The dangers of supporting Legacy Browsers.

Published On: Nov 8, 2013

From time to time I get request to add support for a browser that has long since gone the way of the dodo.  If you are regularly using IE7 you are the reason we can't have nice things. I say this being both humorous and literal. Customers that insist that there still be support of IE6 since their nephews brothers friend still uses Windows XP. There are a multitude of reasons that this is a very bad practice.

  • Support for modern functionality suffers from having to support browsers without modern functionality.
  • Developing sites for older browsers leads to a functionality spread that can be difficult and costly to develop.
  • The main issue with using older and outdated browsers is the fact that you are opening yourself to allowing insecure user access to your application.

The first of these items can be explained in the fact that with all of the new features and functionalities that have evolved on the internet over the last couple of years, if you are targeting your website for an older browser you are effectively building your site for the past.  New functionalities and ways of doing things are evolving all the time, it’s not uncommon for programming tools to change multiple times over the development of the smallest site. By targeting older technology you are loosing out on many of those features that may reduce the cost of your development, as well as provide better value.

The second item is that older browsers do not behave the same way that their newer cousins to.  On the whole all of the browsers are coming closer and closer to similar implementations of technologies like javascript functionality and css rendering.  Older browsers had much larger differences.  This is not by accident, over time it has become more important as the market of devices and browsers have expanded for the standard that everyone has been coding to, to actually become the standard.  For a long time market strength kept all of the browsers insisting that their version was the correct version of the truth.  Now with the expanding internet developers have pushed for better standards, and where those don’t exist they have created libraries to compensate.

The last of these reasons is really the only reason we should be talking about this. Hopefully the first two bullet points convinced you that abandoning these browsers is the way to go. If you still remain unconvinced then take this last one as the only word on the subject.  If you are using browsers like IE 7 you are no longer receiving security updates.  What that means is that there are confirmed open security holes in your browser, that are well documented and readably available. May of these security holes in the browser can give someone direct access to your machine.  If they have access to you hard drive it’s no longer your computer, It belongs to the person who compromised it.  They can use these security holes to install key loggers allowing them to capture passwords and getting user level access to your site. If you are supporting an out of date browser you are giving the malicious person access to your site at the level of that user.  If it’s just a user than that may not be an issue, but if its an admin you just gave away the keys to the kingdom. Harvesting account information and malicious attacks are really just some of the outcomes.

If you want proof of this I would welcome you to check out Anything that you see in red is bad news, and if you see the words Exec Code it means that they have the ability to install and execute remote code on your machine. This would be why some many machines on the internet are participating in BOT Nets. The fact that you are still supporting IE7 means that you can't take advantage of any of the new technology that has added to the web IN THE LAST SIX YEARS. Btw, this is not limited to IE7, use the link above to examine other outdated software that you are using.  Update your browser and encourage your clients to do the same.