Jump to content

Mathwiz

Member
 View Profile  See their activity

  • Posts

    1,830

  • Joined

  • Last visited

  • Days Won

    50

  • Donations

    0.00 USD 

  • Country

    United States

 Content Type 

Everything posted by Mathwiz

  1. Mathwiz
    His argument seems to be that you, the user, shouldn't trust any add-on that allows logging into a banking site, because the add-on author could have slipped some code in to steal your password. (And although I doubt Martok would do such a thing, perhaps he worries about being falsely accused if someone's bank account were coincidentally hacked shortly after installing his add-on.) He has a point, but it seems his point proves too much, as it could apply to any add-on, not just one that specifically permits logging into a banking site. You have to grant a bit of trust to every add-on you install! Perhaps this is why Mozilla started requiring all the add-ons at AMO to be digitally signed: makes it easier to track down the author if malware is discovered in an add-on....
  2. Mathwiz
    All that stuff is saved in the browser's "profile," which is stored in a separate directory from the browser code itself. (To see the directory it's stored in, click Help / Troubleshooting, find the "Profile Folder" row, and click "Open folder.") So yes; all you have to do is unpack the new version and run it, and all your data will still be there. You can almost always unpack a new version over the previous version, although I prefer to keep at least one prior version, in case the new version has bugs the old version didn't have. Also, you don't have to update every week, although you're free to do so if you wish, of course.
  3. Mathwiz
    It seems odd.... custom elements (part of Web components) have been around for quite some time now and are recognized as a standard part of the DOM by now, while optional chaining and "nullish" coalescing are relative newcomers - yet we got support for the latter first! Evidently implementing custom elements is a great deal more work. Well, the concern is, no support may be better than incomplete or buggy support. That certainly seems the case with Web components. I leave it disabled, and let add-ons like palefill try to substitute for its absence. Leads to a better browsing experience overall. I'm less sure about PerformanceObserver. @VistaLover has evidently been inadvertently browsing the Web with it enabled for some time now, without apparent ill effects - so enabling it doesn't seem to hurt anything, at least. We need a relatively thorough Javascript features test page, even though I'm sure it'd be a lot slower than the pages I'm familiar with, like the GitHub test page and html5test.com. Those just test for the presence of a feature, but don't really exercise it enough to show whether it works properly.
  4. Mathwiz
    Ah, the old "behind a pref, disabled by default" trick. That's the third time I've fallen for it this month! BTW, setting pref dom.webcomponents.enabled to true turns CustomElements on GitHub's test page green. But I'm skeptical that it works correctly; my banking site (chase.com) does not quite function correctly if this pref is set. Perhaps there is incomplete support for custom elements in Serpent? If so, I have a hypothesis about the performance observer pref. It too was incomplete at the fork point from Firefox (since Mozilla didn't finish it until FF 57, the first Quantum version), so the pref was created and set to false. Later, MCP completed the implementation (and @roytam1 ported it to St55) but the pref was never changed (at least in St55). Not surprisingly, it's meant to, well, observe "performance" events. OK, I can see that for web pages that check your browser's performance; but why on earth would GitHub require it in order to function? (Rhetorical question. I do wonder, though, if there are other Web sites that require this rather old function to, well, function!)
  5. Mathwiz
    Useful link! For comparison I tried St55 with the same results, except for one more unsupported feature: PerformanceObserver constructor (whatever that is). This surprised me because it's supported by NM 27 as of April 1. So it seems like it should be feasible to support in St55, but of course I don't really know.
  6. Mathwiz
    And to make our strange language even more complicated, there's another use of the word "either:" to emphasize that a subsequent "or" is exclusive. For example: ... meaning, I'll have one of those choices, but not both.
  7. Mathwiz
    OK, I'll bite. I know what browser.startup.homepage is, but what the heck is browser.startup.homepage_override.mstone? (Mine is set to 4.0.3 but I have no issues saving files....)
  8. Mathwiz
