Slashdot Mirror
DHTML Bug Found in Mozilla 1.2
joyoflinux writes "The people at Mozilla have announced that Mozilla 1.2 contained a bug that caused sites that use DHTML to fail (more on the front page). They have pulled 1.2 from the releases page, pending a 1.2.1 release."
I dont think that IE 6 SP1 will fix Mozilla.
All in all, bug for bug, line by line, even accounting for the massive differences in complexity (mozilla is by far a more complex project that IE ever wanted to be), I'd have to say that Mozilla has less show-stopping bugs and fewer exploits than IE.
Like what I said? You might like my music
They retract a release because of this?
I've been waiting for ages for a fix to e.g. this bug which renders Mozilla useless for quite a bunch of purposes. Still I wouldn't see a reason to retract the releases containing bugs like that, unless we're talking about serious security holes.
Help savingAmigaOS and a free PowerPC market
hardly...
Have you seen the latest IE exploits? I'd much rather just have a page not work.
It's funny though that this will be patched a helluva lot faster than most any Microsoft patches are released after the bugs are discovered.
from the mozilla FAQ: "Mozilla 1.0 is a fully functional technology demo for those interested in seeing what can be done with Mozilla technology, and those who want to create Mozilla-based products and packages. The intended target audience is the development community. " so, it's not really a product. but a great 'demo' imho. if you want to use the 'commercial' suite, use netscape.
The best cure for insomnia is realizing that it is already time to get up. EsteEncanto.com - Blog on technology, urban
That will fix it
Perhaps a lobotomy will fix you...
why run from Vincenzo?
amazingly, i actually got the 5th ...
is it possible to be more lame?
umm...don't forget check the "anonymously"
la la la
That is all.
I know MSIE have exploits. Can't you just click the "Windows Update" button from the Start Menu, and when a new window prompts you for security verification, check the box "Always trust content from Microsoft Corporation" before you click the OK button, and then reboot. That should solve it.
With Linux/BSD/whatever, especially on Gentoo you need to recompile it from some source, and thus it reduces productivity.
Yeehaa for Windows!
that thing was funny once.
The best cure for insomnia is realizing that it is already time to get up. EsteEncanto.com - Blog on technology, urban
Perhaps a lobotomy will fix you...
That's your assumption, I'm not responsible for your assumption. Mozilla should be fixed from bugs like this. Admit it! There's an error in Mozilla that needs to be fixed! Rather than redownloading it again and again and having to recompile it on your system (some nerds do this), just install Windows and click "Windows Update".
It's *that* easy!
A bug in mozilla??? No way, you've got to be jokeing!!!
Seriously though, although Mozilla has it's faults, (this being a prime example). It is still the cutting edge of browser technology. I mean, theres one feature that wins over every person I've recommended Mozilla to: the ability to stop pop ups from apearing. ALthough Mozilla is still rough around the edges, it is still my browser of choice.
"Entropy is the bad-guy, and he is everywhere"
Thats true and it is actually very useful but...
The latest exploit can be replaced with the old one and you are vulnerable all over again. If thats not enough for a callback I don't know what is. They're leavin the users hangin (once again).
and in a MS product it would have been called a minor rendering problem or something equally undescriptive.
go figure. Closed source zealots are always ready to jump at the announce of a "major" oss bug -_-
The best cure for insomnia is realizing that it is already time to get up. EsteEncanto.com - Blog on technology, urban
Finding Bugs like this is proof that Mozilla is well on the way to becoming the world's best browser. With open source and lots of people contributing, bugs are found and elliminated quickly.
Microsoft IE on the other hand, bugs take time to find and even more time to repair due to the slow reaction of a large organization. This is probably why we hear so much about Mozilla bugs, they're far easier to uncover than bugs in IE or other browser.
PErsonally, I think Mozilla users should concider this a Good Thing, it means that your browser of choice is getting better!
"Entropy is the bad-guy, and he is everywhere"
IMHO documents that completely rely on ECMAScript are inherently broken anyway.
The world in an OSS zealot's View:
IE bugs: "What a crappy browser!"
Mozilla bugs: "This is proof Mozilla rules!"
They would never admit this was a bug.
Sure it is.
If this were an IE bug, you'd never hear the end of it.
It's bad that this bug wasn't caught before the release - you'd think someone would have tried out a few DHTML sites, though I don't know the details. But at least it's not a security flaw, which we can be thankful for. That's what the last couple of IE bugs have been.
What I'd like to know (and this is NOT meant as a flame any way, I love mozilla), is HOW exactly do big bugs like this get into final releases? I mean, the 1.2 release was more than a month behind what was scheduled on the roadmap, and yet it still ends up with this in it? Is it just the number of people who don't bother with nightlies or reporting bugs? I would think there would be enough people using the nightlies to find fairly significant bugs like this. Perhaps the fine mozilla people need to add a "gamma" release after "alpha" and "beta" but before "final"? Have the gamma and final be seperated by one week, and ONLY incorporate bugfixes which don't affect major parts of the code? I don't quite know what the answer is, but it seems something should be done. All in all though, great browser.
IT does? Coulda fooled me, maybe I'm an idiot (quite likely actually) but I just spent a while looking throught all of the IE options (I use win2k, I don't know which version of IE that would give me) and I wasn't able to find anything to turn pop ups off... tell you what, let me know how to do it, and perhaps I'll stop using mozilla. And no RTFM bullshit either, after all... I am lazy.
"Entropy is the bad-guy, and he is everywhere"
Either you're a very convincing troll or extremely stupid.
I'll take my Gentoo any day over Microsoft's "Give me root access to your computer" EULAs any day. And I would take it even if all I could use was a command line and type monologues for fun.
Why? I like to maximize my monitor area. I like getting rid off as many menus, sliders, borders, etc. All tabbed browsing does is put more non-page crap on the screen. Gimme full screen windows, each on their separate page. I have a big monitor, I want to use it!
umm...
Its not a security problem!
jeez
I use mozilla all the time, and I'd be more interested in them fixing the bug in mozilla that causes it close when doing searches on ebay.
