer from the result. Q: Is the new internet Explorer Microsoft edge? A: With the launch of Windows 10 comes Microsofts new built-in browser that is supposed to interchange web Explorer. Though Internet Explorer will nonetheless be included in windows, the older browser. --
This content refers to an older version of F12 developer tools. Please visit our latest F12 tools documentation.
If you're looking for the Tools menu or toolbars in Internet Explorer 11, try:
Download mavericks os x installer . If you got here by clicking an error message and simply want to avoid error messages in the future, try:
This is a quick reference to the tools, commands, and menus available in F12 tools, built into Internet Explorer 10. Each element of the interface is identified and has a short description of what it does. For more information about using the Developer tools in Windows Internet Explorer 8, see Developer Tools User Interface Reference. For more on using F12 tools in Windows Internet Explorer 9, see How to use F12 Developer Tools to Debug your Webpages.
The F12 tools screen
The Menu bar
The File menu
The Find menu
The Disable menu
The View menu
The Images menu
The Cache menu
The Tools menu
The Validate menu
The Browser Mode menu
The Document Mode menu
The F12 tools view panes and tabs
The HTML tab
The CSS tab
The Console tab
Script tab
The Profiler view
The Network tab
Search
Window controls
Related topics The F12 tools screen
F12 tools provide a set of tools that you can use to design, debug, or view webpage source code and behavior. F12 tools can be opened in a separate window or pinned to the bottom of the webpage that you're debugging. The tools range from a simple color picker to a full-featured script debugger for a debugging environment that's much like standalone development tools. The Profiler and Network capture tools can help you track down performance problems in your code or on the network. Each page you open in your browser can have its own F12 tools session, making it easy to work on multiple webpages at the same time. The Script debugger supports static and dynamic scripts for seamless debugging with HTML5 Web Workers threads.
To open F12 tools, press 'F12' from the webpage you want to debug or inspect. To close F12 tools, press 'F12' again.
This image shows a typical view of the main tools UI: Element name Description Menu bar Lists command menus that can be accessed at any time regardless of the selected View . The Menu bar persists on the screen even when the F12 tools interface is pinned to the Windows Internet Explorer window. Views Provides a list of views to select for your page. Selecting a view, such as HTML or CSS tab also changes the toolbar for this selected tab. View toolbar Provides commands and tools that are specific to the current view. Main view pane The left pane is the main view for all views. It displays views of your page's HTML source code, Cascading Style Sheets (CSS), console messages, script source, profile or network reports. Details pane This pane displays details for the current tab ( HTML , CSS , Script , and Network views). Depending on the current view, the divider between the two panes can be moved to resize each pane. For Console and Profiler tools, there are no separate detail panes. Detail views Depending on the current tab, you can select the type of details to see. File chooser When in Script view, this button displays a drop-down list of all files and dynamic scripts associated with the page. When in CSS view, it displays only the CSS files. The Menu bar
The following sections describe the details of each Menu item.
Note Some submenu settings can only be changed if Internet Explorer Protected Mode is turned off. If you make changes to these settings, such as Disable scripts , and then turn Protected Mode on, you won't be able to make changes until Protected Mode is turned off again. To turn off Protected Mode , follow these steps:
In Internet Explorer, click Tools , and then click Internet options .
Click Security , and then clear the Enable Protected Mode check box.
Click OK , and then close and restart Internet Explorer.
The File menu
The Find menu
The Disable menu
The View menu
The Images menu
The Cache menu
The Tools menu
The Validate menu
The Browser Mode menu
The Document Mode menu The File menu
On the File menu you can undo changes, choose your source viewer, view a Help link (this article), and close the tools. Command name Description Undo all Resets all the changes made to the current instance of Windows Internet Explorer and refreshes the webpage. Customize Internet Explorer view source Lets you change the source viewer to use when you click View Source :
Default viewer: Use the built-in color-coded syntax viewer.
Notepad: Use Notepad as the viewer.
