I'd also like to comment that I'm very concerned with the keep-piling-on-features mentality in Firefox. I want a web browser - not an OS/desktop-in-a-window. The whole reason that firefox was born was that everybody was tired of Mozilla having 47 huge features that nobody needed. Let's stick to the basics and do them right. If they want to come out with a few other apps that can tightly integrate with firefox, that's great - but let's let the stand-alone browser be a stand-alone browser...
I'm surprised to hear this. I had the impression that Firefox 3 was much heavier on improvements (speed, memory, security, stability, OS integration) and lighter on new features than any other recent version, despite the long development cycle.
Even the 40 or so "new features" I listed in my unofficial changelog are mostly replacements for, or subtle enhancements to, existing features. That's a drop in the bucket compared to the hundreds of speed and memory improvements and over 16000 total bug fixes.
Are there any new features that you think are especially "bloaty" or damaging to the user experience, or any aspects of quality that you feel have been neglected?
I double checked, and unless the process is running under a name other than "Firefox" or "Mozilla", that's not the problem.
It's possible that it's "Gran Paradiso" or "Minefield", but I'd expect it to be "Firefox". How does Firefox 3 Beta 5 identify itself in the process list when you know it is running?
In the past, when it has been a problem, I at least got a dialog telling me to quit the running process.
That might have changed on Linux between version 2 and version 3; I'm not sure. What happens if you try to run Firefox 3 Beta 5 while Firefox 3 Beta 5 is already running?
I'm getting nothing at all.
You just get a Firefox window that identifies itself as Beta 5 in the About window?
Your response suggests that I should be seeing some kind of installation sequence. What do you do to start the install?
Nope, you should be able to just extract the archive and run Firefox. Firefox only has an installer on Windows.
Maybe you have a Firefox 3 Beta 5 process running, and Firefox 3 RC1 sees that and instructs the Beta 5 process to open a new window? At least on Windows, Firefox tries to avoid having multiple instances running (with the same Firefox profile).
Which OS are you using, and which Firefox theme are you using? Have you tried clicking "Restore Default Set" in the Customize Toolbars sheet? (Back up your localstore.rdf if you want to be able to file a bug report later.)
Knowing how to use the tools offers no protection against scams.
Part of knowing how to use a browser is knowing how to parse URLs. That's unfortunate, but I think it makes more sense to blame browser makers (and perhaps also users) than to blame criminals in this case.
No, the relevant security decision was making double-click mean both "display" and "launch". Showing extensions only helps people who have memorized the meaning of dozens of extensions and check the extension every time.
Firefox nightlies also have native getElementsByClassName, fwiw. I don't know how many sites currently use native implementations when available, but after Firefox 3 and Safari 3.1 ship, I bet lots of sites will.
The benchmark used in this article is a JavaScript benchmark, but PGO was enabled for most components of Firefox, not just the JavaScript engine. And even if only the JavaScript engine improved in speed, you'd see a speed boost despite having JavaScript disabled in web pages, since parts of Firefox itself are implemented in JavaScript.
Why? For most users, having fast (and accurate!) back/forward is more useful than having Firefox allocate less RAM. The feature even automatically turns itself off if you don't have a lot of physical RAM.
Turning off bfcache might be useful for rudimentary leak detection, but a proper leak-detection tool is less likely to be confused by fragmentation, other caches, or the OS simply not reclaiming memory that the application has relinquished.
I believe Firefox 3's implementations of resumable downloads and the APNG image format came from GSoC participants. The continued support of MathML in Firefox 3 may also be due in part to the work of a GSoC participant. We've also had a few not-so-successful GSoC projects.
An interesting feature of google that I've always liked is the "This page may harm your computer" or whatever they put on dangerous links. I wonder how viable it would be to have a firefox plugin that did something similar.
Firefox 3 does this. If you start to load a site that's in Google's database of malicious (and compromised) pages, Firefox 3 will show a big red "Suspected attack site!" thing instead of parsing the page.
Mozilla and Google put a lot of effort into making it possible to do this without slowing down page loads. Firefox downloads a list of 32-bit hash prefixes for compromised sites. If a hash prefix matches (which will happen on any malicious page load and perhaps 0.1% of other page loads), Firefox asks Google for the rest of the hash. Both the local database lookup (which can require disk access) and the possible request to Google happen in parallel with Firefox resolving the DNS entry and connecting to the site.
