IE8 tripping on Acid2

Internet Explorer 8 can pass the Acid2 test. Well, not really. It turns out it only works on one particular domain -- which means it fails the test.

Here's how it's gone down: first, the IE8 team announced that the browser would pass the Acid2 test; then came the caveat that it would do so only if a new meta tag was inserted into pages; then it did pass the Acid2 test by default; and now comes the revelation that IE8 will not pass the Acid2 test by default.

I seem to remember IE8 beta 1 passing the Acid2 test () -- was I dreaming?

Seems we were all duped. A
post at the IEBlog on Wednesday tells the tale.

In summary, an OBJECT tag makes IE invoke ActiveX to display some HTML content, ActiveX uses IE to do this. What makes this painful is that ActiveX has a security policy to prevent cross-domain security breaches -- makes sense to me (although invoking ActiveX to display HTML is a bit weird to my cursory glance).

The real kicker is that the offending object is a fallback object, and IE8 seems to be protecting the developer from themselves.

A comment on the blog post claiming to be from the author of Acid2 says:
"But if it's failing -- for whatever reason, cross-domain or not -- you should fallback. Hence the current behaviour is still a bug. :-)
(BTW why would it be a cross-domain problem? This should be exactly the same as an iframe, which can cross domains fine.)"

Even if it is not Ian Hickson himself, the sentiment is still correct.

I leave the defence of this to the blog post itself, which said:
"To maintain compatibility and be secure by default we didn’t want to invoke fallback either, as original web authors might not have intended this behavior.  We started with the most secure solution and are now looking into whether we can safely loosen this restriction in a future beta."

At least there is a glimmer of hope for a complete pass of Acid2 in this version of IE8.

The good news though is, ActiveX security checks aside, we do have a Microsoft browser that will render the page correctly -- even it is does want the HTML served up to it in a special way.

It's a vast improvement since IE6/7 hell.