Slashdot Mirror

The new set of browser extension APIs that make up WebExtensions, which are available in Firefox today, are inherently more secure than traditional add-ons

From the point of view of an end user, the transition just takes one problem (security) and replaces it with another (data loss). Ctrl+Q in Firefox 57 for Linux quits the whole browser without asking for confirmation, causing loss of data in unsubmitted forms. XUL extensions used to be able to prevent this, but WebExtensions cannot because bug 1325692 was marked as "wontfix" for Firefox 57.

I use a scriptblocking extension which has to be able to interact with every "tab" to be able to actually work.

And script blocking is probably the number 1 feature of Firefox-based browsers (this is technically impossible to achieve on Chrome according to professionnal developers).

That's why NoScript is currently in the process of being ported to webextensions.

Or, more precisely, Mozilla is in the process of adapting WebExtensions so that things that formely required XUL like NoScript could be ported.

So, unlike Google Chrome, it's very likely that either your favorite script blocking extension will eventually work on Mozilla, or you'll find a nice alternative to your taste.

I hear that there's an ad blocker around,

uBlock Origin has a release candidate that has been made available for webextensions API.

but I hope that something like RequestPolicy will also exist in the new addon system.

NoScript is Currently in the process of being ported to webextensions. Or, more precisely, Mozilla is in the process of adapting WebExtensions so that things that formely required XUL like NoScript could be ported.

I hear that there's an ad blocker around,

uBlock Origin has a release candidate that has been made available for webextensions API.

but I hope that something like RequestPolicy will also exist in the new addon system.

NoScript is Currently in the process of being ported to webextensions. Or, more precisely, Mozilla is in the process of adapting WebExtensions so that things that formely required XUL like NoScript could be ported.

superset of features?

The WebRequest API, for example, is superior in Firefox. Chrome has no support for sidebarAction or theme.

why would any end user care?

Because the add-ons will work better, silly rabbit.

superset of features?

The WebRequest API, for example, is superior in Firefox. Chrome has no support for sidebarAction or theme.

why would any end user care?

Because the add-ons will work better, silly rabbit.

superset of features?

The WebRequest API, for example, is superior in Firefox. Chrome has no support for sidebarAction or theme.

why would any end user care?

Because the add-ons will work better, silly rabbit.

NoScript

NoScript is migrating to the WebExtensions API and will be released for the release of Firefox 57.

AdBlock plus

I use uBlock Origin. Works fine in 57 beta.

Pocket is literally more insidious and malicious

Why? Mozilla bought Read It Later. Mozilla owns Pocket. If you don't want to use it, remove it from your toolbars and don't use it.

How much of the new engine is programmed in Rust?

I know the parent is flamebait for the Rust-allergic readership, but there's actually a factual answer to this question. It's called Stylo/Quantum CSS and is a CSS engine, first developed as part of Servo, an experimental browser engine written in Rust, and the favorite Rust trolls' punching bag. Stylo parallelizes layout computation, speeding up the styling stage of page processing. It's Rust's static enforcement of data race safety that made the parallelization easier to pull off.

My question is, is moz://a involved? I don't see moz://a listed in the summary or the article, but there is a reference to "others". Does "others" include moz://a?

I think it would be a shame if moz://a wasn't included among these other tech leaders. Moz://a is one of the premiere tech-oriented organizations in the world, responsible for important technologies like the Firefox web browser, the Bugzilla issue tracker, the Firefox OS operating system, the Rust next-generation programming language, and the Servo next-generation browser engine.

Moz://a is also working on important Internet initiatives like reinventing online comments and fighting information pollution online.

Some may say that moz://a may actually be the most important technology company in the world because they're at the intersection of tech and society. Moz://a doesn't merely exist to make a profit. Moz://a exists to change the world for the better. So any initiative should surely include their participation, I would hope.

My question is, is moz://a involved? I don't see moz://a listed in the summary or the article, but there is a reference to "others". Does "others" include moz://a?