I constantly have to open another browser, in order to use ebay.
Anyone else have this problem?
So what if Mozilla makes ONE buggy release? It'll get corrected, cause it's open source.
M$ always makes buggy releases and never gets them corrected. I don't see a post on slashdot about the newest IE exploit/bug/etc.
I hope windows don't crash when I hit the submit button.
So today I downloaded 1.2. This is quite upsetting.
Anyway, in order to save Bugzilla the crush, I'm pasting the bug report (#182500) here. It seems that the main issues are broken user-defined XML tags, broken document.write(), and checkins to the 1.2 branch missing in the release.
[Emphasis mine.]TO BUY A NEW CAR WOULD MAKE YOU SEXUALLY ATTRACTIVE.
Maybe using the Mozilla ActiveX control will do it, I don't know.
Like what I said? You might like my music
What the hell is the mozilla activex control? It sounds like an attempt to turn IE into a real browser, but there are limits to how shiny you can make shit by polishing it.
What ever happened to Opera?
...when I do an image search on Google, I get less results when using Mozilla as opposed to using IE5 (using the same exact search terms)? I'm not trying to start something, just something I noticed and wondered if I had a setting wrong on Mozilla or something.
I think the basic problem is that 1.0.1 and 1.1 works so well that few people bothered to test the 1.2 alpha and beta. Hence serious bugs showing up in the release.
SEE SUBJECT
Here
Like what I said? You might like my music
It's only a surface wound. Really, I'm alright, I just need a bandaid...
Should invading one's peaceful neighbours be opposed, or rewarded with trade deals?
Eejit. That link wasn't even offensive. Just plain ordinary pr0n with a pretty girl. It was a (Score: -1, failed troll, offtopic).
No, if this were an IE bug, sites would have been designed around it in the first place and no one would ever notice except for the web designers.
main(c,r){for(r=32;r;) printf(++c>31?c=!r--,"\n":c<r?" ":~c&r?" `":" #");}
and the recursion see recursion definition is still funny? man, that joke is old and it wants to retire
and in other news: this is what IBM, Microsoft, Lotus, Oracle, etc. etc. find through testing every day. They find some, they miss some. Somebody found one in Mozilla. Why is this news?
This was a pretty major(ish) bug (though not security related, like the majority of IE's) that they found in a major release. In short, the Mozilla crew, programming gurus though they may be, screwed up.
They don't make excuses. They've pulled the browser and are working on an update. Please don't make excuses for them.
Mozilla is 100% fine as a browser for end users.
I guess this is a kind of disclainmer saying:
Don't expect any official support.
it's not open source. End of story.
Why is a bug in IE news?
People will pass up steak once a week, for crap every day.
Meanwhile, Mozilla users need only wait a couple weeks, if that, for their fix.
People will pass up steak once a week, for crap every day.
proof that Mozilla is well on the way to becoming the world's best browser
The points about spin have already been covered, so can I ask how many banking sites you have tried to use recently?
Just spent half an hour trying (unsuccessfully) to persuade Mozilla not to reduce all the pages on a French government site to 4 point text (why would this be a feature for anyone unless your name is Stuart Little?).
Most of my regular customers have learned how to do ctrl-alt-esc just to kill zombie Mozilla windows. The Mozilla-on-remote-X bug is so longstanding that there is now a lobbying campaign to get it fixed...
So, yes, it's a great bit of software, but it would be more useful if it worked with more than half of the Internet, or if it worked over a network.
Virtually serving coffee
Is it just me, or have there have been an awful lot of "Just switch to Windows so you can use Windows Update! It's so easy to upgrade!" and "Upgrading Windows is easy! You just have to download the latest service pack!" posts lately? Methinks Microsoft is planting people (again).
Nevermind that Mozilla took a whopping 3 minutes to install once I had downloaded it, and required nothing more from me than to make a new directory and unpack the tarball. I kept waiting for the part where it would be hard to install (all the Windows fanboys keep telling me installing anything on Linux is next to impossible), but it never came. Too bad about the DHTML bug, though.
As Mozilla issues go, this has got to be one of the more annoying ones, but apparently nobody wants to actively work on it. "Composer" is actually not a bad WYSIWYG html editor at all - it has alot of potential. But as long as it strips / corrupts PHP and other scripting code, it will never be very useful to anyone doing anything beyond the most trivial of web pages.
The Mozilla-dev folks need to wake up and realize that just about any web designer these days is using some degree of scripting.. Composer needs to at the very least ignore (and not corrupt) scripting blocks. Composer is quite an excellent html editor generally, but as long as it continues to act brain-damaged in regards to any unknown blocks it encounters, it is not going to be truly useful for anybody other than your Great Aunt Emma working on her Geocities homepage.
Right now, if you need PHP and still want to do your page design in Composer, you have only two options: (1) Every time you tweak the page in Composer, insert all your PHP by hand, or (2) Put your own "#PHPBlock1" tags in the html and have a script replace it with the neccessary PHP code later. Having to do either is annoying. Composer simply shouldn't mangle PHP blocks at all.
I'm pretty sure there's another outstanding bug regarding the fact that Composer cannot save 'fragments' - if you're merely designing a table or template to be generated via PHP, there is no way to have Mozilla save it as a fragment, without header tags etc. A bit of a nitpick, but really, how much effort would it take to code in a "Save as fragment" option?
Mozilla is quite an impressive accomplishment for open source, I really do think Mozilla smokes IE hands down these days.. but these Composer bugs should have been fixed long ago - not enough people care about this aspect of Mozilla. A little bit of work here could go a long ways towards undercutting commercial HTML editors in a big way.
To follow links in this message you will need to copy and then paste them in the HTML bar since Bugzilla won't let /.ers through directly.
Usually I'm delighted to hear when Mozilla releases a new browser as, up until recently, Mozilla was my browser of choice. But when I heard about the Mozilla 1.2 release I was just disappointed.
