IE11 developer tools - document mode and user agent string are blank

StackOverflow https://stackoverflow.com/questions/23490161

Question

I am experiencing an issue where the document mode and user agent string select boxes in the emulation tab are blank when I am using the IE 11 Developer Tools. Here is a screenshot of the issue:

Dev Tools Blank

I have researched the issue and have tried the following recommended solutions:

  • Deleting registry key from HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Internet Settings\5.0\LowCache\Extensible Cache
  • Running IE11 in administrator mode
  • Deleting %TEMP%\TempIE

From these posts:

http://answers.microsoft.com/en-us/ie/forum/ie11-iewindows8_1/document-mode-and-user-agent-string-dropdowns/cd34d5f8-7839-4083-af55-05d49ba85190?page=1

http://social.technet.microsoft.com/Forums/ie/en-US/970c16ca-8ae8-49e7-bced-ddce437c690d/internet-explorer-11-emulation-document-mode-and-user-agent-string-drop-down-menu-blank?forum=ieitprocurrentver

These have not worked unfortunately. There is currently a bug open for this issue on MS connect. However there has been no reply from microsoft since November 2013. Has anyone else experienced this issue and are aware of a functioning workaround?

Was it helpful?

Solution

The issue happens when the Internet Explorer browser tab process in unable to access the appropriate Low folder.

Internet Explorer when running in Protected Mode, runs each tab in a separate Low Mandatory Integrity Level process. Any process tagged as Low has a number of restrictions placed upon it, e.g.:

  • limiting write access to only one folder on the hard drive (LocalLow)
  • limiting write access to only one key in the registry (AppDataLow)
  • blocks window and process hooking
  • unable to create processes or remote threads
  • cannot write to shared memory
  • access running COM objects
  • cannot access clipboard
  • cannot open sockets
  • cannot initiate RPC
  • cannot send messages to other windows

The interesting restriction we care about is only able to write to specifically white-listed folders; folders marked with Low Mandatory Integrity Level.

An example of one of these folders is your LocalLow folder in:

  • C:\Users\Ian\AppData\Local
  • C:\Users\Ian\AppData\LocalLow (low integrity level)
  • C:\Users\Ian\AppData\Roaming

You can see the Low Mandatory Integrity Level tag applied to this folder by running icacls from an elevated command prompt:

C:\Users\Ian\AppData>icacls LocalLow
LocalLow BUILTIN\Administrators:(I)(F)
         BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
         NT AUTHORITY\SYSTEM:(I)(F)
         NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
         NT AUTHORITY\Authenticated Users:(I)(M)
         NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M)
         BUILTIN\Users:(I)(RX)
         BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE)
         Mandatory Label\Low Mandatory Level:(OI)(CI)(NW)

Successfully processed 1 files; Failed processing 0 files

The last entry:

Mandatory Label\Low Mandatory Level

indicates that this folder has the Low integrity level marker. This means that it is one of the few folders that a Low process is allowed to write to.

What does this have to do with Internet Explorer

In the case of Internet Explorer, there are a handful of other Low folders.

C:\Users\Ian\AppData\LocalLow
C:\Users\Ian\AppData\Local\Temp\Low
C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
C:\Users\Ian\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
C:\Users\Ian\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low

When you use the F12 tools, Internet Explorer tries to access the IECompatUACache folder. If the folder does not have the correct label, the iexplore.exe process will get an ACCESS DENIED error; causing it fail badly.

What can cause the Low Mandatory Label to have been lost from one of these folders or any of their subfolders? Perhaps you own an SSD, and tried to use Microsoft's supported feature of relocating your AppData folder. The folder relocation feature fails pretty spectacularly at its one job of relocating a folder.

In order to reset the Mandatory Integrity Level Low label on the Low folders around the computer, run:

icacls "D:\Users\Ian\AppData\LocalLow" /setintegritylevel low /T
icacls "D:\Users\Ian\AppData\Local\Temp\Low" /setintegritylevel low /T
icacls "D:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low" /setintegritylevel low /T
icacls "D:\Users\Ian\AppData\Roaming\Microsoft\Windows\IECompatCache\Low" /setintegritylevel low /T
icacls "D:\Users\Ian\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low" /setintegritylevel low /T

OTHER TIPS

You can disable Protected Mode in IE, that fixes the issue too. Less dangerous than running it as administrator.

I had this issue too for a while. If you still need a quick fix, running Internet Explorer with Administrator Privileges seems to refresh the list for me, whenever it's empty. Hope that helps!

With IE11 RTM those lists are populated from a service, when that fails the lists are empty :(. With the April update to IE11 the fall back should be a default list of entries rather than blank. Try installing the latest Windows Update.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top