I think it would be a shame if moz://a wasn't included among these other tech leaders. Moz://a is one of the premiere tech-oriented organizations in the world, responsible for important technologies like the Firefox web browser, the Bugzilla issue tracker, the Firefox OS operating system, the Rust next-generation programming language, and the Servo next-generation browser engine.

Moz://a is also working on important Internet initiatives like reinventing online comments and fighting information pollution online.

Some may say that moz://a may actually be the most important technology company in the world because they're at the intersection of tech and society. Moz://a doesn't merely exist to make a profit. Moz://a exists to change the world for the better. So any initiative should surely include their participation, I would hope.

So what about a case like that of Firefox?

Firefox is a large, open source application created by what at least some people consider to be a "reputable" organization.

The source code is available for review. The source code isn't obfuscated or otherwise obscured.

Yet anybody who claims that Firefox protects their privacy probably hasn't actually looked at Firefox's privacy policy.

Below are some excerpts from the Firefox privacy policy that is dated July 31, 2017.

Be sure to notice the type of information being collected and possibly even transmitted to third parties (including Google, some "Leanplum" company, a "mobile analytics vendor", and "certain developers"). We see terms like:

• - "IP address"
• - "browser version"
• - "operating system"
• - "locale"
• - "language preference"
• - "list of add-ons you have installed"
• - "phone number"
• - "email address"
• - "URLs associated with the downloaded file"
• - "hardware configuration"
• - "commonly visited domains"
• - "location"
• - "the active URL"
• - "Google advertising ID"
• - "personal information"
• - "key word searches"
• - "Wi-Fi networks"
• - "cell phone towers"

Here are the excerpts:

Once per day, Firefox sends the following info to Mozilla when it checks for browser updates: your Firefox version information, language preference, operating system, and version.

Firefox contacts Mozilla once per day to check for add-on information to check for malicious add-ons. This includes, for example: browser version, OS and version, locale, total number of requests, time of last request, time of day, IP address, and the list of add-ons you have installed.

About once per day, Firefox connects to Mozilla and provides you with new snippets, if available. Mozilla may collect how often snippets are clicked, snippet name, browser locale, and which version of Firefox you're using.

Firefox sends Mozilla a monthly request to look up your location at a country level using your IP address.

Some Mozilla sponsored snippets are interactive and allow you to optionally share your phone number or email address.

This data includes, for example: device hardware, operating system, Firefox version, add-ons (count and type), timing of browser events, rendering, session restores, length of session, interaction with search access points and use of Firefox search partner codes, how old a profile is, basic information about errors and crashes, and count of pages.

Firefox sends to this third-party information identifying the site's certificate.

About twice per hour, Firefox downloads Google's SafeBrowsing lists to help block access to sites and downloads that are malicious or forged (Google's privacy policy is at https://www.google.com/policies/privacy/).

Firefox may send metadata, including URLs associated with the downloaded file, to the SafeBrowsing service.

Usage statistics or "Telemetry" is a feature in Firefox that sends Mozilla usage, performance, and responsiveness statistics about user interface features, memory, and hardware configuration. Your IP address is also collected as a part of a standard web log.

Firefox sends to Mozilla data relating to the tiles such as number of clicks, impressions, your IP address, locale information, and tile specific data (e.g., position and size of grid).

In Firefox Beta, certain short-term Telemetry experiments (see above) for Tiles may collect information about comm

Firefox 57 is due in November, and it's the first release that's supposed to only support WebExtensions extensions. This will very likely break many existing extensions. Due to differing capabilities between the existing extension model and WebExtensions it may not even be possible to reimplement some existing extensions!

Good.

Most of the performance issues from Firefox was from making it so anyone could do anything
If you think you know how to make the perfect browser, do it yourself.

Your attitude is a perfect example of why Firefox is on its way out. If you knew anything about Firefox 57 you'd know that it could very well be the final nail in Firefox's coffin. You would not be recommending that users look forward to it!

Firefox 57 is due in November, and it's the first release that's supposed to only support WebExtensions extensions. This will very likely break many existing extensions. Due to differing capabilities between the existing extension model and WebExtensions it may not even be possible to reimplement some existing extensions!