Last week, the site of Firebug author Joe Hewitt was compromised, and Firefox 3 Beta 3 users saw this.
Pausing and resuming downloads should work in Firefox 3 Beta 1 and onward. It was pretty lame that Firefox 2 had "pause" and "resume" links that didn't actually work.
Some browser vulnerabilities can be exploited without plugins or JavaScript, so even if you have those disabled, you'll be safer if you update to a current version.
What's so hostile about "we're fixing leaks as fast as we can, but we can't tell you whether *your particular leak* has been fixed without more information"?
It shows up like that because of a misconfiguration on webstandards.org. (In particular, "not found" pages are served as 200 instead of 404.) Safari and Opera will show you the same thing. Hixie is trying to get it fixed.
CPU usage affects power consumption and therefore battery life. So it's bad if an application is using 20% CPU all the time, even when you're not using it.
Most memory leak bugs in Firefox have been cross-platform, and we haven't switched allocators on any platform yet, so I'd expect the results to be similar on Linux.
Operating systems use large amounts of memory for two things: application memory and caching reads from the hard drive. Normally, this is a good thing, as it speeds up file access using RAM that otherwise wasn't being used at all or wasn't being used actively. But sometimes it isn't very smart; for example, on my Mac, grepping through a few thousand 1MB log files can result in applications being paged out.
Forcing the page file down to 2MB sounds like a kludgy way to keep your application memory in physical RAM. For one thing, it means that if you try to run too many applications at once, you'll hit out-of-memory errors (which often result in application crashes). Perhaps there's a way to limit the page cache or tell your operating system to prefer using physical RAM for application memory rather than the page cache?
Slashdot Mirror
I'd also like to comment that I'm very concerned with the keep-piling-on-features mentality in Firefox. I want a web browser - not an OS/desktop-in-a-window. The whole reason that firefox was born was that everybody was tired of Mozilla having 47 huge features that nobody needed. Let's stick to the basics and do them right. If they want to come out with a few other apps that can tightly integrate with firefox, that's great - but let's let the stand-alone browser be a stand-alone browser...
I'm surprised to hear this. I had the impression that Firefox 3 was much heavier on improvements (speed, memory, security, stability, OS integration) and lighter on new features than any other recent version, despite the long development cycle.
Even the 40 or so "new features" I listed in my unofficial changelog are mostly replacements for, or subtle enhancements to, existing features. That's a drop in the bucket compared to the hundreds of speed and memory improvements and over 16000 total bug fixes.
Are there any new features that you think are especially "bloaty" or damaging to the user experience, or any aspects of quality that you feel have been neglected?
I double checked, and unless the process is running under a name other than "Firefox" or "Mozilla", that's not the problem.
It's possible that it's "Gran Paradiso" or "Minefield", but I'd expect it to be "Firefox". How does Firefox 3 Beta 5 identify itself in the process list when you know it is running?
In the past, when it has been a problem, I at least got a dialog telling me to quit the running process.
That might have changed on Linux between version 2 and version 3; I'm not sure. What happens if you try to run Firefox 3 Beta 5 while Firefox 3 Beta 5 is already running?
I'm getting nothing at all.
You just get a Firefox window that identifies itself as Beta 5 in the About window?
Your response suggests that I should be seeing some kind of installation sequence. What do you do to start the install?
Nope, you should be able to just extract the archive and run Firefox. Firefox only has an installer on Windows.
Maybe you have a Firefox 3 Beta 5 process running, and Firefox 3 RC1 sees that and instructs the Beta 5 process to open a new window? At least on Windows, Firefox tries to avoid having multiple instances running (with the same Firefox profile).
Which OS are you using, and which Firefox theme are you using? Have you tried clicking "Restore Default Set" in the Customize Toolbars sheet? (Back up your localstore.rdf if you want to be able to file a bug report later.)
Google tells me the book that mentions the energy filter is "The Engines of God" by Jack McDevitt.
Knowing how to use the tools offers no protection against scams.
Part of knowing how to use a browser is knowing how to parse URLs. That's unfortunate, but I think it makes more sense to blame browser makers (and perhaps also users) than to blame criminals in this case.
No, the relevant security decision was making double-click mean both "display" and "launch". Showing extensions only helps people who have memorized the meaning of dozens of extensions and check the extension every time.
