|
hooah posted:How real-life dangerous is this vulnerability due to the way Firefox's extensions aren't sandboxed (Ars article) for people who don't just install every add-on they find?
|
#
?
Apr 6, 2016 01:00
|
|
|
|
| # ? Apr 19, 2024 14:17 |
|
|
hooah posted:How real-life dangerous is this vulnerability due to the way Firefox's extensions aren't sandboxed (Ars article) for people who don't just install every add-on they find? Alereon posted:Not at all, since you have to install a malicious extension. Who could have predicted this coming?!? Klyith fucked around with this message at 01:05 on Apr 6, 2016 |
|
#
?
Apr 6, 2016 01:03
|
|
|
hooah posted:How real-life dangerous is this vulnerability due to the way Firefox's extensions aren't sandboxed (Ars article) for people who don't just install every add-on they find? Extensions are executable code so you should only install ones that you trust from a trusted source. The technique in the article is really just obfuscation that might make it easier to fool reviewers. The proof of concept that got signed was just an extension that opened a website, so it doesn't seem that scary.
|
|
#
?
Apr 6, 2016 02:57
|
|
|
i'm having a really loving weird problem with youtube all of a sudden. every video I watch gets played multiple times, layering over and over into some terrifying mess. Disabling all the regular problem addons isn't fixing it. Has anybody else experienced this?
|
|
#
?
Apr 7, 2016 03:45
|
|
|
sick trigger posted:i'm having a really loving weird problem with youtube all of a sudden. every video I watch gets played multiple times, layering over and over into some terrifying mess. Disabling all the regular problem addons isn't fixing it. Has anybody else experienced this? What about disabling all extensions? Did you walk through the steps in the OP?
|
|
#
?
Apr 7, 2016 03:57
|
|
|
Have they made a public release with the fix for GIFs yet?
|
|
#
?
Apr 8, 2016 02:08
|
|
|
Kheldarn posted:Have they made a public release with the fix for GIFs yet? All releases including nightlies are public. However, I assume you mean, "Has the fix hit the Release Channel yet?" The answer is no (it is a part of Firefox 47).
|
|
#
?
Apr 8, 2016 02:11
|
|
|
Avenging Dentist posted:All releases including nightlies are public. However, I assume you mean, "Has the fix hit the Release Channel yet?" The answer is no (it is a part of Firefox 47). Thank you. And I knew I was gonna word that bad. Sorry.
|
|
#
?
Apr 8, 2016 02:14
|
|
|
So I upgraded from a GTX 970 to a GTX 980 Ti and fullscreen Youtube in Firefox became unwatchtable (15fps or so, regardless of settings, UI was unresponsive). Disabling addons and hardware acceleration did nothing to fix it. Turns out Firefox caches a bunch of settings inside about:config under gfx, but it's not smart enough to realize that the video card has changed. Resetting those settings fixed it, but it took me a long time to figure that out. Building a device specific cache and then not invalidating it when that device changes is a loving awful idea.
|
|
#
?
Apr 9, 2016 09:03
|
|
|
According to this, the recursion issue that was keeping Vines from playing was fixed in a nightly build on 3/19 https://bugzilla.mozilla.org/show_bug.cgi?id=1247496 Any idea when we might expect this fix in a public release? Because it's still busted for me in x64 45.0.1 :\
|
|
#
?
Apr 10, 2016 17:45
|
|
|
Gerudo Rivera posted:According to this, the recursion issue that was keeping Vines from playing was fixed in a nightly build on 3/19 https://bugzilla.mozilla.org/show_bug.cgi?id=1247496 If it is fixed in the current Nightly (Firefox 48) and isn't backported to an earlier branch, then you are looking at August 1st.
|
|
#
?
Apr 10, 2016 17:50
|
|
|
Gerudo Rivera posted:According to this, the recursion issue that was keeping Vines from playing was fixed in a nightly build on 3/19 https://bugzilla.mozilla.org/show_bug.cgi?id=1247496 The issue was fixed in https://bugzilla.mozilla.org/show_bug.cgi?id=1257234 It should be fixed in Firefox 46. You can look under Tracking Flags where it says "status-firefox46: fixed". It was uplifted to Beta in comment 25.
|
|
#
?
Apr 11, 2016 00:09
|
|
|
Thanks! Glad to hear it should be gone in the next release. Hope it drops soon.
|
|
#
?
Apr 11, 2016 03:24
|
|
|
Desuwa posted:Turns out Firefox caches a bunch of settings inside about :config under gfx, but it's not smart enough to realize that the video card has changed. Resetting those settings fixed it, but it took me a long time to figure that out. Building a device specific cache and then not invalidating it when that device changes is a loving awful idea. What was the location where this info is stored? At work we've had quite a bit of problem with Firefox's hardware acceleration and it might have something to with this and our roaming profile setup. User starts Firefox on one computer, stores the GPU settings and later logs in on another computer with different hardware but has the same Firefox profile.
|
|
#
?