So I think we'll see two things happen:

1) A small number of Firefox users will continue to use pre-57 versions, so they can continue to use extensions that won't be or can't be supported in Firefox 57 and beyond.

2) A much larger number of Firefox users will move to Chrome (or Chromium) and never look back. If all of their extensions use a Chrome-like model, there's no reason to use Firefox. In my experience, and that of many other people, Firefox is very slow, bloated, and memory-hungry compared to Chrome. I'm sure you'll parade some bullshit "benchmarks" showing otherwise, but these benchmarks don't correspond at all to the actual experience of using Firefox and feeling just how less responsive it is than Chrome.

Firefox's market share is already pretty pathetic. Firefox 54 has only 2.94% of the market. Firefox 55 has only 1.19%. Firefox 52 has 0.49%. The rest of Firefox's releases, including Firefox for Android, are well under 1%. Many of them are in the 0.01% to 0.05% range.

I wouldn't be at all surprised if Firefox 57 knocks Firefox down to the 1% to 2% range.

Firefox is already pretty irrelevant now that's down to about 5%. When it's down to the lowest of the low single-digit percentages, the chance of a recovery will basically become non-existent. And once the Yahoo search deal expires, it's doubtful that any other organization will want to sign a search deal with Mozilla. Why would they, if Firefox has only 1% or maybe 2% of the market at that time? Firefox's future will be even bleaker than it already is if Mozilla were to lose out on their main source of income.

You hype Firefox 57 as if it's a good thing. The evidence suggests otherwise. It shows that Firefox 57 has the potential to be the most disastrous release in Firefox's history, even worse than the early rapid-release extension breakage debacle and even worse than the Australis debacle.

Not for long. Edge's marketshare is increasing and Firefox's marketshare is decreasing.

Edge's usage is one quarter to one third of Firefox's. It's got a way to go yet.

they're doomed

Unlikely. You should try Firefox 57. It will be released to the beta channel in a week or so.

Seriously, how is this even an issue? You can get free certs and there's so countless walkthroughs on how to setup TLS for almost any server (with Mozilla's being the best imo). With ISP's consistently showing they have no respect for your content or anyone else's it's hard to justify NOT running TLS on a web server.

You all should install the Google search link fix Firefox add-on.

Anybody who claims that Firefox protects their privacy probably hasn't actually looked at Firefox's privacy policy.

Below are some excerpts from the Firefox privacy policy that is dated July 31, 2017.

Be sure to notice the type of information being collected and possibly even transmitted to third parties (including Google, some "Leanplum" company, a "mobile analytics vendor", and "certain developers"). We see terms like:

• - "IP address"
• - "browser version"
• - "operating system"
• - "locale"
• - "language preference"
• - "list of add-ons you have installed"
• - "phone number"
• - "email address"
• - "URLs associated with the downloaded file"
• - "hardware configuration"
• - "commonly visited domains"
• - "location"
• - "the active URL"
• - "Google advertising ID"
• - "personal information"
• - "key word searches"
• - "Wi-Fi networks"
• - "cell phone towers"

Here are the excerpts:

Once per day, Firefox sends the following info to Mozilla when it checks for browser updates: your Firefox version information, language preference, operating system, and version.

Firefox contacts Mozilla once per day to check for add-on information to check for malicious add-ons. This includes, for example: browser version, OS and version, locale, total number of requests, time of last request, time of day, IP address, and the list of add-ons you have installed.

About once per day, Firefox connects to Mozilla and provides you with new snippets, if available. Mozilla may collect how often snippets are clicked, snippet name, browser locale, and which version of Firefox you're using.

Firefox sends Mozilla a monthly request to look up your location at a country level using your IP address.

Some Mozilla sponsored snippets are interactive and allow you to optionally share your phone number or email address.

This data includes, for example: device hardware, operating system, Firefox version, add-ons (count and type), timing of browser events, rendering, session restores, length of session, interaction with search access points and use of Firefox search partner codes, how old a profile is, basic information about errors and crashes, and count of pages.

Firefox sends to this third-party information identifying the site's certificate.