Nearly all browser security bugs that aren't of the XSS-type are due to buffer overflows.
Really? Most of the memory-safety bugs I find in Gecko are due to use of dangling pointers. I've only found a few buffer overflow bugs.
Don't forget that this is a beta. Bug 406730 is likely to be fixed before Firefox 3 ships, at least for Leopard.
Firefox nightlies also have native getElementsByClassName, fwiw. I don't know how many sites currently use native implementations when available, but after Firefox 3 and Safari 3.1 ship, I bet lots of sites will.
The benchmark used in this article is a JavaScript benchmark, but PGO was enabled for most components of Firefox, not just the JavaScript engine. And even if only the JavaScript engine improved in speed, you'd see a speed boost despite having JavaScript disabled in web pages, since parts of Firefox itself are implemented in JavaScript.
Why? For most users, having fast (and accurate!) back/forward is more useful than having Firefox allocate less RAM. The feature even automatically turns itself off if you don't have a lot of physical RAM.
Turning off bfcache might be useful for rudimentary leak detection, but a proper leak-detection tool is less likely to be confused by fragmentation, other caches, or the OS simply not reclaiming memory that the application has relinquished.
I believe Firefox 3's implementations of resumable downloads and the APNG image format came from GSoC participants. The continued support of MathML in Firefox 3 may also be due in part to the work of a GSoC participant. We've also had a few not-so-successful GSoC projects.
An interesting feature of google that I've always liked is the "This page may harm your computer" or whatever they put on dangerous links. I wonder how viable it would be to have a firefox plugin that did something similar.
Firefox 3 does this. If you start to load a site that's in Google's database of malicious (and compromised) pages, Firefox 3 will show a big red "Suspected attack site!" thing instead of parsing the page.
Mozilla and Google put a lot of effort into making it possible to do this without slowing down page loads. Firefox downloads a list of 32-bit hash prefixes for compromised sites. If a hash prefix matches (which will happen on any malicious page load and perhaps 0.1% of other page loads), Firefox asks Google for the rest of the hash. Both the local database lookup (which can require disk access) and the possible request to Google happen in parallel with Firefox resolving the DNS entry and connecting to the site.
Last week, the site of Firebug author Joe Hewitt was compromised, and Firefox 3 Beta 3 users saw this.
Pausing and resuming downloads should work in Firefox 3 Beta 1 and onward. It was pretty lame that Firefox 2 had "pause" and "resume" links that didn't actually work.
First, I can't authorize *just* this extension. I have to authorize every extensions from the site, which is generally not what I want.
You seem to be describing Firefox 2. This has been fixed in Firefox 3; it takes 3 clicks to install an extension now. (The patch was in bug 252830.)
Are you talking about sites that FedEx customers use or just sites that FedEx employees use?
Some browser vulnerabilities can be exploited without plugins or JavaScript, so even if you have those disabled, you'll be safer if you update to a current version.
Are you allowed to bring a battery in your MacBook Pro and a charged spare for a long flight?
You can, however, fire a chair with a slingshot.
What's so hostile about "we're fixing leaks as fast as we can, but we can't tell you whether *your particular leak* has been fixed without more information"?
It shows up like that because of a misconfiguration on webstandards.org. (In particular, "not found" pages are served as 200 instead of 404.) Safari and Opera will show you the same thing. Hixie is trying to get it fixed.
The version of Acid 2 on the author's website works fine.
CPU usage affects power consumption and therefore battery life. So it's bad if an application is using 20% CPU all the time, even when you're not using it.
Most memory leak bugs in Firefox have been cross-platform, and we haven't switched allocators on any platform yet, so I'd expect the results to be similar on Linux.
Operating systems use large amounts of memory for two things: application memory and caching reads from the hard drive. Normally, this is a good thing, as it speeds up file access using RAM that otherwise wasn't being used at all or wasn't being used actively. But sometimes it isn't very smart; for example, on my Mac, grepping through a few thousand 1MB log files can result in applications being paged out.
Forcing the page file down to 2MB sounds like a kludgy way to keep your application memory in physical RAM. For one thing, it means that if you try to run too many applications at once, you'll hit out-of-memory errors (which often result in application crashes). Perhaps there's a way to limit the page cache or tell your operating system to prefer using physical RAM for application memory rather than the page cache?