Other: Choose another program installed on your computer to be the viewer. Online Help F1 Displays this article. Exit F12 Closes this instance of F12 tools. The Find menu
On the Find menu, you can choose the 'Select element by click' command from a menu. A faster way to do the same thing is to use the Select Element by click button available in any view. Command name Description Select element by click (Ctrl+B)
Selects an element when you click it. A border is drawn around the element on the webpage, and the left pane switches focus to the HTML tab, and scrolls to bring the highlighted element into view. The right pane shows details of the selected element, based on the current detail view (such as Watch or Local variables , Call stack , or Breakpoints ). The Disable menu
These tools help you test how users experience your site based on their browser configuration. These commands toggle the features on and off (click to disable, and click again to enable). Command name Description Script Turns off all scripts on a webpage. When this setting is selected or cleared, it reloads the page to reflect the current setting. This setting can only be changed if Protected Mode is turned off. Pop-up Blocker Disables all pop-up blockers so that pop-ups are allowed on this website. This setting is not available if Internet Security has Protected Mode set to On . To activate this command, set Protected Mode to Off . CSS Turns off all CSS used on the page. When this setting is selected or cleared, it reloads the page to reflect the current setting. When the page is refreshed in the browser, the setting is cleared and CSS is turned on. The View menu
The View menu contains settings that put information about elements, such as class and id attributes, visually on the page. Class and ID, link path, tab indexes, and access key information are shown as text label overlays on the webpage. Double-click a label to select the text, right-click and select Copy , or press Ctrl+C to copy the text to the clipboard. Command name Description Class and ID information (Ctrl+I) Displays the class and id values for all HTML elements on a webpage. Link paths Displays the link paths for all links on a webpage. Link report Generates a list of all links found on this webpage, and reports it in a tab or window. Tab indexes Displays the tab indexes for elements on a webpage whose tabindex attribute is defined. Access keys Displays the access keys for elements on a webpage whose accesskey attribute is defined. Source Displays the Source submenu that is described next. The Source submenu
The Source submenu provides access to various source views of a document. When selected, the requested source is displayed in a new window. To get the Element source with style and DOM (element) options , select an HTML element first. You can use the Select element by click command, or click an element in the HTML tree. Command name Description Element source with style Displays only the selected element's HTML source, content, and CSS style rules in a new window. DOM (element) Ctrl+T Displays only the selected element's HTML source and its content in a new window. DOM (page) Ctrl+Shift+G Displays the full HTML source in a new window, showing element nesting. This view shows the full Document Object Model (DOM) structure of the page, including sources that are dynamically written to the DOM by scripts. This is the DOM as represented by Internet Explorer. Original Displays the original HTML source in a new window. This is equivalent to performing a View Source on a webpage in Internet Explorer. Dynamic content written to the DOM using scripts are not shown. The Images menu
This menu provides information about images on a webpage. The options that show image dimensions, file size, paths, or alt text are shown as text label overlays on the webpage. You can double-click a label to select, and then right-click or press Ctrl+C to copy the text. The following shows an image with all information displayed. Command name Description Disable images Disables rendering of all images on a webpage. This command causes the webpage to refresh without showing any images, and also disables the Show image file sizes command. This setting can only be changed if Protected Mode is turned off. Show image dimensions Displays the dimension of all images found on a webpage. Show image file sizes Displays the file size of all images found on a webpage. The file size is reported in bytes. Turning off images with Disable images also disables this command. Show image paths Displays the absolute path of all images found on a webpage. View Alt text Displays the alt text for all images whose alt attribute is defined. View image report Generates a list of all images defined on this page, and displays it in a new Internet Explorer instance. The Cache menu
These settings can help ensure your pages load into the browser as they exist on the server, and not from a local cached copy. This is helpful when you're regularly changing the source or testing the server response. Command name Description Always refresh from server Forces Internet Explorer to always download webpage content from the server rather than using cached content. This command persists until you clear it or the Internet Explorer instance is closed. This setting can only be changed if Protected Mode is turned off. Clear browser cache.. (Ctrl+R) Deletes the browser cache and all temporary files. Clear browser cache for this domain.. (Ctrl+D) Deletes only the browser cache and all temporary files that belong to the current domain. Disable cookies Disables the use of all cookies from this Internet Explorer instance. This command persists until you clear it or the Internet Explorer instance is closed. This setting can only be changed if Protected Mode is turned off. Clear session cookies Deletes all cookies acquired during this browser session. Clear cookies for domain Deletes all cookies from this domain. View cookie information Generates a list of all cookies stored in Internet Explorer, and reports it in a new Internet Explorer instance. See the cookie property reference for information about working with cookies. The Tools menu
These settings provide tools that help you with common tasks. You can do things such as test a page in different resolutions, measure elements on the page, and capture the specific color of a point on the page. Command name Description Resize
Provides a submenu with a list of predefined screen sizes, and a custom size option. When you pick a predefined screen size, the Internet Explorer window resizes to the new dimensions immediately. Preset screen sizes can be selected by using the shortcut keys shown in the submenu. You can create your own custom screen sizes. To Add a custom screen size, do the following:
Click Tools , click Resize , and then click Custom to open the Resize Browser dialog box.
Type the Width and Height you want, and click Add . This adds your custom screen size to the list.
To remove a custom size, select it in the list, and then click Delete .
To use a custom size, open the Resize Browser dialog box, click a size, and then click Resize . The list of custom sizes persists across browser sessions until you delete them. New screen sizes aren't available to browser sessions that are already open when you add the custom size. Click Close or press ESC to close the Resize Browser dialog box. Change user agent string
Lets you change the way Internet Explorer appears to a website by changing the user agent string (UA). A submenu lists versions of Internet Explorer on the PC and Windows Phone, as well as several other brands of browsers. The custom setting lets you add and set your own UA strings. The friendly name is shown on the list of available UA strings. The Default setting returns the browser to its current default setting. Clear entries on navigate
Lets you keep or clear console messages and the Network tab log when you navigate to a new webpage in a debugging session. By default, Internet Explorer clears all console messages, and the Network view capture logs when you leave a page. Show ruler (Ctrl+L)
Lets you to measure objects on the screen. The command opens the Ruler dialog box with options and hints for using the tool. Multiple colors and rulers are supported. For better precision, press CTRL+M to toggle a magnifier on or off. After a ruler is drawn, it shows the (x-y) coordinates of each end of the ruler relative to where the points are on the screen. The ruler length is shown at the center of the ruler in pixels. This information is also shown at the bottom of the Ruler dialog box when you hover over a defined ruler. A ruler can be moved, resized, or re-angled. To remove a ruler, select it and press the Delete key. When done, click the X button at the upper-right corner to close the dialog box. When the dialog box is closed, all rulers are hidden. They reappear when you reopen the Ruler dialog box. Show color picker (Ctrl+K)
The color picker tool can sample colors from any object on the page. The Color Picker dialog box shows the color sample, and the color's RGB and HEX values, that the picker is on. To see a color value used on a webpage, click the color of interest with the eyedropper cursor. To pick a different color sample, click the eyedropper icon on the dialog box and repeat the previous step. Click Copy and close to copy the HEX value to the clipboard for use in your webpage. Click the X button or Hide color picker on the Tools menu to close the dialog box. Outline Elements (Ctrl+O)
Helps you understand and debug page layout by making it easy to identify the size and position of elements. You can set a color to identify all elements of a certain element type. Use CSS selector syntax to specify elements on a webpage. For example, to highlight all paragraphs, use p in the selector field, and set a color. Elements are outlined after you close the dialog box. For more info about using selectors, see Understanding CSS Selectors. The Validate menu
This tool validates the current webpage or file using web-based validation services. You get a confirmation dialog box before sending your current page to the web, letting you cancel without sending. Validation reports open in a new window so you don't lose the page you're debugging.
