Domain: mozilla.org
Stories and comments across the archive that link to mozilla.org.
Comments · 17,579
-
Re:Screw FF3...
Didn't have a clue wtf column bookmarks were. Googled it. First result: https://addons.mozilla.org/en-US/firefox/addon/3462
Add-ons, baby. The beauty of Firefox
;) -
Re:I'll upgrade when...
I never used Firefox before version 3, and the out-of-the-box "Awesome Bar" was almost bad enough to make me junk version 3 for similar reasons to previous versions (e.g., if I don't like using it, I really don't care if it is more secure).
But, now that I've tamed the "Awesome Bar", I really want to know: what is it that people are having trouble doing to make it the way they want it to be?
For me, the AB:
- only typeahead/matches on the URL
- only typeahead/matches at the beginning (i.e., I type "www." and one of my top matches is "www.newegg.com", but if I type "newegg", I get no matches)
- for matches, displays only the favicon and URL
- for the URL itself diplays the favicon, the optional security information, and the URL
Again, I've never used Firefox 1.x or 2.x, but I think this behavior is close to what those did...and even if there are minor differences, those should be fixable, too.
I do agree that it wasn't as easy as it should be to do this, as I had to add an extenstion (Hide Unvisited), change userChrome.css, and change some about:config settings.
-
Re:Not without RHEL 4 support I won't
According to this post, and as can be seen at this closed bug, you won't get the nag screen on Linux if your version of GTK is too low to support FF3 (or on Windows if you're using a version before 2000).
-
Re:I'll upgrade when...
Some websites just shouldn't be kept in the history, if you ask me...
use the Distrust addon. One click, visit sites, click again, history for just those sites erased.
-
Re:Firefox 3 doesn't run on Windows 9x
Users running on unsupported operating systems will not get the major update notice. This is checked server side, see bug 418129. The updater even checks that the updated version will be compatible for Linux users. For information on the release and the testing that is being done, read the 2.0.0.16->3.0.1 Major Update page on the Mozilla wiki.
-
Re:Firefox 3 doesn't run on Windows 9x
Users running on unsupported operating systems will not get the major update notice. This is checked server side, see bug 418129. The updater even checks that the updated version will be compatible for Linux users. For information on the release and the testing that is being done, read the 2.0.0.16->3.0.1 Major Update page on the Mozilla wiki.
-
Re:Firefox 3 doesn't run on Windows 9x
Users running on unsupported operating systems will not get the major update notice. This is checked server side, see bug 418129. The updater even checks that the updated version will be compatible for Linux users. For information on the release and the testing that is being done, read the 2.0.0.16->3.0.1 Major Update page on the Mozilla wiki.
-
Re:my 2 bob.
Mozilla's policy is set and publicly available at http://www.mozilla.org/projects/security/certs/policy/ there would not be an exception for just CAcert. The policy would need to be amended.
-
Re:What happened to CA Cert?
See my comment on one of the other CA Cert threads. Short story is that CA Cert will file a bug when they can meet the rules at http://www.mozilla.org/projects/security/certs/policy/
-
Re:Worth it.
I must not be awesome; I use the Old Location Bar.
-
Re:Another Solution to Self Signing?
CAcert has not asked for inclusion. Bug 215243 was opened by a Mozilla/CAcert user. The bug is currently closed as Invalid because CAcert will open a new bug when they are capable of meeting Mozilla's Certificate policy.
Comment 158 by Ian Grigg he is/was the auditor for CAcert "...In the meantime, there is no point in pressuring Mozilla on the issue. Better if you wish to help, join CAcert as a user and contribute on their large task list."
Comment 165 by Nicholas E. Bebout "Marking as VERIFIED, with the understanding that we (CAcert, I'm a CAcert, Inc. member) will open a new bug when the audit is done. "
-
Re:Another Solution to Self Signing?
CAcert has not asked for inclusion. Bug 215243 was opened by a Mozilla/CAcert user. The bug is currently closed as Invalid because CAcert will open a new bug when they are capable of meeting Mozilla's Certificate policy.