The Mozilla team had been alerted to major bugs which only recently appeared in the browser like this one and some of these (the latter link also has the comment in which a few poeple suggest Mozilla 1.2 should be unreleased) and yet still the team proceeded with this release. I'm not pretending that it's everyone's experience, but certainly as far as my own experience, Mozilla 1.2 is the first Mozilla browser to step further backwards than forwards - and I know I'm not the only one who thinks that. IMHO, it's a shame that such a great browser which was really beginning to show its potential had to make such a disappointing release. And for all that, I have to wonder what were the critical changes that led to all the aforementioned bugs (the implementation of type ahead searching!?!).
It's too late for me, I've stopped using Mozilla on my Mac (still using the Gecko-based Chimera though) and have halted upgrades of it on my PC, so I guess all there is to say is better luck next time and hopefully we'll be fortunate enough to never see a release as bad as this one ever again.
Again the fix is on the way even before I noticed the bug.
I just love open source software.
Maybe, this is the time for you to stop posting again and again about Microsoft ads on Slashdot? It was funny only for the first time. I'm tired of trolls like you in pursuit of easy karma. My moderation will be appropriate, whether you have seen the fucking ad or not.
My exception safety is -fno-exceptions.
However, without more details as to what kinds of DHTML is broken by Mozilla one cannot tell if this is an obvious scenario that should have been regression tested (does work?) or an edge case.
No, it does not. Neither does 5.x. More precisely they do not permit you to disable popups without disabling javascript completely. Don't know about 6.x as it is not installed on any of our 1200+ nt4 and w2k boxes (compatability problems with several internal IIS sites; go figure).
Btw, Mozilla use in this org is growing. Reasons I hear include:
1. ability to disable popups without the 3rd party app required to do so on IE 5.50,
2. *major* speed increase compared to IE,
3. doesn't hang nearly as often as IE (never on me vs 4+ times daily for IE),
4. tabbed browsing,
5. miscellany others (themes, "more netscape-like", "more opera-like", more control via preferences, etc)
Worth noting that many try it at home first because of reason #1 then also install and use it at work primarily because of reasone #2. Or so they tell me.
Scuse me? While I don't stand on defense of MS or IE, nor I haven't tried to open it with IE/Win9x, I can see the page is not simple.
The page has 100 drop-down menus, each of them has 1000 entries! ... and the whole page is 2+ MB of html. Phoenix eat up quite some of CPU time (and RAM) on my machine. This is caused, I guess, by the render-as-you-download feature both of gecko and IE6 ...
$ apt-get upgrade
Mozilla upgraded. What's the problem?
If you really wanted you could add it to the menus and call it "Linux Update".
I use apt-get for RPMs http://freshrpms.net/apt/
Using a basic RedHat installation, you can use up2date as soon as RedHat provide the next version. Or just download and rpm -Uvh the RPMs directly from mozilla.
Maybe more difficult if you have trouble using a keyboard, but you get the option to use NutScrape, Opera, Lynx, or many other browsers if you prefer.
An important reason to use Mozilla is security. An important concern for anyone trying eCommerce on the web is security. eCommerce web sites often use cookies and they should use https.
The bug is reported in Bugzilla but it appears that some people can circumvent this with script preferences. Regrettably I can't. See also the slashdot thread from the original 1.2 announcement here.
I have kept my 1.1 installation under Linux and still have IE under Win 2K.
See my journal, I write things there
Maybe they should start releasing SPs!
-=-=-=-=
I know life isn't fair, but why can't it ever be un-fair in MY favor!?
kde==lemonparty.org.
That is all.
I'm glad I'm not the only who found a bug on a couple of sites that use DHTML. Other than that 1.2 seemed to be very nice to use. -Pat
73 KC2BQZ
On an on-topic note, I'm surprised that: A) this is considered a serious bug--who actually uses DHTML? and B) they're "recalling" the release, as it were. Tainted Mozilla meat.
Slightly off-topic, I finally switched for good to Mozilla, from IE. Even up until 1.1 final, there were at least five nagging bugs that made me use IE instead. I've been using 1.2 final for a few days now, and it's been rock solid. Getting popup windows in IE was driving me nuts.
Even more off-topic, I should probably try to switch to Linux for good, at least for work. I can't see Linux playing DVDs well (a la WinDVD) or having a wide selection of games any time soon.
now that the ill eagle kingdumb, has gone into "partnership" with yOUR US fuderal gov't., & the head billybuksucker over at the EU
yikes!@#$% go ahead & make lite of/ignore the hobbyist dogooders, if you will, but don't come crying to US when there's only one channel.
despite all this impending doom&gloom(tm), you can only imagine how excited we are at being listed as one of the "Top 10 Companies of 2002"(tm) , on the kingdumb's search thingy. good gnus is hard to hide sometimes.
wake up J..
Didn't Microsoft just inform us to not trust their content? There was a /. story a few days back...
cvs up -r MOZILLA_1_2_BRANCH mozilla/client.mk
cd mozilla/
gmake -f client.mk
Of course, that source is apt to change and is not necessarily the final 1.2.1 release, blah blah blah...
not only are we going to need browsers that aren't hooked into fud.controll, what about the great state of MA?
will they be forced to secede from the perfect union, buy order of the softwar gangsters of the felonious evile kingdumb? stay tuned......
Is it not enough reason that this is a bug? We should stop release for all bugs! But seriously....
A big reason is that DHTML is pretty much just a way of saying the W3C DOM and a few DOM Level 0 (no spec) APIs. This bug effectively cripples our standards support and I would definitely call that serious.
On top of that, with every release, there is a chance that some embeddor will want to base their product off of it. Embeddors generally like DHTML, and this would be a show stopper for them.
It's really sad to see advocates of Windows/Microsoft jumping on every bug in OSS. Surely, we [OSS developers, users, lovers] criticize the downsides of commercial, closed-source software - but we don't go party, if there is a bug announced and say "ha ha, you aren't any better than we".