The local HTML and CSS options open the validation website where you can manually enter a URL, browse for a local file, or paste in some code to validate. Command name Description HTML
Validates the HTML of the current webpage. CSS
Validates the CSS of the current webpage. Feed
Validates Really Simple Syndication (RSS)feeds. Links
Validates all links in the current webpage. Local HTML..
Opens a new window with the option to enter a URL, choose a local HTML file, or paste in code to be validated. Local CSS..
Opens a new window with the option to enter a URL, choose a local CSS file, or paste in code to be validated. Accessibility
Validates the current webpage using one of the following accessibility validation services:
WCAG Checklist is the World Wide Web Consortium (W3C) Web Content Accessibility Guidelines (WCAG). It defines guidelines for creating accessible webpages.
Section 508 Checklist is the US government's accessibility guidelines for creating accessible webpages. Multiple validations..
You can run one or more validation checks in a single request. Select the type of validation you want, and then click OK to start the request. You'll only get one confirmation dialog box regardless of how many validations are selected. Each selection opens in a new tab and contains the resulting validation report. The Browser Mode menu
The Browser Mode menu allows you to test how your page appears and behaves for users running Internet Explorer 10 and earlier versions of Internet Explorer. Command name Description Internet Explorer 10 Use this mode if you want to test how Internet Explorer 10 users experience your website. This enables HTML5, CSS3, and other standards Internet Explorer 10 supports. Internet Explorer 10 Compatibility View Tests how Internet Explorer 10 users experience your webpage if they choose the Compatibility View option on the address bar. Internet Explorer 9 Internet Explorer 9 browser mode. This enables HTML5, CSS3, and other standards that Internet Explorer 9 supports. Internet Explorer 8 Use this mode if you want to test how Internet Explorer 8 users experience your website. Windows Internet Explorer 7 Use this mode if you want to test how Internet Explorer 7 users experience your website.
When you first load a webpage, F12 tools determines the default Browser Mode and selects the appropriate mode. A check mark appears next to the current mode of the document. Changing the mode causes the webpage to refresh. The page remains in this mode until another mode is chosen or you close the browser. For more info, see Testing Browser and Document Compatibility Modes with the Developer Tools, and IE10 Compat Inspector on the Internet Explorer blog. The Document Mode menu
With this tool you can modify the document mode of the current page without modifying the DOCTYPE or META tag in the source. Command name Description Standards (Alt+S) .This is the most standards-compliant behavior available in Internet Explorer 10. Quirks (Alt+Q) This behavior provides enhanced HTML5 support in an interoperable Quirks mode based on the behavior defined in the HTML5 standard. This HTML5-based quirks mode is the default Quirks mode in Internet Explorer 10. For more info, see Interoperable HTML5 Quirks Mode in IE10 Internet Explorer 9 standards (Alt+9) This is the most standards-compliant behavior available in Internet Explorer 9. Internet Explorer 8 standards (Alt+8) This is the most standards-compliant behavior available in Internet Explorer 8, and is the mode used by default in Internet Explorer 8 when rendering a document with a strict or unknown document type. Internet Explorer 7 standards (Alt+7) This behavior matches that of Internet Explorer 7 rendering a document with a strict or unknown document type. Internet Explorer 5 quirks (Alt+U) This behavior matches that of Internet Explorer when rendering a document with no document type or a Quirks document type. It is similar to the behavior of Microsoft Internet Explorer 5 and the Quirks mode behavior of Microsoft Internet Explorer 6, and is the same as the Quirks mode of Internet Explorer 7.
When you first load a webpage, F12 tools determines the default Document Mode and selects the appropriate mode. The text Page default in parentheses indicates the default mode of the webpage. A check mark appears next to the current mode of the document. Changing the mode causes the webpage to refresh, and remains in this mode until another mode is chosen or the browser is closed. For more info, see the article on Testing Browser and Document Compatibility Modes with the Developer Tools. The F12 tools view panes and tabs
The primary pane (left side) and details pane (right side) provide views of HTML, CSS, or Script source, or status and reports for the console, profiler, and network views. In HTML view you can edit the source in the left pane. You can resize the viewable area of the left and right pane by moving the divider bar between the two views.
When the view changes, so does the toolbar and the details view. The following tables describe the views, details, and toolbars you can use.
The HTML tab
The CSS tab
The Console tab
Script tab
The Profiler view
The Network tab The HTML tab
The HTML tab lets you to inspect your document sources and to make changes to test their effect. These changes can then be saved into a text file that can be used to incorporate new or modified material into the main site.