Comment 158 by Ian Grigg he is/was the auditor for CAcert "...In the meantime, there is no point in pressuring Mozilla on the issue. Better if you wish to help, join CAcert as a user and contribute on their large task list."
Comment 165 by Nicholas E. Bebout "Marking as VERIFIED, with the understanding that we (CAcert, I'm a CAcert, Inc. member) will open a new bug when the audit is done. "
-
Re:Another Solution to Self Signing?
CAcert has not asked for inclusion. Bug 215243 was opened by a Mozilla/CAcert user. The bug is currently closed as Invalid because CAcert will open a new bug when they are capable of meeting Mozilla's Certificate policy.
Comment 158 by Ian Grigg he is/was the auditor for CAcert "...In the meantime, there is no point in pressuring Mozilla on the issue. Better if you wish to help, join CAcert as a user and contribute on their large task list."
Comment 165 by Nicholas E. Bebout "Marking as VERIFIED, with the understanding that we (CAcert, I'm a CAcert, Inc. member) will open a new bug when the audit is done. "
-
Re:Another Solution to Self Signing?
CAcert has not asked for inclusion. Bug 215243 was opened by a Mozilla/CAcert user. The bug is currently closed as Invalid because CAcert will open a new bug when they are capable of meeting Mozilla's Certificate policy.
Comment 158 by Ian Grigg he is/was the auditor for CAcert "...In the meantime, there is no point in pressuring Mozilla on the issue. Better if you wish to help, join CAcert as a user and contribute on their large task list."
Comment 165 by Nicholas E. Bebout "Marking as VERIFIED, with the understanding that we (CAcert, I'm a CAcert, Inc. member) will open a new bug when the audit is done. "
-
Re:No Excuses
Actually it's CACert who could help this situation by working with Mozilla to have their CA included by default. That story has been dragging on for years with no end in sight.
-
Re:xpi
They have. It's called MitM Me, for users who want to become victims of man-in-the-middle attacks. It's probably not a good idea to use it.
-
Re:Got it wrong
-
Re:Got it wrong
Now do the same thing in DOM. Can Javascript tell which text is selected? No. Can it set the text color, size, or font? No. (There is such a thing as a rich-text textarea, with those options, but DOM API has virtually no access to any of it.) It's simply ridiculous how incomplete DOM is, and that's where your true problems lie.
That's what DOM Range and DOM Selection are for. These are implemented by Gecko, Opera and Safari. IE has an alternative implementation that can do pretty much the same thing. Also, there's the document.execCommand() method for modifying rich text areas if you don't wanna write your own custom logic for making bold text or converting paragraphs to lists. There's no concrete standard on execCommand() yet but all popular browsers support it with a common set of commands.
If you say rich text editing in JavaScript is hard and can use much room for improvement, then I'd agree with you. But saying that such functionality does not exist, is wrong. There's enough misinformation everywhere about JavaScript as it is. -
Re:Got it wrong
https://bugzilla.mozilla.org/show_bug.cgi?id=437152 - implement worker threads
-
Re:No scripting language is going to solve
There are a lot of things you can do with plain Javascript, but we still need Flash
So wrong, it's not even funny.
- How can you rotate an image with Javascript?
You call "rotate" on the canvas context before drawing the image to the screen.
- How can you draw a diagonal line with Javascript?
lineTo(<coords>)
- How can you access the webcam and microphone from Javascript?
You don't. Hopefully not in Flash or Javascript. (Just because the APIs exist in Flash doesn't make them a good idea.) There's some discussion going on over at WHATWG about adding support. I hope it doesn't get very far...
I recommend you start your research into modern browsers (read: NOT Internet Exploder) here. Then nip over to WHATWG.org and read the current specs for modern browsers.
-
Re:Got it wrong
Start at the source:
http://developer.mozilla.org/en/Core_JavaScript_1.5_Guide
That document may be nearly 15 years old (plus/minus revisions along the way), but it's still the definitive method of learning Javascript.
For those who actually take the time to read it, that is.
Good luck!