Surely we are all human and we make mistakes - commercial programmers do and those who do it in their spare time. I don't like closed-source either, but that is, because I can't go edit the source if theres something strange going on and maybe aid the developer hunting that down.
OSS is about something totally different, that is, _contribution_, fun and a good feeling to help others.
Most of us aren't elitists who cry "foul", when someone is actually using Windows, be it to play a game or use Excel (imho the only good programm of MS). But we don't hesitate to explain users when they are expiriencing the typical down-sides how this would be totally different with Linux/....
I have contributed to mplayer (that DVD-key-caching-patch) and it's a wonderful feeling to know that you made the life of other users as well better and easier. A friend of mine did the "devfs" support - and it's a great feeling knowing all you around the world enjoy this.
this is considered a serious bug--who actually uses DHTML?
I'll give your troll a C. I'm sorry, but this is just too ridiculous to even be considered close to anything resembling intelligent thought. If you're going to troll, try to at least use some fact next time. But, the effort was there (more than a one line troll), which is why you didn't fail altogether. Work on your trolls and please try again.
Call me nuts, but I'd rather have an actual working product that *may* have a security bug that happens if you happen to go to one of three web pages on the entire Net. DHTML working is very, very basic. No, actually, in this day and age, DHTML is essential. That's like releasing Apache and saying "ooops, sorry, serving web pages through port 80 isn't working. Minor bug. We'll re-release." You can't have a security problem until you at least have a working product.
one bug for something thats always use incorrectly. The most I've seen DHTML used for is those stupid adds that move across your screen or those menus that automatically hide when your mouse isn't over them. Now watch how fast this will be fixed compared to a bug in MS Explorer its a blink of your eye, a twirl of your magic wand, a snap of your fingures, well your get the picture.
Can't you just hit a couple keys and flip to a user-specified stylesheet to undo bad formatting?
Oh wait! That's Opera.
Seriously useful feature that, for de-uglifying sites. Some sites get a bit harder to navigate (because the layout gets weird).. but it brings in an nice common denominator.
But I was using Moz1.2 since release without noticing any problems, so it's not the end of the world.
You can't have a security problem until you at least have a working product.
Moz1.0 and Moz1.1 are working products and they work great.
If you have such a thin skin about bugs, don't adopt early, use Moz1.1 for the next weeks until you go to Moz1.2. It's tested, stable and much more secure than any version of IE, what is your problem?
My problem in the parent post said, "well, at least it's not a security bug", as if security is more important than basic functionality. That's like saying, "Our computer product is *very* secure. It in no way, shape or form connects to any other electronic device of any kind." It's pretty silly.
"Sorry, links to Bugzilla from Slashdot are disabled." Mozilla even blocks the /. effect!
"The number of Unix installations has grown to ten, with more expected." (Unix Programmer's Manual, 2nd ed.; june 1972)
I've only got 56k and left it downloading Moz 1.2 last night when I went to sleep and now I wake up to see this! Damn!
Ah well. The joys of living in a country where broadband isn't available
Maybe One Day!
Irish Rugby Now!
It doesn't block popups. Which is why i use the proxomitron software with ie6. Mozilla is simply slower on WinXP than ie, which is why i use it. Also, I hate the way mozilla doesn't take the themes i apply to windows.
I just finished downloading the damn thing.
And it worked fine throughout its 5 minute usage history.
/. Where the truth
"The Mozilla team had been alerted to major bugs which only recently appeared in the browser"
Sorry. Just because you filed a bug and posted a comment on another does not mean the Mozilla team was alerted. If there is a showstopper bug, filing it in Bugzilla does not guarantee it will get noticed if everyone is busy with final preparations for a release, and trying to get ready for the impending alpha. Don't forget that the people involved with Mozilla get tons of email from bugs, review requests, etc. as well as have real lives in which they eat turkey and go Christmas shopping. Bugs sometimes slip through the cracks. Hop on to IRC next time and make sure that one of the drivers, or even a developer or QA person knows about your bug if you think it is an absolute showstopper.
It definitely sucks that this bug was in a release. But things happen. Hopefully it won't again.
Caveat: I use Mozilla as my primary browser. That said, I'd like to make this observation:
It seems to me that we spend a lot of time on Slashdot talking about Mozilla as a premiere project of the open source community. However, my impression is that Mozilla is largely still an internal project of Netscape (and by extension of AOL Time Warner). This impression is based on, among other things, the very large number of @netscape.com email addresses that pervade Bugzilla, the mozilla.org web site, etc. I can't believe that Netscape's engineers restrict themselves to working solely on their release branch of the Mozilla codebase during working hours.
I don't think it at all diminishes the magnitude of the Mozilla project's achievement to say that it has made progress largely under the aegis of AOL/TW. But we should at least be honest that Mozilla is furthering the agenda of a very large corporation that is just as rapacious and profit-motivated as Microsoft.
Anyone have any hard data about the investment that AOL has made in Mozilla development?
the thing that bites my arse is the fact that that they are more interested in adding "features" than fixing things...
It's a fricking browser.... I dont need it to start performing Non Linear Video editing and ripping my CD's to mp3's Mozilla needs a freeze put on it for a 6 month period... nothing but bugfixes... if you submit a feature you will be beaten and publically humiliated.
Security IS basic functionality. I'd rather NOT have a new feature if it opens me up to identity theft, fraud, or privacy invasion. My privacy is far more important to me than superfluous features. It's not right to program for functionality and then apply security as an afterthought, proper software development is an act of balancing between functionality, security, usability, and portability. I can't imagine paying as much as Microsoft demands and expecting less than excellent security.
"Sometimes, I think Trent just needs a cup of hot chocolate and a blankie." -Tori Amos on Nine Inch Nails
My problem in the parent post said, "well, at least it's not a security bug", as if security is more important than basic functionality.
/. story regarding Moz 1.2 being released. From the sounds of it, it's not like DHTML is completely broken on all sites. I agree it's a very bad bug, and as the other poster said, they did pull it from the releases page after all, which means they think so too.