This view contains the DOM structure of the HTML tree for the current document. When a page first loads, or the Refresh button is clicked, the tree view is collapsed. This view can be expanded or collapsed by clicking the plus (+) sign by an element or node. You can use the tree structure to drill down to the element you want to inspect, or use Select element by click to find the element within the document for you. You can click on any attribute name or value to edit it directly. When you click an element, the properties associated with it show in the right pane . The HTML tab toolbar
This toolbar provides commands you can use in the HTML tab. Command name Description Select element by click (Ctrl+B) Lets you quickly find the source for an element on the current webpage. Click this button and then click the element on the webpage. The element is outlined on the webpage, and the element's source is highlighted in the left pane. The details view shows style, trace style, layout, or attribute information about the selected element. This button is available on all views. Clear browser cache.. (Ctrl+R) Clear the browser cache to get fresh page content from the server at next refresh. This button is available on all views. Save HTML (Ctrl+S) Opens the Save As dialog box to save the source displayed in the HTML view. The file is saved in a .txt file format to prevent writing over the original source file. Refresh (F5) Refresh the content in the HTML view to its default state. The Refresh button has no effect when Edit mode is on. Element source with style (Ctrl+T) Displays a new window with the selected element's HTML source and CSS styles with nested element structure. Before using this command, select an element in the body of the document either from the HTML view, or using Select element by click . This is a shortcut to the same command found in the View / Source command menu. Edit (Alt+E) Edit the current HTML file in the HTML view. This source is the internal representation that Internet Explorer uses to render the page. To wrap long lines of text, click Word Wrap . To see the results of your changes, click the edit button again. This switches out of the Edit mode and refreshes the page to reflect any new changes. Word Wrap (Alt+W) Wraps long lines within the HTML view when you're in Edit mode. Otherwise, this command is disabled. The HTML details view
The details view shows information about elements selected in the HTML view. Detail view Description Style The Style view shows how CSS rules, properties, and values are applied to the selected element. Click or clear the check box to the left of each rule to turn it on or off. This can help you see how rules affect the element and page, or let you experiment with different combinations. The rules for an element are shown in cascading order so that the last rule on the list is currently being applied. Previous rules or rules higher on the list are struck out to show that they have been overridden. The rules are grouped by defined style rules. Trace Styles The Trace Styles view shows the same information as the Style view, except it is grouped by properties rather than elements. Expanding the property shows a list of style rules that have this property defined. Layout The Layout view shows the attributes of the element's box model. This view shows how the element flows in relation to the objects around it. For more info about the box model, see the W3C's box model discussion. Attributes The Attributes view shows all the attributes and values for the currently selected element. The CSS tab
The CSS tab shows the content of the currently selected style sheet and helps you see the effect style sheets have on a webpage especially with multiple style sheets where rules can overlap. Use the View styles drop-down list to switch between style sheets. You can change styles in the CSS view and save them to a text file using the Save CSS button.
The check boxes let you to enable and disable specific properties or entire rules. When the style rule's check box is checked, all properties of that rule are enabled. When cleared, the all properties of that rule are disabled. Each property also has its own check box to turn that property on or off. Click a property name or value to edit it. Press 'Enter' to accept and apply changes immediately.
Note For numeric properties, you can click the value and use the up and down arrow keys to change the value like a spin control.
The CSS view The CSS tab toolbar
In the CSS tab, the toolbar changes to provide these commands: Command Name Description Select element by click (Ctrl+B) Lets you quickly find the source for an element on the current webpage. Click this button and then click the element on the webpage. The left pane switches to the HTML view, and highlights the element source. The details view shows style, trace style, layout, or attribute information about the selected element. Clear browser Cache.. (Ctrl+R) Clear the browser cache to get fresh page content from the server at next refresh. Save CSS (Ctrl+S) Opens the Save As dialog box to save the source displayed in the CSS view. The file is saved in a .txt file format to prevent over writing the original source file. View styles Opens a drop-down list to switch between all external style sheet files that are associated with the current webpage. The Console tab
The F12 tools console tab offers a full width view of the same information you see in Script view, where you see the Console view in the right pane. You can receive error messages from Internet Explorer, as well as send your own messages back from your code without having to break the flow of your execution.
You can also use the F12 tools Console view to immediately run script statements outside your program code. Command name Description Select element by click (Ctrl+B)
Lets you quickly find the source for an element on the current webpage. Click this button and then click the element on the webpage. The left pane switches to the HTML view, and highlights the element source. The details pain displays Style, Trace Styles, Layout, or Attribute information about the selected element. Clear browser Cache.. (Ctrl+R) Clear the browser cache to get fresh page content from the server at the next refresh.
For more info about using the Console view and APIs, see Using the F12 Tools Console to View Errors and Status. For a list of Console view errors, see F12 tools console error messages. Script tab
The Script tab lets you see and interact with the JavaScript source on the webpage . Click the View sources drop-down button to pick other script files. Script view shows line numbers and syntax coloring. Click the left margin or a line number to set or clear breakpoints. You can select text in this pane, and right click for a context menu that offers additional commands. For more info, see Using F12 Developer Tools to Debug JavaScript Errors. The Script tab toolbar
The following image shows the toolbar command icons.
The following table describes each of the preceding commands in more detail. Command name Description Select element by click (Ctrl+B) Lets you quickly find the source for an element on the current webpage. Click this button and then click the element on the webpage. The left pane switches to the HTML view, and highlights the element source. The details pain displays Style, Trace Styles, Layout, or Attribute information about the selected element. Clear browser Cache.. (Ctrl+R) Clear the browser cache to get fresh page content from the server at the next refresh. Continue (F5) Continues running script without pausing, until another breakpoint or script error is hit. Break All (Ctrl + Shift + B) Pauses execution immediately before the next script statement is to be executed. Step Into (F11) Executes the next line of script and pauses, even if the next line is inside a new function. Step Over (F10) Continues until the next line of script in the current function, and then pauses. Useful for stepping over function calls. Step Out (Shift + F11) Continues executing script until the next line in the calling function . This command is helpful to return to the point where the current function was called. Configuration (Ctrl + Alt + 0)
Displays a drop-down list of the following settings:
Break on uncaught exception (Ctrl+Shift+E) - Breaks if the script throws an exception that isn't within a try/catch structure.
