Google Quashes 13 Chrome Bugs, Adds PDF Viewer

CWmike writes "Google on Thursday patched 13 vulnerabilities in Chrome 8 (stable), and debuted Google's built-in PDF viewer, an alternative to the bug-plagued Adobe Reader plug-in, and included support for the still-not-launched Chrome Web Store. The 13 flaws fixed in Chrome 8.0.552.215 are in a variety of components, including the browser's history, its video indexing and the display of SVG (scalable vector graphics) animations. Next up: Adobe and Google have collaborated to put the Flash Player plug-in inside a sandbox within the dev build of Chrome, an effort by the two companies to better protect users from attacks."

Adobe

[MrEricSir]

So Adobe didn't mind helping Google, even while Google was developing a replacement for Acrobat Reader?

Seems a little odd to me.

Re:Adobe

Adobe doesn't care about competition for reader.

Re:Adobe

[Guillermito]

Adobe makes money with PDF authoring tools, not with reader. Since PDF is marketed as a universal format, I guess it is in Adobe's best interest for end users to have a seamless experience accessing PDF content in every possible platform.

Because I like being on cutting edge...

[McNihil]

Just tested it with chrome 9.x... the pdf rendering is ridiculously fast.

Re:Because I like being on cutting edge...

[larry+bagina]

Acrobat is slow. Imagine if your computer was unusable for 30 seconds because you accidentally clicked on a pdf link. Acrobat is worse than that.

Re:Because I like being on cutting edge...

[FrootLoops]

Personally I have never wanted to view a PDF inside the browser so I'm not sure why so many people think it's important.

It's nice to have PDFs alongside my other tabs. It reduces the number of windows I have open by 1 per PDF, if I already have at least 1 other tab open. This is a small thing that wouldn't really bother me if it stopped existing one day. Also, some sites display PDFs mixed with HTML on the same page. It's probably not great style, but such is life.

Re:Because I like being on cutting edge...

so I have chrome 9.0.576.0 and xpdf 3.02 and just scrolling through a few PDFs i have lying around i would say that chrome is 2~ to 3~ faster than xpdf.

I wouldn't describe either of them as 'ridiculously fast', my crappy macbook (not pro, core 2 duo era thing) is probably 3~ faster than chrome on my 2-way 3.3GHz xeon.

Re:Because I like being on cutting edge...

[SanityInAnarchy]

Because the alternative, at least in Chrome, is obnoxious -- it doesn't have the option to download something to a temp folder and open it. Instead, if it sees anything it can't handle itself, either internally or with plugins, it's going to download it, automatically and instantly, cluttering my download folder to hell. It's especially bad when people put PDFs in iframes...

Acrobat actually isn't that bad, it's mostly the startup time that's a killer, but this is an improvement all around.

Re:Because I like being on cutting edge...

[Bacon+Bits]

It does render very fast, but certain things were just awful when this was present in the Dev channel and convinced me to disable the thing. Last time I played with it, selecting text to copy and paste worked dreadfully. Letters would be dropped or the text would select in unpredictable ways. Additionally, printing the PDF resulted in something that looked exactly nothing like the PDF document I was using. I found the latter particularly silly given the design intent and implementation of the PDF document format (ostensibly a PostScript printer file with extra metadata). I was also particularly annoyed that there was no way in the Dev version to save the PDF to file rather than merely view it. (At least, none that I could discern.) This made it more irritating than not when you wanted to download a PDF to store for later or to distribute to others.

So while it's great for viewing, I found it limited and the inability to save meant that you couldn't easily fall back on a thicker PDF reader when the browser-based version failed.

Re:Because I like being on cutting edge...

[mcrbids]

IT'S ABOUT F!~@#NG TIME!!!

My small company develops document management systems for education. PDF is the standard of choice because it's open and cross platform. The problem is that Adobe sucks so horribly bad that we've actually taken to recommending Foxit as a "better than" solution, even though it has its own set of warts. Sure, Adobe makes its money on Acrobat, and the Adobe reader is a gimme, but why couldn't they make the gimme actually work?!?!?

Rendering a PDF inline works less than 30% of the time among installed base users who have Adobe Reader installed by our own internal survey. Thus, for our needs, Adobe gets this wrong at lesat 70% of the time!

We've actually found it much more useful to render "inline" PDFs as a PNG rendered via ImageMagick (even though it's blurry and adds .2 seconds of rendering time because it actually WORKS in most end user browsers) than to show it as a rendered inline PDF using Adobe among customers with Adobe Reader already installed!

How a multi-billion dollar company can get something so basic (show a vector format as a plugin) so horribly wrong is beyond me, but when they get their asses handed back to them, they will have earned it.