:) Mind you, security flaws are a more insidious thing. If you use Mozilla and some functionality fails, that's bad, but at least it's usually quite clear something's wrong... you can just not use the software (go back to previous version, etc).
Well, it seems a number of people have used it without problems, otherwise this would have been commented repeatedly by people in the original
I appreciate what you're saying about functionality being required first, of course
Security flaws, however, mean that in the normal course of program use, someone can take advantage of it, quite possibly without you even knowing about it. Is it better that your car not start, or that it seems OK but the brakes don't work and you don't find out till you go over a hill? In that sense security flaws are worse because people will have a false sense of confidence.
Last I checked, DHTML isn't "superfluous". It's about as essential as you can get on the web these days. And as far as your security paranoia, that's a problem you should get some serious help with. Either that, or stick to the good porn sites that don't try to use all of the latest tricks to manipulate your browser. Either way, you *can* be helped. Really.
proper software development is an act of balancing between functionality, security, usability, and portability. I can't imagine paying as much as Microsoft demands and expecting less than excellent security
Portability is useful if you don't have any kind of cohesive IT strategy at all in your function. My company is pretty well set. We don't switch hardware/platforms on a weekly basis. As far as functionality, I agree. I couldn't imagine paying $50 or more for an unusable OS such as Red Hat, or spend a few days downloading something as bad.
NineNine, your constant use of excessive sarcasm is disturbing; Linux has FAR BETTER connectivity AND security than the pay-for alternatives. Mozilla runs on a multitude of platforms (from one maintainable and concurrent codebase!), it is fast, small for it's feature set and very stable (my 1.2beta has been running without close for over a week of heavy use).
"Sometimes, I think Trent just needs a cup of hot chocolate and a blankie." -Tori Amos on Nine Inch Nails
Well, the only thing is that the security flaws we've seen in IE have been relatively minor. They've usually been tough to reproduce, and very rarely, if ever actually used. I don't remember seeing any truly dire ones that would overshadow the usability of the app, in my opinion.
Mozilla 1.2 is not the stable branch. Use the 1.0 or even 1.1 if you want more stability.
Right, DHTML is broken, so the release was pulled immediately and we're back to Moz1.2b which does not have the bug. Someone will fix it in a few hours or maybe days and there will be a re-release. This is how OSS works, you can live on the cutting edge but you have to expect to get hurt sometimes. I think it's better than wasting away with the same features for OVER A FULL YEAR with IE6.
Tell me, did you roll out IE6 within two days of release? Nobody in their right mind rolls out a release before it's seen a few weeks of action in the wild. Smart administrators don't feel the sting of this sort of problem because they aren't rolling out this morning's kernel/browser/office suite to the users until they hear that it works well.
"Sometimes, I think Trent just needs a cup of hot chocolate and a blankie." -Tori Amos on Nine Inch Nails
I really couldn't give a flying shit about cutting edge. I just want something that works so I can get on with the interesting parts of my life. I don't want to spend hours and hours every day downloading the new Mozilla with new patches, new features, blah, blah blah. Instead IE works, and I use it to get other things done. If a browser is anything more than a background app to anyone other than the developers, then it's not doing it's job well.
We've discovered a bug in Mozilla 1.2 that can cause DHTML on some sites to fail. We plan to release Mozilla 1.2.1 with a fix shortly
This is what I like to see! This is why Open Source is a very good thing... They discovered there was a bug.... They officially announced that they will be releasing a patch soon... If I can make an educated guess I probably would say a patch would be out by Monday or Tuesday...
The point I am trying to make...Companies or groups of developers that are not obsessed on how much money they make with there code are more likely to take pride in what they do and patch exploits or bugs really quickly...
It has been proven hasn't it?
Why would anyone want to use the "commercial suite", when the technology demo has more features and is more stable, in my experience?
---
The combined human population is enough to feed every living tiger for app. 28000 years.
I have a problem with Moz on Win2k. I have been using 1.2b for quite a while. When 1.2 came out, I immediately switched to it. However, my chatzilla and news/mail and everything was non-functional. I reinstalled 1.2b, but to no avail.
If you don't understand any of my sayings, come to me in private and I shall take you in my German mouth.
Just another quick comment...
Tell me what you would rather have... A company that hired its own Quality Assurance team and kept all bugs they found quiet...Or a mass audience from all over the world testing the software and reporting what they find?
With that being said... There really isn't any other way for the Mozilla team to let there mass audience "or shall we say...testers" know that they found a bug and that it will be patched soon?
And would you people stop comparing Mozilla to IE... IE has its own set of troubles... Let it fail on its own...
"Most of my regular customers have learned how to do ctrl-alt-esc just to kill zombie Mozilla windows."
/. ones, but even they don't constantly go out of their way to defend MS which you seem to do. Is there something you want to confess?
Haven't had those problems since the M release days.
"So, yes, it's a great bit of software, but it would be more useful if it worked with more than half of the Internet"
Oh so it doesn't work on HALF of the Internet? Umm Ok. Funny for me it work on the vast majority of the Internet. In fact only sites that have any problems are sites that refuse to code to standards. Of course if the webmasters there don't respond to my email to fix there site then screw em, I'll take my business elsewhere thank you. These are the same banks that will no doubt embrace Palladium with glee.
I've switched to Phoenix full time on both windows and linux and while only a moron says things are perfect, I say things are pretty dam good and I'm very happy with my browsing experience.
In fact since you "claim" to be a linux user what exactly do you use on linux since Mozilla is such crap?
But then again half of your posts are defending Microsoft against us irrational Linux users. I could see now and then pointing out some linux zealots, but really looking at your posts the majority of recent ones ALL defend Microsoft. So how do you explain that? Most linux and opensource users are slightly less militant then the
If you wanna get rich, you know that payback is a bitch
Once a month I type "emerge mozilla" before I go to bed. In the morning I have the latest stable release of Mozilla. I use it for all of my web browsing, FTP, online banking, email, contacts, and HTML composition. It never crashes, it's faster than IE was, it has tabbed browsing and beautiful themes, and I have access to a database of all the known bugs at my fingertips if I so desire. I am not stuck to Microsoft; my preferences, email, and bookmarks are uniform across four OS platforms so I'm not permanantly tied to one particular OS or CPU vendor. The difference is that my browser doesn't JUST work, it works WELL and I ENJOY my online experience so much that I am PROUD to be one of the few people enlightened to Mozilla, that's right, I'm PROUD of my choice of browser because it's that good and that much better than everyone else's.