:-) -
Er... have they heard of Stealther?
How can they seriously apply for a patent for something that's been around for at least three years? Maybe they actually have a novel implementation of the concept but I kind of doubt that.
-
Re:Look to the beam in your own eye
As far as Firefox flaws go, the policy seems to be to just ignore them if they're considered "unimportant". Coding exciting new features is more fun than fixing irritating bugs. I offer as evidence this example. First reported in 2000...
-
Re:Exactly backwards
It's called IETab
Seriously, the last thing we need is such a plugin.
It will encourage web developers to make more broken IE-only sites, because hey, "it works in Firefox!".
Either (works by default) if the browser includes the plugin, OR.. broken sites will demand you enable plugin, and their volume will massively multiply, once both IE and Firefox (the most popular browsers) all support the broken sites.
-
Spill the beans?
I've been reading about this for months. Its not exactly top secret.
-
Re:Flash
1. Embedded video could be protected, but the level of protection is minimum, Flash does this well.
DRM cannot work. Ever. Example:
(try to Trace Youtube's videos)
That's so easy it's automatic by now.
This prevents or makes it harder
Well, not really. See above.
"Making it harder" is only a guarantee that someone will turn it into a script of some sort -- an extension, a Greasemonkey script, whatever.
2. Potential revenue generator. Embeded video does not have a way to have Advertisements in it
Yes it does.
Flash allows you to natively feed in Links, Descriptions and Advertisements in a creative way.
Which, again, can be done with the video.
The difference is, you would put this in the surrounding HTML and Javascript, not in the flash widget itself.
I think we should use HTML as what it was intended for
And what would that be?
-
FF Plugin for this
I have been using SSL for my GMail connections for quite awhile thanks to the Better GMail FF extension.
-
Re:The demo is a streaming video ?!?
Yay ! Wonderful low-bandwidth youtube streaming video in all its glorious crap-quality !
The best way to show technical demos about photo-realism !Can't really help much with the quality (adding '&fmt=18' makes it about the best it can be) but using the Video DownloadHelper extension for Firefox allows you to download YouTube videos rather than just streaming them.
Additional tip: When using Video DownloadHelper on YouTube, several download options will be presented to you. You want the one labelled 'video.mp4' (just rename it to whatever you want when downloading it), that's the high quality video. The FLVs are all standard quality for some reason.
-
Firefox Extension also provides HTTPS
The Firefox extension Better Gmail also has the option of forcing all gmail connections to use https. I'm not sure if it completely protects against attacks like this, but it would be interesting to see once the tool is released.
-
I ask myself the same question
I've noticed, at least since I switched from Firefox 2 to Firefox 3, that when Adobe Flash Player 9 ( or 10 ) is installed the browser exhibits sporadic lockups and crashes when navigating the Web -- not just when viewing Flash video or a site that makes heavy use of Flash, although that does seem to increase the odds of the browser eating itself.
After the release of Firefox 3.0 I opted to install Adobe Flash Player 10 Beta. The performance was much better as was the video quality and I didn't experience as many crashes. This all changed when Adobe updated the Beta and the details can be found in the bug report that I filed here. To summarize, after the update, Flash Player 10 would cause the browser to segfault and lockup so frequently, sometimes even upon startup, that the browser became unusable -- I had to downgrade to Flash Player 9. Currently there is someone from Adobe assigned to work on the "problem" whatever it is, but I haven't heard anything in weeks.
jdb2 -
Some software that you should look at
http://www.gnupg.org/ - The GNU Privacy Guard
http://getfiregpg.org/ - FireGPG, "encrypt, decrypt, sign or verify the signature of text in any web page using GnuPG" (untested by me).
https://addons.mozilla.org/en-US/firefox/addon/3424 - another Firefox extension, also untested.
https://addons.mozilla.org/en-US/firefox/addon/3208 - another one that may be useful (untested).http://www.gpg4win.org/ - something for MS Windows
Remember folks, even if you aren't in the UK, this still affects you! If you communicate with people in the UK, if you have email based in the UK (I have a Yahoo.co.uk email address, in addition to my 50 other email addresses...), etc.