Break on caught exception - Breaks execution if a script throws an exception that is within a try/catch structure.
Continue after exception - Effectively ignores an exception and continues to the next line in the current scope, rather than stopping.
Word wrap Alt+W - wraps long lines of source code to the width of the left pane.
Format JavaScript - breaks up javascript code that has had unnecessary characters removed (minified) into a more readable format. Start debugging Click button to start debugging. Click again to stop debugging. The debugger control is enabled after Start debugging is clicked and disabled after debugging has stopped. If F12 tools is pinned to the browser window, it opens in its own window when debugging starts. When you stop debugging, you must re-pin F12 tools manually. Script Chooser Click to display a list of external scripts associated with this webpage to show in the Script view pane . The Script details pane
The details pane in the Script view displays information about the code in the left pane. Click to choose one of the detailed views that include console and error messages, local variables, watch variables, function call stack, and the list of breakpoints. Command Name Description Console
The console receives error messages from Internet Explorer. Using the console API, your code can send messages to the console without having to break the flow of your execution. This is less intrusive than using the traditional alert() 3d character creator for mac . method or printing to the screen.
The Console command line can run single and multi-line script statements outside your program code. Statements are executed immediately and results appear in the Console 's pane.
For more info about the console, see Using the F12 Tools Console to View Errors and Status. Watch
View variables from any scope. To add local or global variables and objects, do one of the following:
In the right pane, click the Click to add line and type a variable or object name.
Right-click a variable or object in the left pane and choose Add watch .
This command requires that the debugger be started and execution be stopped at a breakpoint. Locals
When the debugger is running and execution stops at a breakpoint, you can view local variables within the scope of the current function. If you step into another function, the local variable view reflects the new current function. Call stack
Trace the flow of function calls made by executing code. The current function is on top and the function that calls it is below it in the stack. You can double-click a function to go to that function definition in the source. This command requires the debugger to be started and execution be stopped at a breakpoint. Breakpoints
Set breakpoints to stop execution at this point of the script in order to inspect the code. From the Script view pane, you can set breakpoints by doing one of the following:
Right-click a line of code and choose Insert breakpoint .
Click the line number.
Position the cursor on a line of code and press F9. Breakpoints can be set at any time. When a breakpoint is set, the line of code is highlighted and an icon appears next to the line number.
You can also set a conditional breakpoint that stops execution when the condition is true, such as when an exception happens or a variable exceeds a specified value. To set a condition to a breakpoint, right-click a breakpoint in either the left or right pane, and select Condition .
From the Breakpoints pane, you can view a list of all the breakpoints set that are related to the webpage or site you're debugging. You can double-click a breakpoint item to go to that breakpoint in the code. Right-click the pane for a context menu with more options. For more info, see Using the F12 Developer Tools to Debug JavaScript Errors. The Profiler view
F12 tools provides a built-in script profiler that lets you to profile your running JavaScript code in Internet Explorer.
The Current view controls how profiled information is presented. Right-click anywhere in the viewable area, choose Add / Remove columns , and then click the column names you want in the report (any names preceded by a check mark should already be visible in the report list). Click the title of a column to sort the report based on that column. You can double-click an entry to open the Script view and display the code where this item is defined. The Profiler view toolbar
The profiler toolbar lets you change views, export data, start and stop profiling, and view profiling reports. Command name Description Select element by click (Ctrl+B)
Use this command to quickly find an element on a webpage. Click this button and then click the element on the webpage. The left pane switches to the HTML view, and highlights the element source. Clear browser Cache.. (Ctrl+R)
Clears the browser cache to get fresh page content from the server at next refresh. Export Data Save the profile data of the current report to a CSV file. Type the name of the file in the Save As dialog box that appears. Click Save to export the profile data to the file. Start profiling
Click this button to start collecting profile information. When the profiler is started, click the activities you want to profile on your webpage. These script activities are collected and presented to you in a Report . Click the Stop Profiling button to stop profiling and view the report. The session is logged into a report and the information displayed. Repeat this process to record another profiling session. Current view
Set the current view of the profile report. You can view profile report using either the Functions or Call Tree views.
Functions lists all the functions used during the profiling session.
Call Tree shows a hierarchy of calls during the profiling session. In both views, profile data is presented in different columns in the Primary Content Pane . To add or remove columns, right-click anywhere in the pane and select Add / Remove Columns from the shortcut menu. To sort the report on a particular column, click the column header or select the column from the Sort By menu item in the shortcut menu. To rearrange the columns, drag column headers. Current report
Each recorded profile session creates a numbered Report . Click the Report drop-down list to switch between reports. Click Export Data to export the data to a CSV format file. Close report
Closes the current report. The closed report is removed from the report list. The next report on the list becomes the current report. .
