It is not that Pepper is limited to the performance of HTML5. Rather, Pepper is limited to the same security restrictions as HTML5. There is a compatible security model for NaCl and JS. That's what is different and unique about this plugin model (NaCl+Pepper), as compared to NPAPI or ActiveX.
Microsoft probably won't implement this exact feature, but due to a bug in IE, it is already possible for websites to implement something similar. I added a comment to my blog with details.
I think Google has leveraged this feature in a very intelligent way because they only insert link prefetching hints when they are very confident that the target page is the one you are looking for. For the vast majority of searches, there are no link prefetching hints.
Moveover, please understand that Google or any other site could just as easily use JavaScript to prefetch these documents (using XMLHttpRequest from an onload handler). The link prefetching feature in Mozilla is designed as an alternative to JavaScript based techniques.
It is good because it gives the browser control over the prefetching process. That allows the browser to be smart about bandwidth usage. For example, Mozilla will only prefetch one document at a time, and it will cancel the prefetches whenever the user loads anything else. Mozilla will also tell sites that the request is a prefetch and not a normal request. That way sites can properly account for these requests in their traffic logging.
If you've ever written code to prefetch images (using "new Image()") that will be shown later when the user mouses over some element in the page, then this feature gives you a better way to do that.
In short, this is a good thing for users:-)
Re:One hack I want
on
Firefox Hacks
·
· Score: 2, Interesting
Try "http://somecompany.com" (without the "*")
If it doesn't work, please let us know!;-)
Yup, our NTLM support is 100% cross-platform. Just remember to enter your domain and username as "domain\username" when prompted or it won't work;-)
Under Windows you can configure Firefox to send your default NTLM credentials automatically. This is not enabled by default (except for proxy server authentication).
There is also support for Kerberos via SPNEGO. More info:
http://www.mozilla.org/projects/netlib/integrated- auth.html
Bayesian spam filtering was first added to the Mozilla codebase on September 9, 2002 by Dan Mosedale. The first major release to include it was Mozilla 1.3 Alpha, which was published on December 13, 2002. Is that not prior art?
All Messenger traffic must pass through some centralized server or else you would never be able to use Messenger from behind a firewall/NAT. It only looks like P2P, but in reality I'm sure it cannot be.
Re:support for NTLM authentication
on
Mozilla 1.4b Loosed
·
· Score: 4, Informative
> Standard HTTP authentication is hideously broken. It's plain text. Period. That's all there is to it. It's goddamn plain text.
Bogus. See RFC 2617 section #3, which outlines Digest (MD5) authentication. Digest auth is far superior to NTLM auth because it uses stronger crypto. The only reason to support NTLM is for compatibility with older microsoft products.
interesting suggestion...
1.1alpha already blocks some servers like IIS/4.X and NES/3.X that are known to not handle pipelined requests properly. there are a number of other sites that we know have problems, but we probably will never get them all. a user configurable black list sounds like a decent way to deal with this problem. thx for the suggestion!
Slashdot Mirror
It is not that Pepper is limited to the performance of HTML5. Rather, Pepper is limited to the same security restrictions as HTML5. There is a compatible security model for NaCl and JS. That's what is different and unique about this plugin model (NaCl+Pepper), as compared to NPAPI or ActiveX.
Microsoft probably won't implement this exact feature, but due to a bug in IE, it is already possible for websites to implement something similar. I added a comment to my blog with details.
No, it should not. In fact, Firefox should suppress all update UI when the user doesn't have permission to modify the Firefox installation directory.
I think Google has leveraged this feature in a very intelligent way because they only insert link prefetching hints when they are very confident that the target page is the one you are looking for. For the vast majority of searches, there are no link prefetching hints. Moveover, please understand that Google or any other site could just as easily use JavaScript to prefetch these documents (using XMLHttpRequest from an onload handler). The link prefetching feature in Mozilla is designed as an alternative to JavaScript based techniques. It is good because it gives the browser control over the prefetching process. That allows the browser to be smart about bandwidth usage. For example, Mozilla will only prefetch one document at a time, and it will cancel the prefetches whenever the user loads anything else. Mozilla will also tell sites that the request is a prefetch and not a normal request. That way sites can properly account for these requests in their traffic logging. If you've ever written code to prefetch images (using "new Image()") that will be shown later when the user mouses over some element in the page, then this feature gives you a better way to do that. In short, this is a good thing for users :-)
Try "http://somecompany.com" (without the "*") If it doesn't work, please let us know! ;-)
Yup, our NTLM support is 100% cross-platform. Just remember to enter your domain and username as "domain\username" when prompted or it won't work ;-)
Under Windows you can configure Firefox to send your default NTLM credentials automatically. This is not enabled by default (except for proxy server authentication).
There is also support for Kerberos via SPNEGO. More info:
http://www.mozilla.org/projects/netlib/integrated- auth.html
Bayesian spam filtering was first added to the Mozilla codebase on September 9, 2002 by Dan Mosedale. The first major release to include it was Mozilla 1.3 Alpha, which was published on December 13, 2002. Is that not prior art?
All Messenger traffic must pass through some centralized server or else you would never be able to use Messenger from behind a firewall/NAT. It only looks like P2P, but in reality I'm sure it cannot be.
> Standard HTTP authentication is hideously broken. It's plain text. Period. That's all there is to it. It's goddamn plain text.
Bogus. See RFC 2617 section #3, which outlines Digest (MD5) authentication. Digest auth is far superior to NTLM auth because it uses stronger crypto. The only reason to support NTLM is for compatibility with older microsoft products.
Darin
rel=prefetch is something we hope to turn into a standard eventually. it is better than overloading the meaning of rel=next.
interesting suggestion... 1.1alpha already blocks some servers like IIS/4.X and NES/3.X that are known to not handle pipelined requests properly. there are a number of other sites that we know have problems, but we probably will never get them all. a user configurable black list sounds like a decent way to deal with this problem. thx for the suggestion!