    Maybe; maybe not. It was discussed a few pages back: There is a patch for Waterfox Classic, based on FF 56, but between FF 53 (the St 55 fork point) and FF 56, I think Mozilla's Javascript engine was rewritten in the Rust programming language. Before Russia invaded Ukraine, Feodor2 noted that Rust can be made to output XP-compatible C code, so it's doable, I think, but a lot of work, and of course @feodor2 has been unavailable to help with our trivial matters since the invasion....
  9. Mathwiz
    Good news on that front: I got 360EE v13 working again. Turns out I need to "Run as Administrator" on Win 7 - no idea why. I've never needed to run a browser as "Administrator" before.... Edit: Now that I think about it, I think I know why. I foolishly put the 360EE folder under the "Program Files (x86)" directory, and 360EE modifies some files there. That works fine in XP but requires administrator privileges on Win 7. Oops! Anyhow, the troublesome site https://cw33.com/morning-in-america/ doesn't load correctly there either! I'm starting to think the Web page itself is broken, not a problem with older browsers. Sorry for the false alarm, everyone....
  10. Mathwiz
    Here's a challenge: on Serpent 55, a local TV station's pages only display the heading; no content. Despite optional chaining, nullish coalescing, froglick combining, and what-have-you, there's just a big blank space where the content should be. Same in Edge 77, so I'm guessing 360EE v11/12 as well. (And my 360EE v13 is suddenly refusing to load, so I can't test it.) The modern Web's Googlized Javascript (Googlescript?) continues to evade our attempts to avoid modern browsers and their resource-hogging OSes. Is there any hope at all?
  11. Mathwiz
    There is also a pref "javascript.options.wasm_baselinejit". I assume it becomes irrelevant if javascript.options.wasm is set to false, but I don't really know....
  12. Mathwiz
    Really, @UCyborg, that's a double negative. Do you mean it "does work also?" Seriously though, I get the point. The Amwater.com site really wants you to use "modern" Windows or MacOS. I doubt even Win 7 will work for long, assuming it even works now! (Ironically, they don't recommend Edge as a "supported" browser....) It's like a reverse IQ test. If you use anything "too smart" you're blocked!
  13. Mathwiz
    Ah; well, that explains it then. The site truly is an anti-XP (and Vista) bigot; you just chose to "pass" as Win 10. Probably not even realizing you needed to. Pray tell, how do you fake your display resolution, given that it's not part of the UA? Asking for a friend Seriously; faking a display resolution would help with browser fingerprinting, for those of us using Microsoft's VM. In full-screen mode, the display resolution is usually your monitor's resolution minus two rows. That "minus two rows" stands out like a sore thumb. I don't personally, but a lot of folks do. BTW, this is a great example of "hyper-resolution-itis;" a disease which inflicts many designers of smart phone and laptop screens these days: The compulsion to cram as many pixels as possible into as small a rectangle as possible. Come on, let's get real: no one can see the difference between 1280x720 and anything greater, on a screen the size of a typical smart phone, unless they're viewing the screen with a microscope! Even my old BlackBerry Priv (well, ca. 2015 is "old" when you're talking about smart phones) has a 2560x1440 screen! (I like the phone anyway.) But "4K" resolution lets the marketing guys brag: "You need our phone because we have more pixels than the other guys!!" And enough folks are stupid enough to fall for it, that the disease has become endemic.
  14. Mathwiz
    As Paul Harvey might have said, "the rest of the story." You'd think Amwater's banner would at least tell you that Win XP or Vista was no longer supported, rather than telling you to "update" your browser to a version older than the one you're running! But they probably don't care, as long as those "evil" XPers are kept out of their site. But that leaves me wondering: Why is NM 28 allowed, even though its default UA would reveal the same evil Windows version? I guess some mysteries will never be solved. So PM 30 was sort of their Windows 8! "Whoops, this was a hot mess; better clean things up with a new version ASAP." PM 29's life cycle seemed short, but perhaps that's because I was "spoiled" by PM 28's long life cycle, and/or because PM 29's subversion numbers only got up to 4, making it seem shorter. The Covid pandemic may have warped my perception of time as well. I might have compromised and increased NM's subversion number to 17 from 10 by now, maximizing compatibility with PM add-ons while avoiding the pitfalls with legacy FF ones. But it's not my project, and I'm sure Roytam1 has other reasons to stick to 28.10. NM isn't even my main browser, so my interest is mostly academic anyway.