For more info about using the Profiler, see Using the Profiler Tool to analyze the performance of your code. The Network tab
The Network tab can help you diagnose network-related issues by showing all the traffic that is related to a page and exposing details about individual connections. You can see the relative timing that each item on a webpage takes to load and render, so you can quickly see and solve problems. Command name Description Select element by click (Ctrl+B)
Use this command to quickly find an element on a webpage. Click this button and then click the element on the webpage. Os x 10 13 3 . The left pane switches to the HTML view, and highlights the element source. Clear browser Cache.. (Ctrl+R)
Clear the browser cache to get fresh page content from the server at next refresh. Export Captured traffic
The Save button lets you save the network capture log to an XML or comma delimited (.CSV) file for further analysis in a spreadsheet or database. Start/Stop capturing
Click to record network traffic. Click again to stop recording and view the report that is generated. Go to detailed view / Back to summary view
The summary view (default) shows all network activity recorded. Click button to change to the detailed view, which drills down on a single URL.
When in detailed view , the next and preview buttons appear to the right of this button, and let you page through the details of each URL in the report. Clear
Click to remove all recorded data from the report.
For more info about the Network view, see Using Internet Explorer Developer Tools Network Capture Search
The Search box provides a way to quickly find specific text in the currently open file or report. Search is context-sensitive and what it can find is based on the currently selected view. For example, in the HTML view, the Search box displays the message 'Search HTML' and searches in the HTML view. Likewise, in the CSS view, the box shows 'Search CSS' and finds text in the CSS view.
Search highlights all matching words and next and previous buttons let you navigate the matches. As you traverse the list of matches, the current match is highlighted and brought into view.
In the HTML view, you can use W3C Selectors API syntax to search for specific elements. For example, use the keyword '@div' to find all the div elements in the page. You can search for CSS class names by '@.myClassName' to find all elements defined as 'myClassName' . You can also narrow your search down by element. For example, '@div.myClassName' only finds div elements with 'myClassName' defined. Search terms are case sensitive when searching for selector class names. For more info about CSS selectors read Understanding CSS Selectors.
For all other views, such as the CSS view, use regular text keywords. Search is not case sensitive in this case. Window controls
Each Internet Explorer instance has its own instance of F12 tools. When working with multiple webpages, use the Pin feature to attach each instance of F12 tools to its associated Internet Explorer instance. When script debugging starts, F12 tools opens in a separate window.
The F12 tools window offers the normal Minimize , Maximize , Restore , and Close window controls, as well as additional pinning controls.
Click the Pin button to attach the F12 tools interface to the Internet Explorer session that opened it. This is useful when multiple instances of F12 tools are opened. However, when debugging is started in Script view, F12 tools always opens in its own window.
Click the Unpin button to detach F12 tools from the Internet Explorer instance.
To resize a pinned F12 tools session, stretch the upper edge of the window to size. Click the Minimize button or press Ctrl+M to minimize the pinned F12 tools session. In a minimized state, F12 tools remains attached to the window and only the Menu Bar is visible. Related topics --
This article can help you to isolate and fix the causes of various errors that you may experience when you access websites that are configured to use Kerberos authentication in Internet Explorer. The number of potential issues that may occur is almost as large as the number of tools that are available to solve them. Common symptom when Kerberos fails
You try to access a website for which Windows Integrated Authenticated has been configured and for which you expect to be using the Kerberos authentication protocol. When you access the website, your browser immediately prompts you for credentials, as follows:
Although you enter a valid user name and password, you're prompted again (three prompts total). Then, you're shown a screen that indicates that you aren't allowed to access the desired resource. The screen displays a HTTP 401 status code that resembles the following error:
On the Microsoft Internet Information Services (IIS) server, the website logs contains requests that end in a 401.2 status code, such as the following log:
Alternatively, the screen displays a 401.1 status codes, such as the following: Determine whether Kerberos is used
When you troubleshoot Kerberos authentication failure, we recommend that you simplify the configuration to the minimum (one client, one server, one IIS site that's running on the default port). Additionally, you can follow some basic troubleshooting steps. For example, use a test page to verify the authentication method that's used. If you use ASP.NET, you can create this ASP.net authentication test page.
If you're using classic ASP, you can use the following Testkerb.asp page:
You can also use tools such as Fiddler, HttpWatch, Network Monitor, or the developer tools in your browser to determine whether Kerberos is used. For more information about how such traces can be generated, see client-side tracing.
When Kerberos is used, the request that's sent by the client is large (more than 2,000 bytes). This is because the HTTP_AUTHORIZATION header includes the Kerberos ticket. The following request is for a page that uses Kerberos-based Windows Authentication to authenticate incoming users. The size of the GET request is more than 4,000 bytes.
If the NTLM handshake is used, the request will be much smaller. The following client-side capture shows an NTLM authentication request. The GET request is much smaller (less than 1,400 bytes).
After you determine that Kerberos authentication is failing, check each of the following items in the given order. Things to check if Kerberos authentication fails
The following sections describes the things that you can use to check if Kerberos authentication fails. Are the client and server in the same domain
Using Kerberos requires a domain because a Kerberos ticket is delivered by the domain controller (DC). Advanced scenarios are also possible in which the client and server aren't in the same domain but in two domains of the same forest, or in two different forests. These possible scenarios are discussed in the Why does Kerberos delegation fail between my two forests although it used to work section of this article. Is IIS configured to use integrated authentication Is integrated authentication enabled in Internet Explorer Does the URL that's used resolve to a security zone for which credentials can be sent
You should always run this check for sites that are matched to the Local Intranet zone of the browser or for sites in the Trusted Sites zone. You can check in which zone your browser decides to include the site. To do this, open to the File menu of Internet Explorer, and then select Properties . The Properties window will display the zone in which the browser has decided to include the site that you're browsing to.
You can check whether the zone in which the site is included allows Automatic logon by opening the Internet options menu of Internet Explorer, and selecting the Security tab. After you select the desired zone, select the Custom level button to display the settings and make sure that Automatic logon is selected. (Typically, this feature is turned on by default for the Intranet and Trusted Sites zones).