About twice per hour, Firefox downloads Google's SafeBrowsing lists to help block access to sites and downloads that are malicious or forged (Google's privacy policy is at https://www.google.com/policies/privacy/).

Firefox may send metadata, including URLs associated with the downloaded file, to the SafeBrowsing service.

Usage statistics or "Telemetry" is a feature in Firefox that sends Mozilla usage, performance, and responsiveness statistics about user interface features, memory, and hardware configuration. Your IP address is also collected as a part of a standard web log.

Firefox sends to Mozilla data relating to the tiles such as number of clicks, impressions, your IP address, locale information, and tile specific data (e.g., position and size of grid).

In Firefox Beta, certain short-term Telemetry experiments (see above) for Tiles may collect information about commonly visited domains.

Firefox sends Mozilla a request once to look up your location at a country level using your IP address.

Firefox may send the terms you type in the Awesome Bar or Search Bar to your

Marking cleartext HTTP as "not secure" is actually the eventual plan, as I understand blog posts by Google, Mozilla, and DigiCert. First documents delivered over HTTP containing a password form was marked not secure. Then documents delivered over HTTP containing any forms. Then documents delivered over HTTP containing scripts. And finally, all documents delivered over HTTP other than from localhost.

Problem is it's not default. And without that being default, it is a vulnerability as most people don't change their default as is well known and often exploited by MS to comply with laws while effectively circumventing them. MS Office is a classic example: You can set save file defaults, to something other than MSOOXML but it is VERY hard to find the setting.

Oh, and I use Thunderbird regularly and it works very well, and have set it up in a multitude of environments. To have Thunderbird automatically interface with 3rd party products, could well be exploited in a similar fashion as email clients, interacting with a 3rd party component that is not a part of the main product.As for using Mozilla Thunderbird to schedule shared resources there IS in fact a way. But it is not user friendly as that is not a priority of Mozilla:

https://support.mozilla.org/en...

The current latest version of FireFTP won't run in PaleMoon.

https://addons.mozilla.org/en-US/firefox/addon/fireftp/versions/?page=1#version-2.0.19.1-signed

Use version 2.0.19, in the meantime ...

It turns out Stylish is now spyware, the new maintainer of Stylish made some deal with some analytics vermin called SimilarWeb.

https://www.ghacks.net/2017/01/04/major-stylish-add-on-changes-in-regards-to-privacy/

I'll be switching to Stylus, instead. An open source fork maintained on github. And already updated for FF 57 - which is good, because the web would suck even more if it wasn't possible to fix the worst of the CSS abominations perpetrated by web designers with little CSS overrides and mark them " !important;".

https://addons.mozilla.org/en-US/firefox/addon/styl-us/

https://github.com/openstyles/stylus

Stylus is also available for chromium.

uMatrix, Stylish

There's a WebExtensions version of uMatrix in the works. There's a WebExtensions fork of Stylish, so I imagine there will eventually be an official port of Stylish to WebExtensions for Firefox.

Grease Monkey too

TamperMonkey is a WebExtensions add-on similar to GreaseMonkey.

uMatrix, Stylish

There's a WebExtensions version of uMatrix in the works. There's a WebExtensions fork of Stylish, so I imagine there will eventually be an official port of Stylish to WebExtensions for Firefox.

Grease Monkey too

TamperMonkey is a WebExtensions add-on similar to GreaseMonkey.

Will the features being worked on for Tree Style Tab, in particular bug 1332447 about hiding the top tabs, be in place as of the date Firefox 57 becomes available for auto-update in the stable channel? Or will users of Firefox with Tree Style Tab have the blatant lack of polish that is two sets of tabs for a month and a half until Firefox 58?

Part of the reason of switching to webextensions is to get a massive performance boost while at the same time limiting the damage that plugins cause such as lockups and memory leaks.

At the cost of losing my data. Sometimes when reaching for Ctrl+W or Ctrl+Tab, I accidentally press the adjacent Ctrl+Q. This activates the Quit or Exit command, which closes all tabs in Firefox for Linux. When I reopen the browser and click Restore Previous Session, the tabs come back, but data entered into unsubmitted forms is lost. I haven't tried it for every site in existence, but it never restores a comment form in a Slashdot D2 page correctly.