"Sometimes, I think Trent just needs a cup of hot chocolate and a blankie." -Tori Amos on Nine Inch Nails
Aargh. I just got 1.2 installed and the prefbar all set up, and now I'll have to install and customise the prefs toolbar again when I install 1.2.1. Bummer.
Cut that out, or I will ship you to Norilsk in a box.
I use Mozilla in Windows 2000 and Gentoo Linux. I haven't had any major problems with the Linux release (though the announced DHTML bug is in both), but the Windows release has been buggy as hell. This in contrast to 1.1 which was only somewhat buggy.
- It forgets the previous pages visited every so often,
- Every 10th or so time I visit a page, it announces "The entry point @113WINAPAITSP@@% was not found in [some DLL file]",
- It randomely decides to ignore the mouse wheel, the keyboard, or the mouse altogether, but recovers if I switch to another window and use that device,
- It places some banner ads in the middle of a page. For example, on the StorageReview.com, the bottom banner is often smack dab in the middle of the last message in any given forum thread,
- It reports all downloaded images, be they 200 bytes or 5MB, as "1K" in the download manager,
- It decides that some files are text files, whether they are or not, and insists on displaying them in the browser rather than downloading them. RAR archives and PNG images do not look good in a web browser window. This bug has been present in many versions and is ignored Bugzilla, with claims that it is the website telling Mozilla what MIME type the file is. Well, whatever, IE seems to be able to figure the files out just fine.
Bitch, bitch, moan, moan. The Mozilla team is still doing an excellent job making the world's most powerful browser suite. I do, however, hope they run releases through a bit more QA before the next release.
Computer Science is no more about computers than astronomy is about telescopes. --E. W. Dijkstra
[looking] That's not an IE bug per se. I *think* that's yet another manifestation of a core Mosaic bug, which is in ALL versions of Netscape AND IExplorer (ie. anything based on Mosaic code), but manifests more or less depending on the exact version, and the OS under it. (Mozilla sometimes exhibits the same bug, which makes me suspect it uses the same core Mosaic code.) IE5.5 or 6.0 on Win9* is one of the more-affected combinations, along with NS3.04 (on Win16 or Win32) and NS4.6x.
The Bug: Certain elements, when displayed *inside table cells*, cause a resource leak. Tons of links that display *a lot of text as part of the link* are the most common culprit, but flash *placeholders* and sometimes dropdown boxes also do it.
That's why with very long comment pages, sometimes you'll find you can't moderate -- the dropdown boxes are the final straw.
Win9* with an IE version *prior* to IE5.5 will usually recover resources once you leave the triggering page, but IE5.5 and later cripple resource recovery, exacerbating the problem.
I've been tracking this bug for about 5 years now. In my observation, its various manifestations cause nearly all resource leaks while running NS or IE, thus cause most consequent crashes. Often it seems "fixed" for one minor browser version, but returns in the next update. (Good reason to keep your old browser version around when you upgrade.)
Do yourself a favour: run Resource Meter (windows\RSRCMTR.EXE, if you installed it) in your systray, and when it goes yellow, back out of whatever page you're on (and try it with another browser, which might not manifest the bug). It'll save you a lot of annoyance.
~REZ~ #43301. Who'd fake being me anyway?
The above statement illustrates:
A. Backpedaling
B. Ex post facto rationalization
C. Self-fulfilling prophecy
D. Passing the buck
E. A, C, and D, but not B.
Hey, if you can get personal pride from installing a piece of software, congratulations. I'm pretty happy with Grand Theft Auto: Vice City, but I'm not particularly proud of playing it. I didn't write it. See, for me "pride" has to do with actually accomplishing something. Since purchasing GTA: Vice City isn't really an accomplishment... anybody with a heart beat and $50 can do it... I'm not particularly proud of it. But hey, if you're a good, happy little consumer that takes pride in the products you use, more power to ya'. I wish that my life was that simple.
- activeX - allowing "Open" to do "Execute" has basically fueled the vast generations of email viruses (before it was impossible to run something just by "opening" it) - document macros in a non-sandboxed general-purpose programming language - extension hiding in the name of user-friendliness that has caused so many problems with the .jpg.exe viruses
- no real protection scheme for memory, files or processes running on a machine despite all the required hardware capabilities being available since the '386.
I'm sure there are others, but you get the idea. Adware/spyware would be much more difficult, if not impossible to install browsers driven by our goals rather than a corporation's. Look at where the first "no javascript in email", "no remote images in email", "disable popup windows", "no animated images" options have appeared.
So to make your analogy more accurate, it's like not buying a Honda because they are made to open their doors automatically every time somebody gets nearby.
1.2 always crashes on eBay, especially when you've got a couple tabs open. Anyone else have that problem?
In fact only sites that have any problems are sites that refuse to code to standards.
SVG (Scalable Vector Graphics) is a W3C standard. Support for SVG hasn't been turned on by default in Mozilla binaries because 1. only half of SVG works yet, and 2. LGPL licensed support libraries such as libart don't work well on embedded systems where it's often not possible to replace the library with an updated version as required in the LGPL. There aren't enough frozen interfaces in Mozilla for Adobe to port its NS4.x plug-in to Mozilla.
Of course if the webmasters there don't respond to my email to fix there site then screw em, I'll take my business elsewhere thank you.
What if the web site that works only with IE is the web site of the only consumer broadband Internet access provider in your area, or of some other local monopoly?
what exactly do you use on linux
Some Linux users browse the Web with a proprietary ad-supported user agent called "Opera".
Will I retire or break 10K?