Apr 12, 2016 15:39
|
|
|
Saukkis posted:What was the location where this info is stored? I went into about :config, searched for gfx, reset everything that had been changed, then restarted Firefox. I imagine that will be fine, probably you'll want to backup your profile before doing it just in case.
|
|
#
?
Apr 12, 2016 19:09
|
|
|
 Google's Widevine EME Content Decryption Module is slated for Firefox 47.
|
|
#
?
Apr 13, 2016 21:08
|
|
|
astral posted:
Explain this for the layperson please.
|
|
#
?
Apr 13, 2016 21:13
|
|
|
WattsvilleBlues posted:Explain this for the layperson please. Firefox will be able to watch more DRM-protected videos without requiring full plugins (like Flash). Content providers' restrictions on resolutions/bitrates available to Firefox due to lack of supported DRM ought to relax, too. I can't find a good current list of content providers that use Widevine but at least in the past the list seems to have included:
|
|
#
?
Apr 13, 2016 21:23
|
|
|
American or some other airline offered free inflight movies but required that plugin. I got bored enough that I'd install a weird DRM goop onto my laptop. It didn't work and I sat there in silence unsurprised another piece of google software was hot garbage. That's my Widevine story thank you.
|
|
#
?
Apr 13, 2016 21:28
|
|
|
astral posted:Firefox will be able to watch more DRM-protected videos without requiring full plugins (like Flash). Then what good is that "Primetime Content Decryption Module provided by Adobe Systems, Incorporated" that Firefox installs automatically?
|
|
#
?
Apr 13, 2016 21:28
|
|
|
From Mozilla's blog:quote:As we previously announced, Mozilla has been working to enable playback of HTML5 video content that requires DRM. Last year, we launched with Adobe’s Primetime CDM and now we will soon be testing Firefox support for Google’s Widevine CDM on Windows and Mac OS X. Firefox will download the CDM shortly after users first run Firefox after installing or upgrading. The CDM will be activated when users first interact with a site that uses Widevine. Geemer posted:Then what good is that "Primetime Content Decryption Module provided by Adobe Systems, Incorporated" that Firefox installs automatically? That's for Adobe's Primetime DRM. Many content providers are using that already - Netflix's HTML5 player on Firefox is protected by that, for example. Other DRM schemes are out there like Microsoft's PlayReady and Apple's FairPlay, but I think it's unlikely we'd see those come to Firefox. astral fucked around with this message at 21:47 on Apr 13, 2016 |
|
#
?
Apr 13, 2016 21:43
|
|
|
I got really frustrated with uBlock Origin and an html5 video last night because I couldn't block the video from playing, kinda. It was just some random video in the sidebar of a website I don't even remember anymore, completely not related to the actual content but it just decided to start playing. I was able to block the actual video from showing up, hell the entire div container even, but the audio kept playing every time I refreshed even when the entire video player was blocked. So god drat loving annoying. So I disabled uBlock Origin and gave uMatrix another shot. The first time I tried this plugin I thought it was too confusing but now that I've spent some time with it it's not so bad. I wish there was a way to see what is requesting something though so I can better decide if I want to allow it or not. Right now I have everything except 1st party css and images blocked, and I've allowed some global things like imgur and webfont websites. For the sites I use every day I've spent some time tweaking the matrix to get proper functionality back. Hasn't taken too much work actually. Boris Galerkin fucked around with this message at 14:07 on Apr 14, 2016 |
|
#
?
Apr 14, 2016 14:04
|
|
|
astral posted:From Mozilla's blog: What's even the point of an HTML5 EME standard if everyone's married to their own different flavor of it?
|
|
#
?
Apr 14, 2016 22:15
|
|
|
Sir Unimaginative posted:What's even the point of an HTML5 EME standard if everyone's married to their own different flavor of it? Think of EME as a more focused and restricted plugin API than the old NPAPI used by Flash, Silverlight, etc. It's there for one very specific purpose - to allow third-party content decryption modules (CDMs) to decode protected media. The big bonus is EME doesn't give them anywhere near the same level of privileges previously available to flash/silverlight, so you can enjoy DRM-protected content without also enjoying the ludicrous number of exploits etc.
|
|
#
?
Apr 14, 2016 23:24
|
|
|
Is there an extension (or a planned feature) that would copy Chrome's behavior when using the scrollbar on an "infinite scrolling" page like Twitter? I may be one of 10 surviving people who click and drag the scrollbar to move down a page, but the ten of us hate it when the page jumps all over the place as new content gets appended to the DOM. Searching Mozilla's bug tracker/forums doesn't yield much about this, but it does sound like they're planning an overhaul of their scrolling code, at least for performance. Does anyone else even know what I'm talking about? 
|
|
#
?
Apr 16, 2016 06:23
|
|
|
Flipperwaldt posted:You're supposed to ctrl+click on one of the suggested alternative rules below the text field. Specifically the one that concerns the featuredimage block. While this works fine on my laptop (and I think my lab computer, not sure off the top of my head), it definitely isn't working on my home desktop, even after exporting the filters from my laptop and importing them to my desktop. Why the heck is that?
|
|
#
?