Adobe? Are you listening?!?!? Because I'm telling you: it's easier to find a very second-rate way to display a PDF than it is to use your product because it sucks so badly!

Re:Because I like being on cutting edge...

[Bill,+Shooter+of+Bul]

Adobe Reader isn't just slow at loading a pdf, its slow and crappy searching and browsing the currently loaded pdf. Going from Adobe to Okular was insane. I suddenly went from dreading reading PDF docs, to loving it. Haven't tried it in Chromium yet, but I know how much better PDF viewing can be outside of Adobe. PS the bugs he was referring to are security vulnerabilities, in case you haven't figured that out by reading the 800 other posts talking about the vulnerabilities in Adobe. Now, is Google's auto-magically immune to them ... No idea. Some of the vulnerabilities are somewhat baked into the featureset. You can't support all of the crazy things you can do in PDFs without providing some possibility of some bad PDFs doing dangerous things.

Re:Because I like being on cutting edge...

[tokul]

the pdf rendering is ridiculously fast.

How accurate it is? Any pdf reader can be ridiculously fast, if it dumps half of specification or does not render complex objects.

Re:Because I like being on cutting edge...

[ConaxConax]

This is one of the many reasons I use Foxit pdf reader. Is Chrome's pdf reader fast compared to something like Foxit, or another good reader?

Re:Because I like being on cutting edge...

[asserted]

It appears that Chrome is using Foxit library.
Can't verify it because the codereview link they provide doesn't work anymore.

Re:Because I like being on cutting edge...

[jbengt]

Adobe Reader is very slow to start up.
But once started, it is much faster than evince, especially on large .pdfs, which evince can't always handle usably (at least on my Fedora laptop). Still, I don't have Reader installed on Fedora anymore.
On my Windows box at work, I have both Adobe Reader 9 and Acrobat 7 Pro (writer) installed. Although I don't particularly like Reader 9, Acrobat 7 is very useful for work. I often need to respond to submitted .pdfs with mark ups, comments, added pages, etc. and it's great to do that without printing and scanning. Especially useful is it's OCR functions which can turn a scanned-image document into a text searchable document.

Re:Because I like being on cutting edge...

[Zaiff+Urgulbunger]

So is this closed-source then? If so, then presumably it won't make it into Chromium.

Re:Because I like being on cutting edge...

[AmiMoJo]

I really hope not. Foxit has had more than it's share of security flaws and, like Adobe Reader, is now using sandboxing.

PDF viewer

[hether]

"The viewer renders PDF documents as HTML-based pages"

I hope it does a better job than the PDF viewer built into Google search...

Re:PDF viewer

[The_mad_linguist]

It's terrible for anything with diagrams or formulas.

Re:PDF viewer

[Timmmm]

I'm pretty sure the journalist is just confused (I know - surprising right?), and it is actually using Foxit's PDF library:

http://www.foxitsoftware.com/pdf/sdk/dll/

This also means it won't end up in Chromium.

Re:PDF viewer

[jopsen]

"The viewer renders PDF documents as HTML-based pages"

I hope it does a better job than the PDF viewer built into Google search...

I doubt that they convert to HTML... The remark is probably just because PDFs are open in tab, and not because the technology have anything to do with translating PDFs to HTML...

Chrome PDF viewer is pretty good

[haruchai]

It's been in the dev or beta channel for a while. Works fine and hasn't choked on any PDFs I've viewed with it yet.

Re:-13 +1

The problems with pdf security are either due to the latter standards that allow excusable to be imbedded or due to poor security in the adobe and apple readers. You never hear about evince or ocular being a security risk.

Quashes?

So the bugs subpoenaed Google, and Google asked the judge that the motion of discovery be nullified?

Or did they mean squashed?

Re:Quashes?

[Surt]

No, they meant quashed and got it right. The legal definition flows from the standard english one.
http://www.merriam-webster.com/dictionary/quashed?show=0&t=1291432910

Re:Quashes?

[Jurily]

http://en.wiktionary.org/wiki/quash

Re:Quashes?

[Surt]

Or even better, since I misremembered which word they actually used due to AC's error:
http://www.merriam-webster.com/dictionary/quashes

Re:Quashes?

[Bigjeff5]

The word still doesn't fit. Or at least, it isn't the best word for the job, and if you are getting creative with verbiage the point is generally to use the absolute best word for the job.

Quash means to suppress or extinguish, neither of which adequately expresses fixing a bug or a group of bugs. It would be similar to using "quell" there, it just doesn't fit right. Look at the synonyms and it should be more clear why the word just doesn't work.

In this case, the words we usually use - patch or fix - are the words that are most descriptive and most appropriate.

Re:Quashes?

[DRBivens]

Yeah, it's really an awkward usage of the word "quashes". We're not speaking Middle English, so it's probably safe to stick with modern usage. Since one really doesn't "void", "vacate", "suppress", "defeat" or "smash" software bugs, I can only imagine the wording was an attempt to humorously play on the word "bugs", in which case a better word might have been "squashed" or "squished".

Just my $0.02...
 

PDF Viewer, Finally

[htafolla]

The PDF Viewer will be nice. Have had issues on both Windows and Linux.

So did the fix the http:// display bug?

[Daniel+Dvorkin]

I'm guessing not.

Flash in PDFs, head-to-head vs Acrobat Reader

[Khopesh]

One of the biggest problems with Adobe Acrobat Reader is that attackers can run exploits via embedded flash ... since Chrome supports flash, does that mean it will support flash in the PDFs it converts to HTML? I hope not, or at least not by default.

I'd like to see Chrome come with a dummy app that pretends to be a PDF reader which merely runs a specialized window holding the document content in a manner akin to your typical PDF viewer. This would help people stop wean themselves off of Acrobat Reader. Maybe it will be better than FoxIt and Evince et al. (though I suspect not; the whole point of PDF is in a perfectly consistent rendering so as to always print the same, while HTML is almost impossible to do that. Google likely has no interest in molding Chrome into something that ideal for paged media, but I can hope...)

(Disclaimer: I word processes in HTML using vim; I know a good amount of page-media CSS, including all those CSS1 and CSS2 bits that still lack implementation in FF and Chrome...)

Re:Flash in PDFs, head-to-head vs Acrobat Reader

[Khopesh]

I doubt it. It isn't and won't be a fully featured plugin. Chrome's PDF viewer was sandboxed in the dev builds even, so there isn't much risk there. If Adobe fixes the Flash sandbox issues (for one, Mic does not work) then maybe we'd see SWF-in-PDF support.

Honestly, I hope we don't. PDF shouldn't have flash support. That 'feature' was merely added by Acrobat because it was trivial for them to do. Anybody seeking that kind of thing should use HTML, Flash itself (which is fully capable of this sort of thing!), or perhaps PPT.

whoop dee doo

[glebovitz]

All this enhancement sounds great, but I wish they would concentrate on compatibility with web sites first. There are too many sites that don't work well with Chrome and I am tired of getting warnings from popular sites that warn me about running an unsupported browser.

Re:whoop dee doo

[onefriedrice]

All this enhancement sounds great, but I wish they would concentrate on compatibility with web sites first. There are too many sites that don't work well with Chrome and I am tired of getting warnings from popular sites that warn me about running an unsupported browser.

Any examples you can come up with, because I have no idea what you're talking about. WebKit is extremely compatible (it's one of the most popular HTML engines out there), and I don't know of any incompatibilities with Chrome's Javascript VM either, so... I guess I'll just have to call BS.

Re:whoop dee doo

[creativeHavoc]

I don't think he knows the difference between a browser being compatible and a website sniffing browsers and sending an unwarranted warning.

Re:whoop dee doo

All this enhancement sounds great, but I wish they would concentrate on compatibility with web sites first. There are too many sites that don't work well with Chrome and I am tired of getting warnings from popular sites that warn me about running an unsupported browser.

Do you want the chrome team to rewrite third party sites to not check the user agent? Or should they lie in their user agent and make being bug-compatible with IE6 a priority?

Poorly written sites are not a problem a browser should fix.

Re:whoop dee doo

maps.google.com is unfortunately one of the sites that works better in IE than in Chrome. Try to plan a road trip with 6+ waypoints and see for yourself.

Re:whoop dee doo

[JonJ]

I just tested this using Chrome and Linux. No problems here.

Re:whoop dee doo

Some news sites, for example the Ottawa Citizen didn't work well in Chrome when I tried it earlier this year. The text at the start of the story was not readable. Just one example. But overall I had very few problems with Chrome.

Re:whoop dee doo

[LoudMusic]

I typically use IE for hardware configuration duties, like HP switches and Cisco wireless access points. Those devices don't get their web interfaces updated particularly often and they were developed as much as a decade ago when IE was the most popular and non-standards-based browser. Trying to view the sites in Firefox, Chrome, Opera, or Safari often results in a broken interface and broken control.

But that's a pretty outlandish thing to use as an example of Chrome not being compatible.

Re:whoop dee doo

[scragz]

Netflix streaming said Chrome was incompatible last time I tried to use it. I've also had a lot of warnings on various sites that "all features may not be supported". As Mozilla knows, evangelism with major sites is as important as rendering bugs to the end user (me!). Usually everything just works or would work if they would unblock it.

Quashes bugs, adds pdf support...

[elashish14]

Talk about undoing your own work, huh?

Re:Quashes bugs, adds pdf support...

[Burz]

Talk about undoing your own work, huh?

Indeed. I wonder if the PDF viewer has a sandbox too. If not, then they could be opening up an even bigger can of worms!

Re:Quashes bugs, adds pdf support...

[cbhacking]

As a security tester by profession, I *really* want to run some fuzzing tools over that PDF reader. In fact, I might just do that. Coming up with a proper minset without using the resources at work would take time, though.

Re:Quashes bugs, adds pdf support...

[sl149q]

Who cares ... if there is a problem it will result in some anonymous server in the cloud getting infected :-)

Paste bug fix?

[PRMan]

Does it fix the "I can't paste into a textarea" bug?

I was using it instead of Firefox, but that one's a dealkiller for me.

Re:Paste bug fix?

[PRMan]

Can't paste my quote...

Nope.

Re:Paste bug fix?

[tyrione]

Does it fix the "I can't paste into a textarea" bug?

I was using it instead of Firefox, but that one's a dealkiller for me.

Nope. It's a joke that even 9.0.597.0 dev still can't manage this simple behavior.

Re:Paste bug fix?

[Qzukk]

The bug report has a workaround: create a bookmark for javascript:document.body.appendChild(document.createElement('div')); and click it whenever you want to paste into slashdot. No idea why adding an empty div to the end of the page makes it work, it probably forces chrome to re-parse slashdot's flaming pile of broken html to something that will actually work in the browser.

Re:Paste bug fix?

[Omestes]

Does it fix the "I can't paste into a textarea" bug?

It was still in the dev version, so I'm guessing not. I am using Chromium, and I did paste that; but it has always allowed me to paste in a fresh form, just not one that has text (sometimes), and never one that has characters before the paste (i.e. pasting after HTML tags).

Oddly I mostly only notice this on Slashdot, it seems to work fine on most other sites; this might be because I mostly paste to Slashdot though.

I keep on considering going back to Firefox, but every time I run it now it feels slower and more clunky (not rendering, but the UI and software itself). Firefox 4 also seems a bit off, and I wanted to be completely off of Firefox before I have to use it.

I do wonder why they haven't done anything about it yet. It is a well known, and prevalent bug, and seems to be heavily reported and documented.

PDF viewer has been in unstable for Months

[tyrione]

Just download the unstable branch. It's as close to WebKit Nightly as you get for Chrome.

Damn. It's all downhill for now.

[CFD339]

You start with something small and fast.

Soon you're all about embedding this and that and everything else. Now you're all about bloat.

See, I use foxit. I like foxit. I don't install the embedded reader because I don't like it to be embedded. That's my choice. You may not agree, but that's cool because that's what choice means.

Now, Chrome embeds its own viewer. There goes my choice. There goes the lightweight browser. Hello monoculture software. Hello exploits.

bah.

Not a joke

[AmigaHeretic]

At first I thought you were joking when you said you were testing it with Chrome 9.x I didn't even know Chrome 8.x was out.

Am I just getting old or are these releases abnormally fast?

Re:Not a joke

[aztracker1]

How else were they going to get a release of Chrome 9, before IE9 comes out?

Re:Not a joke

[asserted]

Here's how it works: when Chrome 8 is branched to beta, trunk becomes Chrome 9. At first the difference is purely cosmetic.
But yes, Chrome N+1 is born at the same instant Chrome N goes to beta. From the next canary or dev release on you will see Chrome N+1 versions, though differences between them and Chrome N (already in beta) may be very small.

Websites don't support browsers

[Zero__Kelvin]

Any website that warns about unsupported browsers is by definition designed by someone who doesn't know how to design websites. Properly designed websites follow standards, and web browsers comply with those standards. When a web developer speaks in terms of which browsers they do and don't support that is a direct indication that they don't understand even the most basic and fundamental concepts of website design.

Re:Websites don't support browsers

[catbutt]

When a web developer speaks in terms of which browsers they do and don't support that is a direct indication that they don't understand even the most basic and fundamental concepts of website design.

Well, with the exception of IE6. I wouldn't fault a site for not caring anymore if their site looks crappy on IE6.

Re:Websites don't support browsers

[tepples]

I wouldn't fault a site for not caring anymore if their site looks crappy on IE6.

But I would fault such a site for not including a (tasteful) ad for Google Chrome Frame at the top of pages served to IE <= 7. Chrome Frame is a browser helper object that uses the Chrome engine for pages that opt in to Chrome rendering using a <meta> element.

Re:Websites don't support browsers

[aztracker1]

I'd love to push chome frame for browsers = ie10... how about supporting linear gradients for backrounds, or any number of other features far more widely useful ocer canvas... css3pie breaks in ie9, and the dx based gradient filter doesn't support stop points, or work with their border radius implementation.

Re:Websites don't support browsers

[Kjella]

The kind that says "We haven't tested it on your browser, we don't guarantee it'll work and if it doesn't we don't guarantee we'll fix it but here's our site anyway" is quite legitimate if you ask me. Even when I've had a site work properly on IE (with IE-specific hacks), Firefox and Opera - this was before Chrome - and the W3C validator, I got reports about a rendering bug in Safari. And I have spotted rendering differences between Firefox and Opera too, so this "create once to standards and it'll work everywhere" is overrated. The only way to really be sure is to have actually tested it with the browser in question, and if nobody ever did it's fair to call it unsupported.

Re:Websites don't support browsers

[Zero__Kelvin]

I totally agree with you. What you are talking about is completely different from supporting browsers. This site supports HTML5 and CSS, and has been tested with IE7, IE8, Chrome, and Firefox is completely different from saying that we support a particular browser or a few select ones.

Re:Websites don't support browsers

[Bigjeff5]

Exactly.

It's pretty simple really, if someone bitches about X browser not working, and you aren't going to fix the site when that's the only browser that has a problem, then that browser is unsupported.

If someone bitches about Y browser not working, and you are going to fix the site so that particular browser works correctly, then that browser is supported.

It doesn't matter if anybody ever actually bitches about the browser not working, if you never plan on fixing problems specific to that browser then it is an unsupported browser. All it means is that if you aren't using X, Y, or Z browser they aren't going to listen to your complaints. It doesn't mean your browser of choice doesn't work (in fact, given today's state of browsers, it is rare that your browser won't work).

People don't seem to understand that "Unsupported" simply means they aren't going to support it. It doesn't mean it won't work.

Re:Websites don't support browsers

[m50d]

I could write a site to the CSS spec, and have it work in no browsers. (IIRC there is not a single extant implementation of CSS2). But in the real world, users tend to be unhappy with that. So you pick browsers to "support", which means "work around the bugs of".

Re:Damn. It's all downhill for now.

about:plugins -> Chrome PDF Viewer -> Disable.

or

Options -> Under the Hood -> Content settings -> Plug-ins -> Block all.

Also it's weird to say a plugin is causing bloat, when the plugin resides in a shared library, it only registers one embed handler, and is entered only when a PDF is viewed. It has zero runtime overhead and its .text section is shared between processes (iirc... loadlibrary on win32 does copy-on-write).

Where's the bug?

[SanityInAnarchy]

This has been annoying me for awhile now. Where's a bug we can all vote for and Slashdot?

Re:Where's the bug?

[Tynin]

This has been annoying me for awhile now. Where's a bug we can all vote for and Slashdot?

If I were to guess, it would be due to the two buffers X Windows uses (and since it is X Windows, most Linux OS's suffer the same issue), the clipboard buffer, and the primary buffer, have been an ongoing train wreck for years. It is like a few developers don't want to change the way they do things, and don't share best practices for which buffer to use and when.

Even the current Ubuntu LTS 10.4 suffers from it (not tried it again in the current release, but it has been a problem for a long time on several distros), generally it's the same work around each time, which is to paste into a text program that when you do a copy, it copies it into both buffers (I think I'm using gedit, but I'm not at my workstation). Then when you paste, it should display since regardless of which buffer gets called, it will have your copy.

Re:Where's the bug?

[EvanED]

Fun fact: there's actually a second X selection buffer. It's not used very much at all, but it does mean that there are three separate clipboard-type entities that are available on most X systems.

If you know what's going on, the separate X selection and X clipboard can be occasionally useful (it essentially gives you two clipboards if you can manage to use them with accidentally overwriting stuff), but is mostly just annoying. Way better (both more useful and more predictable) would be to have just one clipboard entity, but have a global kill ring. I'm not sure exactly the best method here that makes both modern-style copy/paste and Unix-style select/middle-click interactions kind, but I feel almost certain you could come up with one that is better than the small mess that is present now.

Re:Where's the bug?

[SanityInAnarchy]

That doesn't seem to work in this case -- I've tried Kate.

What I don't get is when one of the buffers is clearly empty -- it's not pasting garbage, it's pasting nothing -- why wouldn't it check another? And why is this even an issue? On my system, I use Firefox or Chrome, depending on the situation. Both use GTK+. Why would this bug only affect Chrome, and only on certain websites, under certain conditions? Why do I never see this issue anywhere else? Why will it paste into other locations in Chrome, like the address bar or even other textboxes, just not a Slashdot comment box?

Even if it's X-related, the fact that other browsers get it right suggests that it's Chrome's bug, so again, where's the bug we can all vote up till someone actually fixes it?

Re:Where's the bug?

[aztracker1]

Happens in the beta channel builds on some of my win 7 machines too, not just linux... really annoying. I use it as my main browser now, but tempted to go back to firefox... chrome works better ovia my employer's proxy than FF, annoying..

Re:Where's the bug?

[pclminion]

If I were to guess, it would be due to the two buffers X windows uses

How does that explain the fact that I had to manually type in the above quote, and I'm running Windows 7?

It's fucking ridiculous, it happens with no other site but this one, and the fact that Slashdot has done nothing to fix it in the past MONTH that it's been going on, is absolutely incomprehensible to me. What. The. Fuck. Find the problem and fix it.

Even if it's somehow a bug in Chrome, I laugh out loud at the prospect of switching away from my preferred browser because one site on the Internet can't be assed to worked around the problem. I'd rather abandon Slashdot than abandon Chrome, and that's saying something.

Re:Where's the bug?

[tebee]

How does that explain the fact that I had to manually type in the above quote, and I'm running Windows 7?

And how do you explain that copy/pasting your comment just worked for me on XP? ( Chrome 9.0.597.0)

Re:Where's the bug?

[Qzukk]

Because pasting into a completely empty box works. Try typing <a href=" and pasting a link.

If it works for you it's because it's fixed in Chrome 9 now.

Re:Where's the bug?

[tebee]

test

  Because pasting into a completely empty box works. Try typing a href=" and pasting a link.

Yep that seems to work - so this is fixed in Chrome 9 then? One more bug quashed !

Re:Where's the bug?

[smurfsurf]

Testing a link

Yep, works just fine in Chrome 8.0.552.215 on Windows 7.

Re:Where's the bug?

[smurfsurf]

How does that explain the fact that I had to manually type in the above quote, and I'm running Windows 7?

Pasting in an empty textbox. Typing first, then pasting. All works just fine for me. Chrome 8.0.552.215 on Windows 7 64-bit.

Re:Where's the bug?

[Buelldozer]

Unless Windows 7 64 Bit is using X Windows the problem is not contained to *nix. It's happening on all three Win 7 stations that I have too, so it's not exactly a rare glitch. Oddly it only started happening after the upgrade to 8.

I really like Chrome for its speed but this copy/paste bug is killing me.

Re:Where's the bug?

[nine-times]

I've also seen the bug in Safari on OSX. Intermittent, but I've seen it. I could even see that the text was pasted in and then immediately cleared out. I assumed it was some kind of JavaScript bug on Slashdot itself.

Re:Where's the bug?

[Omestes]

It still is a problem, although not as common, on Window's Chrome. So I doubt X is the complete problem. The Linux (or at least Ubuntu, haven't ran out and ran it on every distro) implementation seems a bit worse than the Windows one.

Crome still disappoints me...

[bogaboga]

...and here's why:

The fact that after all these releases, Google still does not see it prudent to had 'print preview' added to Chrome as one of its features.

Folks, this feature is a killer for me...and I am not alone. Trust me on this.

Re:Crome still disappoints me...

[Alzheimers]

Agreed. Lack of the ability to change even the most basic page layout options strictly keeps Chrome in the "Nice Toy" category.

Re:Crome still disappoints me...

[whoop]

Computer screens aren't good on your eyes. It's better to print everything out and read them by the light of a fireplace, smoking a pipe, and wearing a nice smoking jacket.

Re:Crome still disappoints me...

[Clovert+Agent]

Keep your print preview. Give me a master password already, damnit.

Re:Crome still disappoints me...

For making hardcopy backups of teh internets?

Re:Crome still disappoints me...

[asserted]

here's the bug. star it.

Re:Crome still disappoints me...

[Xarius]

Go to about:flags and enable the Print Preview option.

Re:Crome still disappoints me...

[theantipop]

I think this is only available in the 9.0 dev release. So it seems to be on the way, but not definitely not ready for primetime.

Re:Damn. It's all downhill for now.

[CFD339]

Ok, good information. Not sure you'll know I said that, because its an AC post, but what the hell. Thanks.

Finally!

[93+Escort+Wagon]

I'm not a fan of PDF at all - but if you want to use a browser for work, decent PDF handling is a necessary evil. The old "solution" - pulling the PDF into Google Apps - couldn't handle PDF files accessed through https. That made it a non-starter in my work environment.

All you young'uns are free to bitch and moan about PDF itself; but in the real world you usually have to be pragmatic.

Re:Finally!

[devent]

So your work environment don't have a PDF viewer installed? Furthermore, there is a Firefox and a IE plugin/addon to see PDF files inside a browser, no need for Google Apps.

Re:Finally!

[93+Escort+Wagon]

So your work environment don't have a PDF viewer installed? Furthermore, there is a Firefox and a IE plugin/addon to see PDF files inside a browser, no need for Google Apps.

We're talking about Chrome, not Firefox or Internet Explorer.

Working with or against Adobe?

[Quick+Reply]

So they are working with Adobe to get Flash Player in, but against Adobe to get Adobe Reader out?

More important features still missing

3 years after the request was made they still can't offer a universal zoom level. I'll not read a single PDF on Chrome so long as I have to zoom in to every single bloody one of them separately. I hate IE, but I still have to use it on a daily basis as it's the only browser that offers a default zoom level for websites.

Re:Damn. It's all downhill for now.

Hello monoculture software. Hello exploits.

We embedded a viewer so that we could sandbox it. This makes exploits much harder to pull off. If you do manage to get a user to open a PDF that exploits a bug, the sandbox ensures that the process you now control is unable to access the filesystem or open network connections, and will be killed if it tries.

99% of users don't know what a plugin is, and won't keep them up to date unless the process is totally automatic. Chrome got this right: Updates are silently downloaded and applied unless you go out of your way to disabling them. Making the PDF plugin a part of Chrome allows chrome updates to update the plugin. Chrome's track record fixing security bugs fast is far better than the record of the PDF plugin that virtually all Windows users most user have.

If you don't want to use the fast, small, sandboxed PDF viewer that gets security updates, go to about:plugins and click disable. Nothing stops you from using other plugin if you want to.

Re:Sandbox

[metrix007]

Actually it probably does affect Chrome. For some stupid reason the Windows version of Chrome shares it's network settings with Internet Explorer, which makes it lose a great many points.

Using lack of compliance to sell Windows 7

[tepples]

web browsers comply with those standards.

Unless, of course, the maker of the web browser is using the lack of compliance with standards in older versions of the browser as a tool to sell another product that the web browser requires. I routinely get banner ads for IE 9 when browsing with Chrome under Ubuntu 10.10 or Firefox under Windows XP; I click them and they end up being ads for Windows 7.

Re:Using lack of compliance to sell Windows 7

[Bigjeff5]

You know IE8 passes acid2 (the test for the current web standards) just fine with the default settings, and IE9 gets a 95 on the acid3 test. It's not 100%, like Webkit, but then again acid3 has been strongly criticized for cherry-picking elements that are still in the working draft (i.e. not even finalized).

In other words, Internet Explorer is 100% standards compliant, and will likely comply with the new standards as soon as we actually have a new set of standards.

Cut the FUD please, it doesn't help.

Re:Sandbox

[wampus]

It's a massive pain in the ass to have to reconfigure proxy and PKI on a per application basis. I personally love that Chrome uses the OS settings that Firefox ignores.

Is copy/paste fixed?

[stimpleton]

For months, the basic ability to copy and paste text in chrome has been broken. Its not just me, others have noted it, even bloggers noting it.

To read and comment on slashdot I *have to * use firefox. to do the basic task of quoting someone. ctrl-c gets it to the clipboard and I can paste to notepad, but cant to the reply form field.

To quote from the film 300: This is madness.

Re:Is copy/paste fixed?

[Qzukk]

Have you had the problem anywhere other than slashdot?

Anyway, some guy figured out that you can fix pasting in slashdot by adding a div to the end of it. Just create a bookmark on the bookmark bar for javascript:document.body.appendChild(document.createElement('div')); and click it whenever you open a slashdot story.

Re:Damn. It's all downhill for now.

[Guspaz]

FYI, Google's using Foxit for the built-in PDF viewer. So, you know, this is kind of like you using Foxit, but with less bloat, since you don't need a completely separate application and UI to get the Foxit PDF rendering engine.

page breaks

[mestar]

Oh finally those annoying page breaks in pdf are gone. I mean, time after time i switch to "continuous" mode, but, always, they were coming back. You click the scrolling arrows, but pdf shows the page it wants to show, not the one I want, so annoying it was.

But it is gone now!

Still doesn't honor --geometry directive

[Psicopatico]

As per subject. It threats that like an URL to be opened.
To be honest, it's not mentioned in the help either.

Speed of Development

[vanOorschot]

Looking at the speed of new developments by Google and Apple, i can not help but wonder how far we would have come since the Alto/Lisa had it not been for the stifling influence of first IBM and then Microsoft. OK, maybe the newbies stand on the shoulders of giants, but damn aren't they a couple of feisty dwarfs.

Re:Sandbox

[metrix007]

It isn't an OS setting, it's the Internet Explorer setting.

Re:Damn. It's all downhill for now.

[asserted]

> See, I use foxit. I like foxit.

you may be interested to know that Chrome seems to be using Foxit for their plugin:
http://googlesystem.blogspot.com/2010/08/google-chromes-pdf-plugin-uses-foxit.html

plus additional sandboxing, for extra security.

PDF for Chromium?

[david.given]

I'll admit to not being terribly interested in PDF for niche OSs like Windows --- although on the few occasions I have to boot Windows I admit that I find myself actively enjoying not loading Acrobat Reader --- so I'm more interested in whether PDF viewing is available for Chromium yet. PDFs are hateful, but sometimes I have to read the damned things, and even apps like evince are cumbersome and slow. Chrome's inline PDF viewer is awesome, fast and slick and best of all, largely invisible; PDFs just work, without needing to faff around with downloads and spawning external apps. It doesn't make PDFs any less hateful but it does minimise the pain.

But inline PDF doesn't seem to be available for Linux, and there's very little information about why. I have heard rumours that the PDF code isn't open source. It would be really nice if there was some communication on this...

Re:PDF for Chromium?

[Qzukk]

The reason is that the PDF support is actually Foxit reader being distributed as a plugin.

Re:PDF for Chromium?

[Zaiff+Urgulbunger]

PDF in Chrome is working for me with Ubuntu 9.10 / Chrome 8.0.552.215. However it doesn't work in Chromium 9.0.597.0 (67679)

Compatibility

I've seen Chrome choke on a few sites that work fine in Firefox and Opera. It's generally an issue with JavaScript and/or the way forms are handled. Just because you haven't run into the problem doesn't mean it doesn't exist.

Re:Sandbox

[cbhacking]

Chrome does not, so far as I know, use the "security zones" concept being exploited in that example. Therefore, it should still run at low integrity level. Sharing proy settings has nothing to do with that attack.

Re:-13 +1

[CRCulver]

You never hear about evince or ocular being a security risk.

Security patches for poppler, the library that evince is built upon, are issued fairly regularly.

Re:Sandbox

[cbhacking]

They're close to the same thing. It's a system setting that IE happens to be the main consumer of, but it's not specific to IE or even to MSHTML. It's not an "OS setting" in the sense that it doesn't force all apps to use the proxy, but generally speaking proxy-aware apps will respect it. Chrome is hardly the only third-party program to do so.

Foxit status

[Jim+Efaw]

So is this closed-source then? If so, then presumably it won't make it into Chromium.

I think Foxit is proprietary, but it's really, really fast; display speed between Foxit PDF Reader and Adobe Reader isn't even a contest. Last I checked it leaves Ghostscript in the dust too. I haven't used anything but Foxit for Windows PDF reading for a while now. Now, Poppler (which uses Cairo) is a different story: those libraries are pretty fast. Chromium might be able to do something interesting with a Poppler-based reader instead of Foxit.

Re:Sandbox

[wampus]

Plenty of third party software uses the setting, and to me it makes perfect sense to only have to set up proxies and trust one time. Zones? Not so much.

Built-in PDF viewer?

[Yvan256]

Okay so that's a (very) nice addition for Windows users, but what about Mac OS X, which handles basic PDF files just fine? Is the built-in PDF viewer only in the Windows version of Chrome? If not, can we disable it?

XP still outnumbers Vista + 7

[tepples]

You know IE8 passes acid2

Which is why I still test on IE >= 8.

IE9 gets a 95 on the acid3 test.

Which is comparable to Firefox. But there are more copies of Windows on which IE 9 doesn't run than on which IE 9 does run. The first result from Google windows market share states that as of November 2010, Windows Vista and Windows 7 combined make about 32 percent to Windows XP's 58 percent.

Re:Sandbox

[metrix007]

It's an IE setting, that some apps choose to honour. I'm really only aware of MSN messenger that does though. Seriously, it's not an OS setting in any sense. Can you give a list of some popular programs that make use of those settings?

Re:Sandbox

[metrix007]

Like what third party software? Cause, all the programs I use you have to set it manually, which is normal.