In the old days of Jetpack extensions, the Keybinder extension was useful for disabling Ctrl+Q. But Keybinder will not be ported to WebExtensions, and the comparable WebExtension Disable Ctrl-Q and Cmd-Q doesn't work in Linux because of bug 1325692, which will not be fixed in time for Firefox 57.

Part of the reason of switching to webextensions is to get a massive performance boost while at the same time limiting the damage that plugins cause such as lockups and memory leaks.

At the cost of losing my data. Sometimes when reaching for Ctrl+W or Ctrl+Tab, I accidentally press the adjacent Ctrl+Q. This activates the Quit or Exit command, which closes all tabs in Firefox for Linux. When I reopen the browser and click Restore Previous Session, the tabs come back, but data entered into unsubmitted forms is lost. I haven't tried it for every site in existence, but it never restores a comment form in a Slashdot D2 page correctly.

In the old days of Jetpack extensions, the Keybinder extension was useful for disabling Ctrl+Q. But Keybinder will not be ported to WebExtensions, and the comparable WebExtension Disable Ctrl-Q and Cmd-Q doesn't work in Linux because of bug 1325692, which will not be fixed in time for Firefox 57.

Part of the reason of switching to webextensions is to get a massive performance boost while at the same time limiting the damage that plugins cause such as lockups and memory leaks.

At the cost of losing my data. Sometimes when reaching for Ctrl+W or Ctrl+Tab, I accidentally press the adjacent Ctrl+Q. This activates the Quit or Exit command, which closes all tabs in Firefox for Linux. When I reopen the browser and click Restore Previous Session, the tabs come back, but data entered into unsubmitted forms is lost. I haven't tried it for every site in existence, but it never restores a comment form in a Slashdot D2 page correctly.

In the old days of Jetpack extensions, the Keybinder extension was useful for disabling Ctrl+Q. But Keybinder will not be ported to WebExtensions, and the comparable WebExtension Disable Ctrl-Q and Cmd-Q doesn't work in Linux because of bug 1325692, which will not be fixed in time for Firefox 57.

I believe these are the cunts you are looking for:

https://www.mozilla.org/en-US/about/leadership/

I'm sure they'll get rid of them soon.

Nope and nope. Don't panic. Be happy.

Take a look at some of the under the hood things that have been going on: https://wiki.mozilla.org/Quant...

UI and extension changes are hard to make because they'll always upset someone, notice how long it's taken Mozilla to finally get rid of old extension APIs that was blocking development.

tree style tab extension

Tree Style Tab will work with Firefox 57.

privacy

NoScript, Ghostery, uBlock Origin, etc. work with Firefox 57. So don't worry, be happy.

tree style tab extension

Tree Style Tab will work with Firefox 57.

privacy

NoScript, Ghostery, uBlock Origin, etc. work with Firefox 57. So don't worry, be happy.

tree style tab extension

Tree Style Tab will work with Firefox 57.

privacy

NoScript, Ghostery, uBlock Origin, etc. work with Firefox 57. So don't worry, be happy.

I can just imagine that next month Chris Beard will walk into his office, close the door, remove the mask, and Emperor Palpatine will growl ... and your journey to the Dark Side will be complete.

* privacy (the amount of addons to help me with this and the mindset of mozilla foundation are unmatched elsewhere. mozilla have repeatedly demonstrated they care about privacy and openness of the interwebs. i simply don't trust chrome/chromium)

Have you ever actually looked at Firefox's privacy policy?!

Anybody who claims that Firefox protects their privacy probably hasn't actually looked at Firefox's privacy policy.

Below are some excerpts from the Firefox privacy policy that is dated July 31, 2017.

