Microsoft calls omission of IE8 CSS rendering in Office 2010 a 'powerful' feature

Update ribbon (small)

4:00 pm EDT June 24, 2009 · In a marketing driven response that looks a lot more like the old Microsoft than the new Microsoft in terms of explaining away its design decisions, a Microsoft corporate vice president characterized Outlook 2010's reliance upon Word instead of Internet Explorer 8 for rendering HTML text symbolic of what he called "The Power of Word."

Corporate Vice President William Kennedy confirmed that the component of the company's new Office 2010 software -- whose technical preview is currently next month will be limited to select testers -- will rely upon Word rather than IE for reasons that include system security. "For e-mail viewing, Word also provides security benefits that are not available in a browser: Word cannot run web script or other active content that may threaten the security and safety of our customers," he wrote.

Kennedy defended his company's design decision for the fact that it enables customers to use Word as their HTML editor of choice, for one reason because Word supports features such as SmartArt and Word styles that are found only in Word. He then cited a June 2007 white paper published after Office 2007 first received complaints for this design choice, which its authors characterized as a "rich design experience" that users should come to "embrace."

The CVP also blatantly dismissed not only claims made by an e-mail marketing newsletter publisher about Outlook 2010 continuing to omit full support for CSS style codes, but appeared to attempt to cast doubt as to the legitimacy of the publisher's profession. He cited publisher Dave Greiner's Web site twice and his job once (maker of "email marketing campaign" software) using quotation marks, suggesting false pretenses and adding, "The 'Email Standards Project' does not represent a sanctioned standard or an industry consensus in this area."

Granted, the Email Standards Project is not an industry consortium; however, it is a recognized effort on the part of a producer of marketing software to compel manufacturers including Microsoft, Mozilla, Google, and AOL to adhere to principles that at least some industry players have embraced as standards.

7:15 pm EDT June 24, 2009 · A Microsoft spokesperson suggested to Betanews this evening that Dave Greiner may have been using an unauthorized version of the Office 2010 Technical Preview to obtain his CSS rendering test results posted on FixOutlook.org, adding that no one has officially received the preview code outside of Microsoft. The statement implies that the performance of Word's rendering engine could be improved once the official Technical Preview is released.


12:31 pm EDT June 24, 2009 · An e-mail marketing newsletter publisher has had enough with being unable to design correspondence the same way he designs his Web pages. Today the co-founder of Campaign Monitor, Dave Greiner, launched a Twitter-based campaign of his own to compel Microsoft to discontinue using Word's rendering engine instead of Internet Explorer, for reproducing CSS-formatted e-mails in the upcoming Outlook 2010.

In a blog post this morning, Greiner said "a senior member of the Outlook team" confirmed to him that the next version of Outlook will continue to use Word's more limited renderer. He cites an e-mail he says was sent to him by Outlook Senior Product Manager Dev Balasubramanian, explaining that his team's decision was based on a need to protect Word's status as an authoring tool for Outlook e-mails: "I am aware of where this decision on our part places Outlook from a standards perspective," Balasubramanian writes. "At the same time, we ask that you consider the benefits Outlook users get from having Word tools in their e-mail authoring experience."

Now Greiner and his colleagues have launched FixOutlook.org, essentially a page containing the icons of Twitter users who have joined the campaign by attaching the Web page's URL to their tweets. A check of Twitter this morning shows thousands are joining the cause for one reason or another, including traffic generators that do not, on the surface, appear to be human.

Three years ago, Microsoft made a design decision for Office 2007 that would disappoint many online newsletter publishers: After having leveraged Internet Explorer's rendering engine for HTML-based e-mails in later builds of Office 2000 and 2003, it reverted to using the more limited rendering engine from Word 2007, for rendering formatted e-mails in Outlook 2007.

The reason was never publicly revealed at the time (at least, not until Balasubramanian's e-mail to Greiner). In a 2007 MSDN post, company engineers explained the design decision as a feature: "Microsoft Office Outlook 2007 uses the HTML parsing and rendering engine from Microsoft Office Word 2007 to display HTML message bodies. The same HTML and cascading style sheets (CSS) support available in Word 2007 is available in Outlook 2007."

But privately, testers knew that Outlook's reliance upon Word instead of Internet Explorer eliminated all chances of cross-application exploitation through IE. As this 2002 Microsoft security bulletin attests, too many attempts were being made to generate powerful scripted e-mails that took advantage of flaws in rendering features that were patched or thwarted in Internet Explorer, but exposed outside of IE.

Nevertheless, Microsoft's choice left Outlook users with far more limited methods of layout and expression, forcing many publishers to cut back on their design features even though other e-mail clients such as Mozilla's Thunderbird remained unconstrained.

Today, Outlook users don't actually have to launch Word to produce formatted e-mails. But thanks to the long-standing Component Object Model relationship between Office components, the tool used for writing formatted e-mails is actually delivered to Outlook through Word. (That's one ironic reason why the composition window contains the new ribbon front-end, while Outlook 2007's home window missed the deadline for converting to the ribbon.)

For folks who don't compose formatted e-mails with Outlook's borrowed tools, Microsoft publishes a CSS validator that can check a document for unsupported elements. That validator was designed to be used in conjunction with Microsoft's own tools such as Visual Studio, as well as Dreamweaver. That unsupported elements list is colossal, disallowing such features as inline framing, built-in menus, JavaScript events, and the all-important <script> element.

Greiner's new Web page borrows a New Zealand-based newsletter (which appears to be out of publication since last October) to demonstrate how a non-validated Web page appears when rendered by Outlook. Betanews checked out that newsletter: Abiding by many of the suggestions made by professional Web designers, the CSS for "Soul Purpose" was all embedded in the document -- there were no links to external stylesheets, eliminating one opportunity for cross-site scripting vulnerabilities. E-mail clients that do support full CSS often prefer the code to be embedded in the page rather than linked, so "Soul Purpose" was following the rules.

This shows how Outlook 2007 currently renders the same page, and how Greiner says he's been told that Outlook 2010 will render it as well. Microsoft has yet to publicly confirm this speculation, although Office testers had actually been anticipating the company to either make significant improvements in its Word HTML renderer -- thus at least cutting down on the number of unsupported elements -- or building an option to enable Outlook to safely use IE8 as an alternative renderer.

If neither prospect comes to fruition, it's likely that Dave Greiner and his colleagues will remain angry. Though by that time, the Twitter patter may have either subsided or switched to another cause-of-the-week, after which it may come time for the master of electronic marketing campaigns to come up with an appropriate sequel. On the other hand, if Microsoft does make the change, perhaps someone could register "PatchOutlook.org."

25 Responses to Microsoft calls omission of IE8 CSS rendering in Office 2010 a 'powerful' feature

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.