Note
Even through this configuration is not common (because it requires the client to have access to a DC), Kerberos can be used for a URL in the Internet Zone. In this case, unless default settings are changed, the browser will always prompt the user for credentials. Kerberos delegation won't work in the Internet Zone. This is because Internet Explorer allows Kerberos delegation only for a URL in the Intranet and Trusted sites zones. Is the IIS server configured to send the WWW-Authenticate: Negotiate header
If IIS doesn't send this header, you will have to use the IIS Manager console to set the Negotiate header though the NTAuthenticationProviders configuration property (see Windows Authentication Providers providers). You can access the console through the Providers setting of the Windows Authentication details in the IIS manager.
Note
By default, the NTAuthenticationProviders property is not set. This causes IIS to send both Negotiate and Windows NT LAN Manager (NTLM) headers. Are the client and server installed on the same computer
By default, Kerberos isn't enabled in this configuration. To change this behavior, you have to set the DisableLoopBackCheck registry key. For more information, see KB 926642. Can the client get a Kerberos ticket
You can use the Kerberos List (KLIST) tool to verify that the client computer can obtain a Kerberos ticket for a given service principal name (SPN). In this example, the SPN is http/web-server.
Note
KLIST is a native Windows tool since Windows Server 2008 for server-side operating systems and Windows 7 Service Pack 1 for client-side operating systems.
If the Kerberos ticket request fails, Kerberos authentication isn't used. NTLM fallback may occur if the Kerberos ticket request fails. This is because the SPN requested is unknown to the DC. If the DC is unreachable, no NTLM fallback occurs. Internet Explorer Download
In order to declare an SPN, see How to use SPNs when you configure Web applications that are hosted on Internet Information Services. Does the web server use a port other than default (80)
By default, Internet Explorer doesn't include the port number information in the SPN that's used to request a Kerberos ticket. This can be a problem if you use IIS to host multiple sites under different ports and identities. In this configuration, Kerberos authentication may work only for specific sites even if all SPNs have been correctly declared in Active Directory. To fix this issue, you must set the FEATURE_INCLUDE_PORT_IN_SPN_KB908209 registry value. (See the Internet Explorer feature keys section for information about how to declare the key.) This setting forces Internet Explorer to include the port number in the SPN that's used to request the Kerberos ticket. Does Internet Explorer use the expected SPN
If a website is accessed by using an alias name (CNAME), Internet Explorer first uses DNS resolution to resolve the alias name to a computer name (ANAME). The computer name is then used to build the SPN and request a Kerberos ticket. Therefore, even if the URL that is entered in the Internet Explorer address bar is http://MYWEBSITE , Internet Explorer requests an SPN for HTTP/MYSERVER if MYWEBSITE is an alias (CNAME) of MYSERVER (ANAME). You can change this behavior by using the FEATURE_USE_CNAME_FOR_SPN_KB911149 registry key. (See the Internet Explorer feature keys for information about how to declare the key.)
A Network Monitor trace is a good method to check the SPN that's associated with the Kerberos ticket, as in the following example: Does the application pool identity match the account associated with SPN
When a Kerberos ticket is sent from Internet Explorer to an IIS server, the ticket is encrypted by using a private key. The private key is a hash of the password that's used for the user account that's associated with the SPN. Therefore, only an application that's running under this account will be able to decode the ticket.
The following procedure is a summary of the Kerberos authentication algorithm:
Internet Explorer determines an SPN by using the URL that's entered into the address bar.
The SPN is passed through a Security Support Provider Interface (SSPI) API (InitializeSecurityContext) to the system component that's in charge of Windows security (the Local Security Authority Subsystem Service (LSASS) process). At this stage, you can see that the Internet Explorer code doesn't implement any code to construct the Kerberos ticket. Internet Explorer calls only SSPI APIs.
LSASS uses the SPN that's passed in to request a Kerberos ticket to a DC. If the DC can serve the request (known SPN), it creates a Kerberos ticket, and then encrypts the ticket by using a key that's constructed from the hash of the user account password for the account that's associated with the SPN. LSASS then sends the ticket to the client. As far as Internet Explorer is concerned, the ticket is an opaque blob.
Internet Explorer encapsulates the Kerberos ticket that's provided by LSASS in the Authorization: Negotiate header, and then it sends the ticket to the IIS server.
IIS handles the request and routes it to the correct application pool (by using the host header that's specified).
The application pool tries to decrypt the ticket by using SSPI/LSASS APIs and by following these conditions:
If the ticket can be decrypted, Kerberos authentication succeeds, and all services that are associated with the ticket (impersonation, delegation if ticket allows it, and so on) are available.
If the ticket can't be decrypted, a Kerberos error (KRB_AP_ERR_MODIFIED) is returned. This error is a generic error that indicates that the ticket was altered in some manner during its transport. Therefore, the ticket cannot be decrypted. This error is also logged in the Windows event logs.
If you don't explicitly declare an SPN, Kerberos authentication works only if the application pool identity is one of the following:
Network Service
ApplicationPoolIdentity
Another system account such as LOCALSYSTEM or LOCALSERVICE
However, these identities are not recommended because they are a security risk. In this case, the Kerberos ticket is built by using a default SPN that's created in Active Directory when a computer (in this case, the server that IIS is running on) is added to the domain. This default SPN is associated with the computer account. Under IIS, the computer account maps to Network Service or ApplicationPoolIdentity.