Apr 20, 2016 00:33
|
|
|
I'm having an issue with Firefox security. Some sites (notably DriveThruRPG's login page) just refuse to load and Firefox complains about the secure connection failing. A friend suggested I check out Runescape Chronicle (some card game) and that site doesn't load, either. Those are the only two offhand, but I get it for other sites occasionally. I'm running 45.0.2 with very few plugins, since it's a fresh install after a Windows 10 upgrade. Nothing that interacts with page content besides uBlock Origin. I'm just using Windows Defender for AV and, as implied, a clean install of Windows didn't help the issue. All this stuff works fine in Chrome, so I'm reasonably sure it's Firefox. Any thoughts? Googling has been entirely unhelpful.
|
|
#
?
Apr 21, 2016 03:33
|
|
|
Echophonic posted:I'm having an issue with Firefox security. Some sites (notably DriveThruRPG's login page) just refuse to load and Firefox complains about the secure connection failing. A friend suggested I check out Runescape Chronicle (some card game) and that site doesn't load, either. Those are the only two offhand, but I get it for other sites occasionally. Please post the error message you're getting. Are your time and date set correctly? Though I imagine that would break it on Chrome, too.
|
|
#
?
Apr 21, 2016 03:38
|
|
|
astral posted:Please post the error message you're getting. Yeah, time and date's correct, that was one of the things I saw as a potential issue. I just tried it on someone else's computer and it works fine, so I guess it's something to do with my machine. Here's what I get on rschronicle, it's the same on DriveThru. Doesn't even give me the option to inspect the certificate. 
|
|
#
?
Apr 21, 2016 03:54
|
|
|
Echophonic posted:Yeah, time and date's correct, that was one of the things I saw as a potential issue. I just tried it on someone else's computer and it works fine, so I guess it's something to do with my machine. You can inspect the certificate by visiting: code:Please post a screenshot of the certificate viewer window's general tab. 
|
|
#
?
Apr 21, 2016 04:26
|
|
|
astral posted:You can inspect the certificate by visiting: Nothing comes up. It won't even pull the cert to complain about it. Really strange. I appreciate the help looking into this, by the way. 
|
|
#
?
Apr 21, 2016 04:34
|
|
|
Echophonic posted:Nothing comes up. It won't even pull the cert to complain about it. Really strange. I appreciate the help looking into this, by the way. Interesting. Can you see if you have a non-default (the default is 3) setting in about :config for security.tls.version.max?
|
|
#
?
Apr 21, 2016 04:38
|
|
|
astral posted:Interesting. Can you see if you have a non-default (the default is 3) setting in about :config for security.tls.version.max? Looks like it was set to 1. I reset it and now it looks like stuff's working. I have no idea why it would have been set like that, I certainly don't remember doing it. Thanks!
|
|
#
?
Apr 21, 2016 04:40
|
|
|
Echophonic posted:Nothing comes up. It won't even pull the cert to complain about it. Really strange. I appreciate the help looking into this, by the way. Have you tried using Google's DNS servers (8.8.8.8 and 8.8.4.4) and flushing your DNS cache? Probably won't make a difference but it's worth a shot.
|
|
#
?
Apr 21, 2016 04:41
|
|
|
Echophonic posted:Looks like it was set to 1. I reset it and now it looks like stuff's working. I have no idea why it would have been set like that, I certainly don't remember doing it. Thanks! Great! Since you aren't sure about why that happened, it might also be worth a moment to check https://www.howsmyssl.com/ (which I just learned about, else I'd have suggested it sooner) and see if it has any complaints.
|
|
#
?
Apr 21, 2016 04:54
|
|
|
astral posted:Great! Since you aren't sure about why that happened, it might also be worth a moment to check https://www.howsmyssl.com/ (which I just learned about, else I'd have suggested it sooner) and see if it has any complaints.
|
|
#
?
Apr 21, 2016 07:31
|
|
|
Is there any way to make Firefox Sync "everything"? It seems like addon settings and about:config options don't carry across.
|
|
#
?
Apr 22, 2016 04:26
|
|
|
In Preferences --> Applications, I can set mailto links default to gmail.com or yahoo.com. I use the Outlook Web App for my work email (Exchange). Is it possible to set mailto links open up a OWA page to send emails?
|
|
#
?
Apr 22, 2016 12:50
|
|
|
astral posted:Great! Since you aren't sure about why that happened, it might also be worth a moment to check https://www.howsmyssl.com/ (which I just learned about, else I'd have suggested it sooner) and see if it has any complaints. Knormal posted:That's cool, thanks. But it seems kind of weird "Probably okay" is the best result. That seems kind of... unsatisfying. Yeah, good idea. Gave it a shot, it said everything was probably okay, which I'm sure is as highly scientific as it gets for computer security.
|
|
#
?
Apr 22, 2016 22:37
|
|
|
|
| # ? Apr 19, 2024 14:17 |
|
|
FF46 out
|
|
#
?
Apr 25, 2016 23:14
|
|
