
How Browsers Work - martius
http://www.html5rocks.com/en/tutorials/internals/howbrowserswork/
======
lloeki
_> According to the StatCounter browser statistics, currently (August 2011),
the usage share of Firefox, Safari and Chrome together is nearly 60%. So
nowadays open source browsers are a substantial part of the browser business._

Somehow this never occurred to me to aggregate it this way. I recall having
read somewhere that the server-side ratio is about 70-30. It's quite a
milestone as now both ends of the WWW platform have an absolute majority being
open source.

~~~
bane
It's hard to lump Safari into that, even if webkit is open source.

~~~
ugh
If you use that criterium, you also can’t lump Chrome into that. I would count
the engine, not the browser.

~~~
gmartres
But Chromium is, and there's no difference between the two beside branding and
Chrome shipping with some non-free stuff:
[https://code.google.com/p/chromium/wiki/ChromiumBrowserVsGoo...](https://code.google.com/p/chromium/wiki/ChromiumBrowserVsGoogleChrome)

~~~
staktrace
It depends on what you care about when you say "open". If you care about
security/privacy and the fact that you're running potentially Trojan-infected
code on your machine, then _any_ non-open code makes a difference.

~~~
TheAmazingIdiot
The fact you use a connection to the internet opens yiu to many nefarious
means to "screw you over". I can think of subtle things like changing
adservers to backbone providers, router protocol redirections, ssl master cert
spoofs (care of us govt), and many others.

Unless you were the types that freaked out on mm256.dat and nsakey, use
standard security and you're fine.

If you did freak out, im sure we can work out a GPS-login script that watches
location, bloodtype, retinal scan, passphrase, and voice scan to get a guest
account.

------
v21
This looks like an excellent place to link someone who knows a bit of HTML,
maybe some Javascript, but is curious about "real CS stuff".

------
maxxxxx
Very interesting. I am always amazed how quickly browsers can update the
layout when you work with jQuery to update CSS or the DOM.

------
macavity23
The bit about how browsers parse malformed html is very interesting - a useful
lesson for all developers having to deal with the crap that users tend to
produce! ;-)

~~~
mapgrep
It's also a useful lesson for people thinking about security. When something
that is not actually HTML can be interpreted in a browser as HTML, there is a
big potential security hole.

For example: At one point, I sanitized incoming user content by parsing it as
HTML and nuking almost all markup (I allowed links and italics to pass
through). THEN I realized this wasn't good enough, because Firefox was parsing
unclosed image tags as though they were closed. The (strict) parser I was
using would pass through a user's unclosed image tag as plain text, but
Firefox would load it as an image. An attacker could have used that to not
only collect visitor IPs (by loading an image on his server) but also to do
various things with Javascript -- an image tag can include an onload
attribute. (I have no idea if Firefox still works this way, it was about five
years ago.)

~~~
wtetzner
It would make more sense to HTML escape the input than to strip out tags.

~~~
mapgrep
The goal was to allow link and italics tag, as I mentioned.

------
babel17
They refer to Tali Garsiel as "she". Sure it isn't a "he" ?

~~~
babel17
Lol. It seems I need to do more web research... Thanks for all the down votes.
What a stupid and childish site. Bye Bye Hacker News.

~~~
Helianthus
HN has elitism problems: it's excessively worried about quality (something it
can't really control as the site grows) to the extent that its group action
violently downvotes certain posts--such as your rather innocent question.

I guess everyone thinks you should have googled it, but we didn't have the
decency to politely request that you google such information in the future?

I feel you.

~~~
Androsynth
It's an irrelevant question and if a discussion were to spawn from it, it
would detract from the actual content. This is a perfectly valid comment
downvote.

~~~
Helianthus
It's a question about the author. It's a stupid question about the author that
could easily be answered with five seconds on Google, but that doesn't make it
irrelevant, except in the eyes of an indifferent, exclusionary mindset that
prizes signal-to-noise-ratio above simple politeness. I ain't asking for
people to _upvote_ it, just to ease off on the downvotes and maybe provide a
courteous explanation.

~~~
masterzora
The question was a sexist double whammy (given both the assumption that "the
author of a technical document can't possibly be a woman" and that "the
author's gender is at all germane to this piece") that has no place anywhere,
let alone HN. If anything should be downvoted, that is the perfect example of
one such thing.

~~~
Helianthus
Or maybe the speaker is from a culture that doesn't know that Tali is a Hebrew
name for both boys and girls, or from a culture where Tali is only a dude's
name, or... the hypothetical exceptions to your interpretation go on and on.
[Ninja-edit] Your ninja-editted assumptions as to what the person meant by his
question are an over-reaction: you don't _know_ that's what he meant, you're
only seeing hints of it.[end ninja-edit]

It could _well_ be an innocent question, and there's no sense in generating
righteous indignation over two sentences.

~~~
masterzora
Given that female pronouns were used several times in the opening paragraph,
even if one didn't scroll down to the bio at the bottom, to assume that she
must be a he, even on the basis of something such as a name (cf. George Eliot)
is entirely unwarranted without further reason to back it up. But, you're
right, it could have been a case of bad assumptions and only single-whammy
sexism (the author's gender is still not germane to the article in any way).
And it's still a downvote-worthy comment.

------
palyekar
thanks for the link!