...It is as simple as installing Firefox, installing GNUPG, and installing that extension that lets you encrypt text fields when you are emailing...
And don't forget TrueCrypt http://truecrypt.org/ though it isn't strictly relevant in this case, it is always relevant.
-
Some software that you should look at
http://www.gnupg.org/ - The GNU Privacy Guard
http://getfiregpg.org/ - FireGPG, "encrypt, decrypt, sign or verify the signature of text in any web page using GnuPG" (untested by me).
https://addons.mozilla.org/en-US/firefox/addon/3424 - another Firefox extension, also untested.
https://addons.mozilla.org/en-US/firefox/addon/3208 - another one that may be useful (untested).http://www.gpg4win.org/ - something for MS Windows
Remember folks, even if you aren't in the UK, this still affects you! If you communicate with people in the UK, if you have email based in the UK (I have a Yahoo.co.uk email address, in addition to my 50 other email addresses...), etc.
...It is as simple as installing Firefox, installing GNUPG, and installing that extension that lets you encrypt text fields when you are emailing...
And don't forget TrueCrypt http://truecrypt.org/ though it isn't strictly relevant in this case, it is always relevant.
-
Re:Okay
If you're on Firefox there's an extension called Controle de Scripts (and another called Javascript Options) that will prevent that. I know it doesn't address the matter of principle and the webmaster should certainly be strung up for what he did. But at least, with these extensions, when the world looks up and shouts "Resize your browser," you can whisper "no."
-
Re:Okay
If you're on Firefox there's an extension called Controle de Scripts (and another called Javascript Options) that will prevent that. I know it doesn't address the matter of principle and the webmaster should certainly be strung up for what he did. But at least, with these extensions, when the world looks up and shouts "Resize your browser," you can whisper "no."
-
Re:And Doubleclick doesn't need DPI either...
That breaks some sites -- no I don't particularly want to debate how retarded relying on any user supplied info is.
Just use Firefox with RefControl set to "forge" (send the root of the site as the referrer).See my other comment for more privacy/security add-ons.
-
ESSENTIAL ADD-ONS
Like others have said, CookieSafe and CS Lite are like NoScript for cookies with the option to allow cookies for a specific site: permanently, for each session or once-off.
I currently use the above extensions as well as Adblock, Filterset.G and RefControl. The latter set to "forge" (send the root of the site as the referrer).
I consider these the essential privacy/security add-ons for Firefox. I'm interested if anyone has any others to add to the list.
-
ESSENTIAL ADD-ONS
Like others have said, CookieSafe and CS Lite are like NoScript for cookies with the option to allow cookies for a specific site: permanently, for each session or once-off.
I currently use the above extensions as well as Adblock, Filterset.G and RefControl. The latter set to "forge" (send the root of the site as the referrer).
I consider these the essential privacy/security add-ons for Firefox. I'm interested if anyone has any others to add to the list.
-
ESSENTIAL ADD-ONS
Like others have said, CookieSafe and CS Lite are like NoScript for cookies with the option to allow cookies for a specific site: permanently, for each session or once-off.
I currently use the above extensions as well as Adblock, Filterset.G and RefControl. The latter set to "forge" (send the root of the site as the referrer).
I consider these the essential privacy/security add-ons for Firefox. I'm interested if anyone has any others to add to the list.
-
ESSENTIAL ADD-ONS
Like others have said, CookieSafe and CS Lite are like NoScript for cookies with the option to allow cookies for a specific site: permanently, for each session or once-off.
I currently use the above extensions as well as Adblock, Filterset.G and RefControl. The latter set to "forge" (send the root of the site as the referrer).
I consider these the essential privacy/security add-ons for Firefox. I'm interested if anyone has any others to add to the list.
-
ESSENTIAL ADD-ONS
Like others have said, CookieSafe and CS Lite are like NoScript for cookies with the option to allow cookies for a specific site: permanently, for each session or once-off.