Be sure to notice the type of information being collected and possibly even transmitted to third parties (including Google, some "Leanplum" company, a "mobile analytics vendor", and "certain developers"). We see terms like:

• - "IP address"
• - "browser version"
• - "operating system"
• - "locale"
• - "language preference"
• - "list of add-ons you have installed"
• - "phone number"
• - "email address"
• - "URLs associated with the downloaded file"
• - "hardware configuration"
• - "commonly visited domains"
• - "location"
• - "the active URL"
• - "Google advertising ID"
• - "personal information"
• - "key word searches"
• - "Wi-Fi networks"
• - "cell phone towers"

Here are the excerpts:

Once per day, Firefox sends the following info to Mozilla when it checks for browser updates: your Firefox version information, language preference, operating system, and version.

Firefox contacts Mozilla once per day to check for add-on information to check for malicious add-ons. This includes, for example: browser version, OS and version, locale, total number of requests, time of last request, time of day, IP address, and the list of add-ons you have installed.

About once per day, Firefox connects to Mozilla and provides you with new snippets, if available. Mozilla may collect how often snippets are clicked, snippet name, browser locale, and which version of Firefox you're using.

Firefox sends Mozilla a monthly request to look up your location at a country level using your IP address.

Some Mozilla sponsored snippets are interactive and allow you to optionally share your phone number or email address.

This data includes, for example: device hardware, operating system, Firefox version, add-ons (count and type), timing of browser events, rendering, session restores, length of session, interaction with search access points and use of Firefox search partner codes, how old a profile is, basic information about errors and crashes, and count of pages.

Firefox sends to this third-party information identifying the site's certificate.

About twice per hour, Firefox downloads Google's SafeBrowsing lists to help block access to sites and downloads that are malicious or forged (Google's privacy policy is at https://www.google.com/policies/privacy/).

Firefox may send metadata, including URLs associated with the downloaded file, to the SafeBrowsing service.

Usage statistics or "Telemetry" is a feature in Firefox that sends Mozilla usage, performance, and responsiveness statistics about user interface features, memory, and hardware configuration. Your IP address is also collected as a part of a standard web log.

Firefox sends to Mozilla data relating to the tiles such as number of clicks, impressions, your IP address, locale information, and tile specific data (e.g., position and size of grid).

In Firefox Beta, certain short-term Telemetry

We need to identify the people responsible for these changes

I'm not 100% sure but I guess you want to have a look at

• bug #1359118 - Telemetry experiment for unified urlbar-searchbar with one-off search buttons
• bug #1359118 - [Shield] Unified URL Bar v 2 and
• QA overview and test plan for telemetry experiment 1174937

We need to identify the people responsible for these changes

I'm not 100% sure but I guess you want to have a look at

• bug #1359118 - Telemetry experiment for unified urlbar-searchbar with one-off search buttons
• bug #1359118 - [Shield] Unified URL Bar v 2 and
• QA overview and test plan for telemetry experiment 1174937

Edge is suppose to be NEW browser but from the mozilla/firefox page it is one of those none standard IE "features". https://developer.mozilla.org/...

Firefox 55 changed the on-disk format of persistent storage in profiles. Once a profile has been used with Firefox 55 (or later), it should not be used with previous versions of Firefox. IndexedDB, the (DOM) Cache API, Service Workers, and the asm.js cache will all fail to operate, generating confusing errors and causing portions of Firefox and some websites to break.

-- https://bugzilla.mozilla.org/s...

You're missing the point. This topic isn't really about specific individuals taking a vacation.

Sometimes it's like entire organizations are collectively "taking a vacation", and are oblivious to their ongoing downfall.

An example I'm thinking of is moz://a. While they had some success with Firefox about a decade ago, and this landed them some lucrative search deals with Google and then Yahoo, things have gone down hill for them since then.

Firefox has lost a lot of market share. Recent browser stats show it now has only about 4% to 5% of the market. It has 0.04% (not a typo!) of the mobile market. This puts it well behind Chrome, Safari, and UC Browser for Android. So it's quickly becoming irrelevant.

After Firefox, moz://a doesn't really have any products that see much use.

Thunderbird had a number of users, but moz://a essentially gave up on it.

SeaMonkey never had many users to begin with.

Persona was a failure, I think.