I've only got 56k and left it downloading Moz 1.2 last night
A Mozilla web browser release for Windows is 10 MB. A V.90 modem can typically download that much data from mozilla.org in about 40 minutes. Many of us spend more than that on Slashdot every day. Just put it in the background and surf with IE or play a video game or something.
Will I retire or break 10K?
How will it fix it? The answer is that with IE, someone can access your hard drive for you and upgrade Mozilla when the new patch is ready!
Easy!
"You spoony bard!" -Tellah
(say that 20 times fast)
;)
Scanning comments, I see that some people say that the "tainted" 1.2 has trouble with ebay among other sites; can anyone point out specific pages which break 1.2?
I yesterday's nightly (Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20021129), and it's been working very nicely for, well, the last 12 hours, it's only been on since then
It seems snappier than the last Mozilla I had on here, a nightly from probably 5 or 6 weeks ago.
timothy
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
In my experience, as well, a few developers on the Moz project have gotten the idea that all users are idiots.
:(
Just this bug in particular (I'm sure there are more similar ones, but I participated in that one way back when before I quit using Moz), shows how the team has gotten the idea that users are idiots and do not deserve the ability to customize simple aspects of their browser. It seems that bugs take the back burner when the dev team has to choose between fixing bugs and adding kewl new features.
using namespace slashdot;
troll::post();
A release candidate is a place to look for the last few critical bugs, no? In this case, the bugs that were going to be squashed were squashed, and everything was ready to go. They just had to do a final build and let it go.
But oops, the build process went awry, and the binaries were built against the wrong sources. So the RC process wouldn't have worked, because it would have put fixes into the tree, which would have been ignored in the erroneous build.
BTW, 1.1 was very unstable for me under Linux, while 1.2 (as released) is rock solid.
Mozilla sucks!
Try out this neat little browser: http://www.microsoft.com/ie
Did you install on top of the previous version? That can cause problems like this. As the release notes say, you should either:
Install to a different directory
or
Remove the previous version (after running the uninstaller, it might be worth removing any remaining files except for those in the plugins dirtectory from your mozilla directory)
That will almost certianly resolve the problem.
The DHTML bug was caused by an 1-character-incorrect backout of a patch that I did in too much of a hurry (removed the entry from the list, but didn't adjust the count). Mea Culpa. This happened 2 weeks before 1.2 final, but most testers were working on 1.3 by that time, and the ones that weren't didn't visit the type of DHTML that causes the problem (most DHTML doesn't have the problem). There was a separate problem where the wrong files were tagged (some recent fixes weren't included).
We're fixing these and will have an updated build up soon. How long would Microsoft take to fix this sort of problem?... (Let alone tell you why the problem happened.)
For Mozilla I generally just rm -rf the old version's directory and install the latest and greatest.
Many of the updaters I mentioned above are easier than anything Microsoft has come up with in my opinion. Particuarly Redcarpet from Ximian and emerge from Gentoo.
Kind Regards
"A few great minds are enough to endow humanity with monstrous power, but a few great hearts are not enough to make us w
*Sigh* That's the point. It isn't a problem, it isn't hard, and it isn't a big deal. Weenies who troll on and on about how everything in Linux requires you "to edit some obscure text file" and that "everything is designed for programmers, not the users" are just that: weenies and trolls.
> Call me nuts, but I'd rather have an actual working product
It is an actual working product; has been since... well, for
some time now. Sure, it's buggy, but all software is buggy.
If anything, Mozilla is less buggy than the average browser.
> DHTML working is very, very basic.
DHTML is not quite so basic as you imply, but even if it were, DHTML
is basically working. There's just a bug in it that causes a few
sites to fail. FWIW, I've been using the buggy release since some
time yesterday and haven't managed to find a site where I can
reproduce the bug yet. Sure, I'll upgrade to 1.2.1 when it comes
out, and meanwhile if I happen to run into a DHTML site that's
broken, that I need to access, I can change my symlink back to
the previous release temporarily (though, unfortunately, that would
mean exiting my browser and restarting it, which means finishing
with all the tabs I currently have open, which would be something
of a pain).
> You can't have a security problem until you at least have a
> working product.
Interesting. I'll have to keep that in mind next time I'm doing
any security checks; things that don't work right are immune to
security problems. I bet a lot of so-called security experts are
unaware of this axiom; perhaps you should write up a white paper.
Cut that out, or I will ship you to Norilsk in a box.
> Tell me, did you roll out IE6 within two days of release? Nobody
> in their right mind rolls out a release before it's seen a few
> weeks of action in the wild.
Right. I tend to use myself as the guinea pig, testing stuff like
new releases on my own workstation before I deploy it for anybody
else. The only thing is, this doesn't catch OS-specific bugs, since
our network (at work) is heterogenous, and I only usually test under
one OS. If our network were larger, I'd probably test on multiple
OSes before deploying, but with the relatively small number of nodes
we have, it's not a huge problem.
This policy (testing on myself) also fails for stuff I never use,
that other people ask me to install, such as Real Player. (I have
yet to figure out what purpose that one serves... I have never
once visited a site that uses it, despite spending hours a day on
the web. When people say they use it all the time, I have to wonder
what kind of sites they're going to; must be something in which I
have absolutely no interest, whatever it is.)
Cut that out, or I will ship you to Norilsk in a box.
I've tried both already. :-(
If you don't understand any of my sayings, come to me in private and I shall take you in my German mouth.
Sure. Minor. A dozen lines of javascript on an untrusted site can do quite literally anything (within the permissions the user has, which tends to be pretty lax on NT), and it's minor.
Well, I guess it's a good thing there Aren't very many of these minor bugs.
Cut that out, or I will ship you to Norilsk in a box.
You don't need to deal with 3rd party apps like that with mozilla.
Problem: Mozilla is slower and doesn't handle XP themes.
Solution: Phoenix. Faster and uses native windows themes. Apparently, you've never had the joy of using tabbed browsing...
That's the problem
It's too hard to get a problem noticed by someone who has the skills to fix it.