I currently use the above extensions as well as Adblock, Filterset.G and RefControl. The latter set to "forge" (send the root of the site as the referrer).
I consider these the essential privacy/security add-ons for Firefox. I'm interested if anyone has any others to add to the list.
-
ESSENTIAL ADD-ONS
Like others have said, CookieSafe and CS Lite are like NoScript for cookies with the option to allow cookies for a specific site: permanently, for each session or once-off.
I currently use the above extensions as well as Adblock, Filterset.G and RefControl. The latter set to "forge" (send the root of the site as the referrer).
I consider these the essential privacy/security add-ons for Firefox. I'm interested if anyone has any others to add to the list.
-
Re: Opt out if you're worried
or you could run Firefox with AdBlock Plus, NoScript, and FlashBlock for a more comprehensive solution with a good user interface experience to boot. You might also want to add Customize Google for some extra Google specific functionality.
-
Re: Opt out if you're worried
or you could run Firefox with AdBlock Plus, NoScript, and FlashBlock for a more comprehensive solution with a good user interface experience to boot. You might also want to add Customize Google for some extra Google specific functionality.
-
Re: Opt out if you're worried
or you could run Firefox with AdBlock Plus, NoScript, and FlashBlock for a more comprehensive solution with a good user interface experience to boot. You might also want to add Customize Google for some extra Google specific functionality.
-
Re: Opt out if you're worried
or you could run Firefox with AdBlock Plus, NoScript, and FlashBlock for a more comprehensive solution with a good user interface experience to boot. You might also want to add Customize Google for some extra Google specific functionality.
-
Re:Solution: Options
-
Re:Problem:
For mozilla use a plugin called "NoScript" in conjunction with "AdBlock".
NoScript: https://addons.mozilla.org/en-US/firefox/addon/722
AdBlock: https://addons.mozilla.org/en-US/firefox/addon/1865While painful at first, NoScript is a default deny system that only runs scripts from domains you authorize. AdBlock simply doesn't send requests for files in it's list of advertising servers. You just click "options" button and allow from bottom of list only if something isn't working
:PIf you are running IE, you are on your own. NoScript alone will do the job, but if you want to explicitly override NoScript for scripts and still block the ads, it's a nice little safety net. Default-deny for the win.
-AC
-
Re:Problem:
For mozilla use a plugin called "NoScript" in conjunction with "AdBlock".
NoScript: https://addons.mozilla.org/en-US/firefox/addon/722
AdBlock: https://addons.mozilla.org/en-US/firefox/addon/1865While painful at first, NoScript is a default deny system that only runs scripts from domains you authorize. AdBlock simply doesn't send requests for files in it's list of advertising servers. You just click "options" button and allow from bottom of list only if something isn't working
:PIf you are running IE, you are on your own. NoScript alone will do the job, but if you want to explicitly override NoScript for scripts and still block the ads, it's a nice little safety net. Default-deny for the win.
-AC
-
Re:Solution: about:config, not Options
The developers of Firefox removed the option to disable third party cookies in Firefox 2.0 and later, stating the reason that it was not possible to block all third party cookies with this function.
There are basically two options to disable third party cookies in Firefox 2 versions.
The first would be to disable it manually by opening about:config from the address bar. Search for network.cookie.cookieBehavior and take a look a the value. If it is set to 0 you accept all cookies, 1 means you only accept cookies from the same server, 2 means you disable all cookies. Setting it to 1 has the same effect that the option in the old firefox browsers had: it disables third party cookies.
You could install an add-on as well that blocks third party cookies. One of the many extensions that does that is called CookieSafe. This one makes it possible to disable all cookies and allow them only for specific sites (whitelist). -
Use CS Lite if you're using Firefox
This will let you block all those types of cookies, and as well give you MUCH better cookie management in Firefox. It lets you just deny cookies globally and just enable them for sites you want, without being a total pain in the ass
Combine that with Adblock Plus, with the tracking filters, and you can get past all this tracking stuff without having to use no-script, which considering how javascript heavy most sites are today, is like swatting a fly with a sledgehammer