Firefox OS was a huge failure, I think. In my opinion it may be one of the biggest software debacles in history.

Bugzilla is pretty much dead.

Servo is failing. I tried a recent build of it about a week ago, and it crashed on me almost immediately. It also had a lot of rendering glitches.

Rust is failing. It had a lot of hype early on, but nothing much came of it. Contemporary new languages like Go and Swift are seeing far more adoption, and are being used for real software systems. C++17 is often a better choice than Rust, too.

Now we see moz://a venturing into idiocy like "battling information pollution", which everybody else just calls censorship.

While all of this is going on, it's like moz://a is oblivious to what's happening. It's like they don't realize that once Firefox is gone, nobody will care what they're doing or what they're working on. Firefox is literally the only thing keeping moz://a relevant, and its market share keeps on shrinking.

It's like the entire organization is "on vacation", and they're unable or unwilling to see what's happening to their organization as it gradually slides into irrelevance.

Gosh, who to believe? Some anonymous coward on Slashdot or the author of NoScript? Decisions, decisions.

I read that SeaMonkey is going to use Firefox's ESR code from https://wiki.mozilla.org/SeaMo... ... They do need help badly.

Servo doesn't even attempt to be a good experience and probably never will. That's not the point. It's a testbed and a technology preview. It is ONLY meant to be useful to developers, as it provides the framework to be able to build and test extremely experemental code apart from Firefox before that code is turned into stable components to be used in Firefox.

Everybody watching from the outside thought the plan was to make Servo a replacement for Firefox. If you've actually followed the project, you'd know that's not how it's working - Servo is nothing more than a set of scaffolding for them. Firefox won't be replaced by servo, it will be rewritten one subsystem at a time.

Oh, and by the way, as many of those pieces have been matured in Servo, they've begun to include them in firefox and it's already produced huge performance wins, most of which are only in nightly right now. Take a look at https://wiki.mozilla.org/Quant... and the presentation there, and try Nightly with the Stylo subsystem (new CSS backend) enabled and see how much faster it is :)

My list, updated from the list I posted to another story. Every add-on is marked "Legacy" in Firefox version 55.0.3 64-bits.

1. ...
2. uBlock
   Origin (Apparently the best ad-blocker for Firefox.)

...

You may want to update your list. The linked page (https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/) specifically says "Compatible with Firefox 57+"

Precisely.

The people whining the loudest are ignoring the fact that ALL THE MOST POPULAR PLUGINS ARE BEING OR AVE ALREADY BEEN PORTED.

uBlock Origin - already ported.

Stylish - has already been Chrome-compatible for years, so port is painless. Allows you to customize ANY webpage, and make it portable across browsers.

NoScript - the oldest and toughest tool of them all, but the creator is making the effort Should be ready by next year

Everything else is used by a handful of users.I mean, what the hell else is used by your average Firefox follower?

The problem is, as the OP noted, that none of the classic extensions are WebExtensions, so they're basically destroying their ecosystem overnight.

Mozilla has communicated the transition to WebExtensions for two years. It has not been a rapid or an overnight process and everyone's had plenty of notice. Add-on developers have had a long time to get involved to develop and extend the WebExtensions APIs, which is what the developer of NoScript did and he got the changes he needed to support NoScript.

Mozilla is intentionally getting rid of heavyweight themes and not providing any replacement. Mozilla has a web site listing their most popular extensions, with user counts, and Classic Theme Restorer is not in the "Most Widely Adopted" extensions list even though it has more users than other extensions in that list like Xmarks Sync. It is pretty clear that they know it exists and is popular and they don't care because XUL is too uncool for web developers.

I can't wait to see how awful the web has become. :(

While NoScript is getting ported to WebExtensions, and GreaseMonkey is trying to port to WebExtensions, other useful extensions like Self-Destructing Cookies are giving up entirely [This add-on is no longer maintained. It is incompatible with Firefox 55+ and this will never change. Also, it will not be rewritten as a WebExtension.].

The site Are we WebExtensions Yet? lists some of Firefox's most popular extensions and their porting status to WebExtensions.