Say I have a problem with feature X because of my condition Y. Unless I can find a developer with the condition Y, it's going to be marked WONTFIX or for future release v5.0 or whatnot.
There's no sense of responsibility there, cuz they're not paid. And because they're not paid, with any criticism, users are treated like ungrateful bastards who should shut up.
If this were Microsoft. They would just give developers an idea how to structure a work around until a service pack could be made....
Mozilla folks pull the entire program rather than tell webmasters to patch up... and plan to fix it ASAP.
I appreciate that.
They aknowledge the problem ASAP, and are responding. And pulled the download and created some waves so it's known and 1.2 is imediately disposed of...
Microsoft would deny the bug for 6 months, give a work around... then eventually fix it.
Being able to admit mistakes is important.
Regardless, usually the IE method works out.
.pif to see that it is in fact a .exe. Which is precisely what the virus author intended.
It sure does. It's the same misfeature that causes lookOut to show foo.bmp.pif as foo.bmp, and that causes Windoze to look inside the
This has been pointed out years before the actual viruses started to hit. This "intelligence" in the name of user friendliness is one of the bigger design flaws in Windoze.
The web server tells the browser what the content is supposed to be, and IE then cheerfully starts to to its own thing, with no override or even a warning. Not even a paperclip that tells the user that he is "correcting" the info.
Here's a hint if you want to download a URL as a bag of bytes with no interpretation: right click on it in Mozilla, select "Copy link location", type "wget " into a window and paste the URL.
An even better hint: tell the good folks at divx.com that their web server is misconfigured.
Bert Driehuis -- All I asked was a friggin' rotatin' chair. Throw me a bone here, people.
Man.. back in the day the parent post would have been +5 funny. It's not a goatse.cx link, just a decent looking girl (being penetrated in an awfully strange position, but yes, it is porn after all). Besides, linking to CoolSweetGirls.com might be a tip-off that it is porn... just maybe
Please.... please... have a sense of humor once in a while.
The original comment follows (without the link, which originally went to an image on a porn site)
Of course now the joke is completely ruined.. dickhead trolls and moderators
I've used Mozilla for a week, both releases and daily builds (the daily for bug fixes). I've been disappointed. I start reading news and going to websites and get comfortable and start thinking this seems to be working well, then it has some memory corruption issue and the OS kills it. The feedback tool that they include doesn't work. I've tried to send the bug reports using it and it fails to connect to the server.
Why must the whole damn thing be in one process with threads? It would be much nicer if at least the newsreader/mailer ran in a seperate process than the browser. Then at least I wouldn't waste as much time starting the stupid thing and getting all my windows back. Are the Mozilla programmers afraid of interprocess communication?
I'm a freebie user, but I think we too have access to the mail forwarding feature.
;)
:) It is "Major," damnit!
What I wonder is, if as a paying user you can set domains/addresses to ignore? You see, all mail I get to my university account is filtered through a virus checking relay, and Spamcop interprets those headers as open relay activity and wants to send reports to abuse@myuniversity, so I have to uncheck those boxes for each spam on the Spamcop site.
If I could set a preference to automatically ignore any headers referring to "myuniversity" domains, Spamcop would have a new customer. And if they could clearly state fixed prices for their service... It's kinda twisted that spam victims should pay for reporting the abuse, in an ideal world Spamcop could charge a fee from the spammers' ISPs for each confirmed abuse report - that might make even the Taiwanese and Chinese ISPs a bit more interested in cooperating...
To get back on topic; as you say, the Mozilla bug would still be there though. I'm happy to see that the number of votes for that bug has more than doubled after I mentioned it here.
Help savingAmigaOS and a free PowerPC market
Who said anything about IE? Why the knee jerk reaction? Nobody is denying what you are saying, except of course you exagerate, but I'm surprised you are turning this into an "us against them" kind of argument.
I like Mozilla, but am aware that the more popular it gets, the more it will attract the kind of problems that very popular programs such as IE get.
Your point seems to be "Let's not talk about problems with Mozilla, because IE has more" But if you ignore these kinds or problems, then the end result will be worse. Mozilla will get a bad name.
Don't know about 6.x as it is not installed on any of our 1200+ nt4 and w2k boxes (compatability problems with several internal IIS sites; go figure).
Had the same problem, turned out that IE6 kept losing the Session ID when connecting to a web server with an _ (underscore) character in the name. Maybe that's causing your problem too?
If we only talk about critical IE bugs why should we talk about non-critical Mozilla bugs.
This is stupid BS. Why don't you go suck Bill Gates's dick you fucken asshole.
Fellow programmer, greetings! You are reading a letter which will bring
you luck and good fortune. Just mail (or UUCP) ten copies of this letter
to ten of your friends. Before you make the copies, send a chip or
other bit of hardware, and 100 lines of 'C' code to the first person on the
list given at the bottom of this letter. Then delete their name and add
yours to the bottom of the list.
Don't break the chain! Make the copy within 48 hours. Gerald R. of San
Diego failed to send out his ten copies and woke the next morning to find
his job description changed to "COBOL programmer." Fred A. of New York sent
out his ten copies and within a month had enough hardware and software to
build a Cray dedicated to playing Zork. Martha H. of Chicago laughed at
this letter and broke the chain. Shortly thereafter, a fire broke out in
her terminal and she now spends her days writing documentation for IBM PC's.
Don't break the chain! Send out your ten copies today!
For example, if \thinmskip = 3mu, this makes \thickmskip = 6mu. But if
you also want to use \skip12 for horizontal glue, whether in math mode or
not, the amount of skipping will be in points (e.g., 6pt). The rule is
that glue in math mode varies with the size only when it is an \mskip;
when moving between an mskip and ordinary skip, the conversion factor
1mu=1pt is always used. The meaning of '\mskip\skip12' and
'\baselineskip=\the\thickmskip' should be clear.
-- Donald Knuth, TeX 82 -- Comparison with TeX80
- this post brought to you by the Automated Last Post Generator...