If your application pool has to use an identity other than the listed identities, you'll have to declare an SPN (using SETSPN), and then associate it with the account that's used for your application pool identity. A common mistake is to create similar SPNs that have different accounts. For example: Lync Click To Call Internet Explorer
SETSPN http/mywebsite UserAppPool1
SETSPN http/mywebsite UserAppPool2
This configuration won't work because there is no deterministic way to know whether the Kerberos ticket for the http/mywebsite SPN will be encrypted by using the UserAppPool1 or UserAppPool2 password. This configuration typically generates KRB_AP_ERR_MODIFIED errors. To determine whether you are in this (bad) duplicate SPNs scenario, you can use the tools that are documented in Why you can still have duplicate SPNs in AD 2012 R2 and AD 2016. From Windows Server 2008 onwards, you can also use an updated version of SETSPN for Windows that allows the detection of duplicate SPNs by using the setspn X command when you declare a new SPN for your target account. For more information, see Setspn.
We also recommended that you review the following articles: Does Kerberos authentication fail in IIS 7 and later versions even though it works in IIS 6
Kernel mode authentication is a feature that was introduced in IIS 7. It provides the following advantages:
Performance is increased because kernel-mode-to-user-mode transitions are no longer made.
Kerberos ticket decoding is made by using the machine account (not by using application pool identity). This lets you have multiple applications pools running under different identities without having to declare SPNs.
Warning
If an SPN has been declared for a specific user account (also used as application pool identity), kernel mode authentication can't decrypt the Kerberos ticket because it uses the machine account. This problem is typical in web farm scenarios. This is because this scenario usually declares an SPN for the (virtual) NLB hostname. To prevent this from occurring, you can do either of the following:
Disable Kernel mode authentication. (Not recommended from a performance standpoint.)
Set useAppPoolCredentials to true . (Doing this retains the performance benefit of kernel mode authentication while allowing the Kerberos ticket to be decoded under the application pool identity). For more information, see New in IIS 7 - Kernel Mode Authentication. Why does delegation fail although Kerberos authentication works
In this scenario, check the following items:
The Internet Explorer Zone that's used for the URL. Kerberos delegation is allowed only for the Intranet and Trusted Sites zones. (In other words, Internet Explorer sets the ISC_REQ_DELEGATE flag when it calls InitializeSecurityContext only if the zone that is determined is either Intranet or Trusted Sites.)
The user account for the IIS application pool hosting your site must have the Trusted for delegation flag set within Active Directory. Internet Explorer Updates
If delegation still fails, consider using the Kerberos Configuration Manager for IIS. This tool lets you diagnose and fix IIS configurations for Kerberos authentication and for the associated SPNs on the target accounts. For more information, see the README.md. You can download the tool from here. Why do I get bad performance when I use Kerberos authentication
In older versions of Windows Server, such as Windows Server 2008 SP2 and Windows Server 2008 R2, Kerberos is a request-based authentication protocol. This means that the client must send the Kerberos ticket (that can be quite a large blob) with each request that's made to the server. This is contrary to authentication methods that rely on NTLM. By default, NTLM is session-based. This means that the browser will authenticate only one request when it opens the TCP connection to the server. Each subsequent request on the same TCP connection will no longer require authentication for the request to be accepted. In newer versions of IIS, from Windows 2012 R2 onwards, Kerberos is also session-based. This means that only the first request on a new TCP connection has to be authenticated by the server. Subsequent requests do not have to include a Kerberos ticket.
You can change this behavior by using the authPersistNonNTLM property if you are running under IIS 7 and later versions. If the property is set to true , Kerberos will become session based. If the property is set to false , it will be session-based. Therefore, it will have worse performance because we have to include a larger amount of data to send to the server each time. For more information, see Request based versus Session based Kerberos Authentication (or the AuthPersistNonNTLM parameter).
Note
It may not be a good idea to blindly use Kerberos authentication on all objects. Using Kerberos authentication to fetch hundreds of images by using conditional GET requests that are likely generate 304 not modified responses is like trying to kill a fly by using a hammer. Such a method will also not provide obvious security gains. Why does Kerberos delegation fail between my two forests although it used to work
Assume that you have a scenario in which the users of your application are located in a domain inside forest A, your application is located in a domain inside forest B, and you have a trust relationship between the forests. You may find the Kerberos delegation stops working even though it used to work previously and you have not made any changes to either forests or domains. Notice that Kerberos authentication still works in this scenario. It is only delegation that fails. This problem might occur because of security updates to Windows Server that were released by Microsoft in March 2019 and July 2019. These updates disabled unconstrained Kerberos delegation (the ability to delegate a Kerberos token from an application to a back-end service) across forest boundaries for all trusts (new and existing). For more information, see Updates to TGT delegation across incoming trusts in Windows Server. Internet Explorer feature keys
These are registry keys that turn some features of the browser on or off. The keys are located in the following registry locations:
HKEY_USERSUserSIDSoftwareMicrosoftInternet ExplorerMainFeatureControl if defined at the user level
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMainFeatureControl - if defined at the machine level
Feature keys should be created in one of these locations, depending on whether you want to turn the feature on or off for all users on the computer or for only a specific account. These keys should be created under the respective path. Inside the key, a DWORD value that's named iexplorer.exe should be declared. The default value of each key should be set to either true or false , depending on the desired setting of the feature. By default, the value of both feature keys, FEATURE_INCLUDE_PORT_IN_SPN_KB908209 and FEATURE_USE_CNAME_FOR_SPN_KB911149 , is false . For completeness, here is an example export of the registry by turning the feature key to include port numbers in the Kerberos ticket to true:
