Slashdot Mirror
Firefox 26 Arrives With Click-To-Play For Java Plugins
An anonymous reader writes "Mozilla today officially launched Firefox 26 for Windows, Mac, Linux, and Android. Additions include Click-to-Play turned on by default for all Java plugins, more seamless updates on Windows, and a new Home design for Android. Firefox 26 has been released over on Firefox.com and all existing users should be able to upgrade to it automatically. As always, the Android version is trickling out slowly on Google Play. Release notes are here: desktop and mobile."
The only problem i've seen with Firefox today is the updates are way too fast. The plug-ins and extentions aren't fast enough to follow becomes obsolete and break. It's not all the updates but I've seen some of it not compatible anymore
PC Gaming enthousiast that gives comments, opinions and reviews on Games. I'm just having fun with games while doing let
...was the first thing I saw. Talk about a panic attack!
Why can't all fpga/microcontroller manufacturers just release free optimizing compilers???
In the mean time they have made it substantially more difficult to configure the rejection of cookies.
Jesus... I'm actually thinking IE is better at this point.
Either give it away or get top dollar, but never sell yourself cheap.
"able" means I have a choice.
"automatically" means I don't have a choice.
This is 2013 and I'm really tired of having my browser freeze for 2 seconds with a grey box every time a Java app has to load. With the latest JavaScript features there's no reason to be using Java in web pages anymore.
My dream browser would:
- render text
- render static images
- block ads
My dream browser would NOT:
- play sounds
- play movies
- animate anything
- open up additional windows
- support java/javascript/whatever code
- support cookies
- store any information
Oh well, I guess it will never happen.
NOW... Make flash click to play as well!
C'mon, realistically, there is a rate of releases that's too slow, (critical bugs and security holes never get fixed) and a rate of releases that's too fast (add-ons can't keep up). I don't have an opinion on where the sweet spot might be, but I think it's a valid discussion.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Or one could fix bugs and security issues whilst not introducing/removing/changing major features and breaking compatibility. You know, like what we had before with fractional version numbers.
For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
In the time that you posted that comment, Firefox versions 38, 39, 40, 41, 42, 43, and 44 were released.
== Jez ==
Do you miss Firefox? Try Pale Moon.
Congratulations?
Personally I'd bet these things are the new numbers station.
For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
's a good point, although I can see the value in introducing new functionality quickly, especially support for new standards and codecs.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Cookie Monster is one of my must have plugins for Firefox. You can easily see at a glance where the cookie usage stands for the site you are on and can then adjust as needed. Using a default of rejecting all can be a bit more work though but isn't so bad once you have white listed your regularly used web sites.
So are you saying that new functionality breaks the extension API every time? 'Cause if it doesn't, then even new functionality can be a minor version number.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
I'd rather see "click-to-pay" the default for javascript.
It's been many years since I've been annoyed by an irritating java applet, and there a few I find useful.
But ugh - so much javascript, and so many sites that practically require it.
TLS 1.1 was supposed to be released with this version by it had to backed out because there were some compatibility issues with a small number of sites:
https://bugzilla.mozilla.org/show_bug.cgi?id=733647
The code is still in there, you just have to enable it manually via about:prefs: security.tls.version.max=2
TLS 1.2 is also present:
https://bugzilla.mozilla.org/show_bug.cgi?id=861266
Just set security.tls.version.max=3.
Not sure if they're shooting for release 27 or 28. By default only TLS 1.0 is negotiated.
Bigger is better.
It's clearly five better.
And as-usual I will NOT be upgrading.
Since Mozilla has followed in Google's path of removing useful functions with each new version. I do not upgrade any Google, Android, or Mozilla applications.
Starting somewhere around version 21 of Firefox, they turned off the "downloads" window and took the ability to turn it on/off out of the options. In order to turn something on that had been in Firefox since it was called Phoenix, you had to go into about:config and change "browser.download.useToolkitUI" to true. Now for some reason, it appears to me that Firefox v26 has completely removed the download window altogether. I cannot for the life of me get the old downloads window back. Maybe I'm just blind/dumb, but I can't imagine why Mozilla continues to make changes like this.
C'mon, realistically, there is a rate of releases that's too slow, (critical bugs and security holes never get fixed) and a rate of releases that's too fast (add-ons can't keep up). I don't have an opinion on where the sweet spot might be, but I think it's a valid discussion.
Well, if your plugin is anything like mine, then you can simply us a profile to discover exactly what the sweet spot is between releasing too quickly and not filling holes fast enough by loading up a network where an ex posts. Of course, if binary incompatibilities arise the release cycle may be exaggerated -- which is usually the case otherwise they wouldn't be exes.
even three better would be good
"Our opponent is an alien starship packed with atomic bombs," I said. "we have a protractor"
You can have critical bug and security fixes done without creating a new major release number, and those critical bug fixes can be introduced without requiring the user to receive irrelevant UI or usage changes at the same time. Firefox managed this for a very long time just fine up through version 4.
The support for the new stuff is being demanded by web site builders but not by the actual end users. The web site makers want to promote their world view of browser-as-app-framework and if that means dragging the customers dragging and screaming so be it. Ie, Mozilla wants HTML5 to be adopted as fast as possible, thus it cares more about advertisers than users.
The one possible exception might be the users of mobile devices for which any web site that uses flash (still a whole lot of 'em) doesn't work. (I know, sometimes you can make it work on some devices, but mom and pop won't be able to figure it out.) I personally am not a tablet user, but I support them, and the inability to use flash is probably users' number one complaint. They may not know that's the problem, to them the website doesn't work. This is probably the primary killer of the tablet experience, and website builders need to be encouraged to fix it quickly.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Does it use less than 250 MB of RAM while idling with no windows open, and less than 1 GB of RAM after 30 minutes of browsing? When it does, I'll get excited.
Signature intentionally left blank.
Google it!
I am at version 17 with the latest security fixes and it will updated to 24 next week:)
Next version is a year away with continual security. Addon work now and what Mozilla should have done back in 2011
http://saveie6.com/
Users will just downgrade to IE 8 on their XP and then whine to the webmasters that they need to make their site look as good as their foxfire. At least IE 8 works right?
http://saveie6.com/
But whose fault is that? Put the blame where it lies, Steve jobs trying to push his appstore crapstore lock in. I have flash on my fricking THREE YEAR OLD single core cellphone and ya know what? plays great. try HTML V5 with H.264 on anything less than a dual core and see what you get,even with hardware acceleration its a fricking pig.
So call a spade a spade, the killing of flash on mobile didn't have a damned thing to do with compatibility, or battery life, it had to do with Steve jobs making damned sure you weren't getting shit on that iPad without giving him 30%.
ACs don't waste your time replying, your posts are never seen by me.
But whose fault is that? Put the blame where it lies, Steve jobs trying to push his appstore crapstore lock in. I have flash on my fricking THREE YEAR OLD single core cellphone and ya know what? plays great. try HTML V5 with H.264 on anything less than a dual core and see what you get,even with hardware acceleration its a fricking pig.
So call a spade a spade, the killing of flash on mobile didn't have a damned thing to do with compatibility, or battery life, it had to do with Steve jobs making damned sure you weren't getting shit on that iPad without giving him 30%.
I agree with all of that, and for a long while it was the primary reason I recommended Android devices rather than the ipad. Because lots of websites don't work on the ipad. It was a compelling argument.
But then, Adobe for whatever frakking reason decided to cease support of flash on Android, and new Android devices started shipping without flash. My wife was really pissed when she got her Kindle HD and it wouldn't play video on any of her favorite sites. She nearly returned the device. (I think she should have.) I know, everything was supposed to switch to html 5 or some damned thing by now, but it's been over three years with almost no progress.
I don't care if it's html 5 or some protocol not yet invented, or if Adobe brings Flash back to mobile, or whatever. It just HAS TO WORK. Tablets will be toys to many consumers until then.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
You give the perfect example of what's wrong. You are implying that you care more about the inconvenience of having to develop a site that can work on an older browser than about the the customer
It's not like we're talking about something ancient like IE6 full of major security holes, IE8 is still only 5 years old and still supported. In fact the main reasons I see http://theie8countdown.com/ for upgrading is not due to security but because it "hampers the development of the web". Again that reinforces my point; Firefox is on its deathmarch because it wants the brave new web world whether or not its users want that world. And it wants that brave new web world because its advertiser friends have lots of money.
It is perfectly appropriate to put up a warning that IE8 users may not see all features, that at least gives them a chance to consider upgrading or to avoid your site in the future. I certainly wish I had the luxury of ignoring customers using old releases, I could get a lot of free time if I didn't have to backport bug fixes like a responsible programer.
Dude hack the thing! Its Android, the only good thing about Android is if your device don't do what you want it to do? ROM the shit out of the thing. hell my phone is from 2011, was slow as shit...with the default ROM. I put in the Area51 ROM for my phone? Not only did it comes with flash already installed but its a damned nice phone now, just a pleasure to use. i was planning on getting another phone but now i think I'll just get the larger battery for this one and call it a day.
But if the rumors are true you can thank Cupertino for adobe killing flash on android as well, the rumors are that Apple made it clear adobe would be a second class citizen on their platform if they kept flash and Adobe makes too much money of of Apple hipsters to risk that for a free player so they killed it. As for why you haven't seen squat when it comes to HTML V5? Its simple dude, take ANY video and encode 2 versions, same resolution and FPS, make one flash with Spark or VP6 and the other H.264 compatible with HTML V5 and see what you get. I can tell you that the flash video will play smoothly even on this 800Mhz single core ARM phone while the H.264 will choke anything less than a 1.2Ghz dual core without hardware acceleration and even WITH acceleration it'll suck down cycles like a drunk hitting a free mini-bar.
ACs don't waste your time replying, your posts are never seen by me.
You give the perfect example of what's wrong. You are implying that you care more about the inconvenience of having to develop a site that can work on an older browser than about the the customer
It's not like we're talking about something ancient like IE6 full of major security holes, IE8 is still only 5 years old and still supported. In fact the main reasons I see http://theie8countdown.com/ for upgrading is not due to security but because it "hampers the development of the web". Again that reinforces my point; Firefox is on its deathmarch because it wants the brave new web world whether or not its users want that world. And it wants that brave new web world because its advertiser friends have lots of money.
It is perfectly appropriate to put up a warning that IE8 users may not see all features, that at least gives them a chance to consider upgrading or to avoid your site in the future. I certainly wish I had the luxury of ignoring customers using old releases, I could get a lot of free time if I didn't have to backport bug fixes like a responsible programer.
I am advocating that pushing change too hard and ignoring users makes them die hard afraid of change which puts the cost to you.
I just saw a video yesterday that asked users what a browser was? Answer was Yahoo or Google. these were not nursing home seniors but average Joes! Asking them to change is beyond their ability to gasp.
http://saveie6.com/
WTF is it with the Gecko engine and "senior moments"?
That's caused by the lack of a multi-process model in Firefox. Mozilla is working on it under the codename Electrolysis (e10s). It's still incomplete, but you can try it out by opening about:config, turning on browser.tabs.remote, and restarting Firefox. One drawback is that click-to-play is broken, as are "many plugins".
All of Firefox's plugins have security problems. Requiring click-to-play only for Java while ignoring all other plugins comes off as biased.
Oh, *I* can hack it. I've got the last supported version of Flash up in the Dolphin browser on my device. But the install process is not something you can expect Fred and Ethyl Mertz to do. To them, it just doesn't work. Still. And personally, I'm unwilling to hack a solution on a client's or family member's device, try to explain how to use it and then support it afterwards. That seems to be a good way to get buried in a bunch of hacks you'll have to support forever.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Cookies are needed for an anonymous session, such as adding items to your shopping cart before logging in. HTTP Basic authentication isn't capable of distinct anonymous sessions.
Our long-term strategy is to make it so that nobody needs to use plugins by adding new web APIs
The illustration on the page you linked uses Silverlight as an example. Netflix uses Silverlight so that it can wrap rented videos in Microsoft's PlayReady digital restrictions management, and lack of PlayReady is why it doesn't work in Moonlight. Video on demand providers use digital restrictions management in the first place to deter users from in effect teeing a rented video into an encoder and keeping it past the rental period. How would VOD work on a browser distributed as free software without any proprietary plug-ins?
The page you linked states: "As browsers have advanced, this kind of feature development can occur directly within the browser using technologies such as WebGL" but this page, on Firefox 25.0.1 on Xubuntu 12.04 LTS on a laptop with an Atom N450, states: "Hmm. While your browser seems to support WebGL, it is disabled or unavailable. If possible, please ensure that you are running the latest drivers for your video card." A lot of users aren't in the position to buy a brand new PC just to be able to switch from Flash or native apps to web applications.
The page also mentions asm.js, but do non-Firefox web browsers, such as Chrome, Safari, and IE, support it yet? Otherwise, will have to write the program several times: once in asm.js for Firefox, once in Native Client for Chrome for PC, once as a native app for Android if the user hasn't already switched from Android Browser or Chrome to Firefox for Android, and then once as a native app for each platform that IE or Safari runs on.
and to use the mobile web as leverage to get new sites to use native HTML APIs
That won't especially help when Apple refuses to implement key HTML APIs in its iVersion of the mobile web. True, Safari for iOS can't run Flash anyway, but the idea on mobile is to get developers away from making platform-specific apps.
Quick question: Using HTML APIs, how should a web application let the user select a folder (or "directory" if you insist) on the local machine and upload all files in the folder?
I've been browsing for a few hours, and Xfce Task Manager on the previous version (Firefox 25.0.1) shows a resident set size of 272 MB. My PC has 1 GB of RAM, and I routinely stay out of thrashing swap even with nine Cracked.com tabs open. Part of how I keep Firefox slim is that I use the Flashblock extension, so that sites other than YouTube and Newgrounds and a couple other whitelisted sites aren't allowed to load the Flash Player until I click.
A while ago they were blocking Java outright. Click to play is a great compromise: it's much harder for an attacker to get the user to click on something than to simply load something in the background. It's also much easier for users to log into their bank or view scientific illustrations in Java (possibly other things too:).
Java has been slow at patching bugs, so I understand why they're getting the stick harder than flash. And their installer is insane, you have to install the 32 bit java to make it work in the browser, but that's not obvious from the download page
Not to mention that even if you can hack it should you have to? Flash has been around a long time and is used widely. Someone bringing a device to market should support it period. You've paid your money for a cool device that does what it advertises it does (and they generally don't advertise disclaimers like "you tube will not work, CNN views will not open" etc) not for a hobby/side job figuring out their software/hardware glitches for them.
750 MB usage currently. Only running AdBlock, and I have 2 tabs from Slashdot open, so I think it is still very much a current issue.
Signature intentionally left blank.
and how would they know to block it?
By the fact that advertisement URLs are not being requested. You currently sail under the radar but won't if your dream browser should become popular.
You know that there are plenty music and video players available other than the browser?
Among all the external music and video players, which external music and video player should a site's operator choose to support?
Oh yeah, there are the crappy coded websites. Let that be their problem, not mine.
In what non-crappy manner should sites be coded instead to support expansion of a tree, such as a product category tree or a comment reply tree? And in what non-crappy manner should sites be coded instead to support a shopping cart model? Would you prefer having to register and log in in order to shop?
..currently sail under the radar..
Awesome. So basically all those shit websites would disappear. I can live with that
which external music and video player should a site's operator choose to support
Magic, my friend. Just put a link to the mp3 or mp4 on your site. Works like a charm. In fact, it would be less hassle, pain and suffering for everyone involved.
in what non-crappy manner should sites be coded?
You kidding, right? Currently even to get to a webpage, you go through like 8 redirects. So this one is very easy to answer. You need two things:
1. hire decent developers
2. make sure that the back button works
Just put a link to the mp3 or mp4 on your site. Works like a charm.
If Internet radio worked that way, then you'd end up downloading the station's entire playlist. This is unacceptable to the copyright owners who license the recordings to the station.
in what non-crappy manner should sites be coded?
You kidding, right?
No. I seek to become a decent developer, and I'm asking you how a decent developer should solve the problems caused by trying to implement the rich interactions that web users expect without using any form of client-side script. How would a decent developer work around the lack of cookies when adding an item to the visitor's shopping cart? How would a decent developer work around the lack of JavaScript when trying to update the image in a web-based collaborative paint program, update the list of messages sent to a channel in a web-based chat program, scroll a large map, etc.?
OK, let's back up a second and make sure that we are not kidding ourselves into thinking that any music played on a computer cannot somehow be recorded.
The record labels and movie studios have become comfortable with analog reconversion for private use that includes a DAC-speaker-microphone-ADC or DAC-display-camera-ADC in the path, just not digital reconversion that doesn't include this highly lossy step. Besides, a lot of video streams are considered rentals, and the provider wants to deter users from keeping the video past the rental period, which is a violation of terms of service.
I'm also not going to google for you how to maintain session state without cookies.
I just did, and I'm going to explain why I don't like the solutions that I found on the first couple pages of results.
What keywords should I have used instead?
But as long as you make sure that the back buttons works, on all pages, all the time, even on your landing page
Cookies handle the back button better than the leading cookieless solution (session ID in URL) does.
you will be a much better developer.
I have tried to keep to this philosophy on an online store that I maintain on behalf of my employer, even though it does use a session cookie, does use the occasional (optional) animation, and does use the occasional (optional) script. We don't use anything like the Facebook/Twitter/Google+ social recommendation crap that too many sites use.