  15. Mathwiz
    Couple of interesting observations: First, Apple Safari has a reasonable version number (13.4); very unusual in the modern browser world. I haven't seen a version number that low since Microsoft gave up on IE. Even MCP seems to be jumping back on the rapid browser version inflation bandwagon - after holding the line at v28 for years, they've gone up to v31 just in the last several months. Ominous. (@roytam1 is valiantly holding the line with New Moon at version 28.10, but that was "pre-inflated" by the early days of MCP keeping pace with Firefox's version numbers until they finally gave up at - guessing - 26?) Second, 360EE v13 identifies itself as Chrome 86. Amwater.com's banner says Chrome 80 or later is required. So 360EE v13 or 13.5 should have worked - why was a UAO required? Is the banner a lie and it actually tests for Chrome 90-something now?
  16. Mathwiz
    Rather than checking version numbers or build IDs, the ideal way for a polyfill to determine available JavaScript features would be to write some test code that tries to use the features in question. But I'm not sure how practical that is. If you try to use, say, nullish coalescing and the browser doesn't support it, you get a syntax error. I don't think you can try ... catch a syntax error, so results of any test code are likely quite unpredictable. So it may not be easy, or even possible, to do things the ideal way, and polyfill authors may be stuck checking version numbers or build IDs.
  17. Mathwiz
    For that specific purpose, just follow @roytam1's initial advice: You can just paste in the URL from his latest post, delete the 's' from https:, press Enter, and save the .7z file. Then extract it where you please and use it instead of Chrome 49. (My initial answer was more along the lines of, if you want to use Chrome 49 for general browsing on XP.) OTOH, if you've been using Chrome this long, you may find one of the 360EE versions easier to get used to than Serpent. Unfortunately, this is a cipher suite mismatch, not a certificate error. Admittedly, I assumed 32-bit WinXP. That is by far the most common. For 64-bit installs a MITM proxy is your only hope for making secure connections with Chrome 49, but the OP has ruled that out for whatever reason.
  18. Mathwiz
    Chrome 49 uses WinXP's built-in support for secure (https:) connections. You need to have WinXP fully updated, including the POSReady '09 updates, to support TLS 1.2 and AES, in order to have any chance at all of making secure connections to many of today's Web hosts, and even that may not be enough! For the best chance, use a MITM proxy:
  19. Mathwiz
    That's weird; I tried that too, but the problem didn't disappear for me. Oh, well; at least others can reproduce the problem now!
  20. Mathwiz
    I used to like DST, but that was back before so many devices depended on accurate time. Now it's just a hassle, and I think most of the world should go back to standard time year round. A bill was introduced in the US Congress to put the entire nation on permanent DST, which would at least stop the semiannual changes, but I'm opposed - because it means I'll never get back the hour of sleep I lost in March! I'm owed that hour, so first, let's go back to standard time, then let's stop the semiannual changes!
  21. Mathwiz
    @jmeno, Firefox (and forks of it such as PaleMoon) have their own certificates independent of Windows.
  22. Mathwiz
    On my system they are at C:\Users\<my user name>\AppData\Local\Microsoft\Windows\Themes\
  23. Mathwiz
    I don't think @looking4awayout is around any more. His last post on this forum was Sept. 2020. But I think you can still tailor his UOC patches as you wish. They are merely text files containing very simple JavaScript: just a series of calls of the pref function to set default preferences before the user preferences in your profile are processed. You can edit them or create your own with any text editor - even Notepad.
  24. Mathwiz
    Found another possible clue. All the icons I'm having problems with post-4/29 are contained in files found at <serpent install directory>\browser\omni.ja\chrome\browser\skin\classic\browser and named Toolbar*.png. The .png appears to be a simple left-to-right array of icons, with the "oops" icon seen in the above screen shot as the left-most icon. So this seems to be some kind of indexing error, where all the icon indexes somehow get reset to zero (but only on my home PC, not my work PC)! Maybe it's as simple as my theme? BRB.... Edit: Nope, that didn't work. Actually, I should have known, because I already tried a clean profile, which of course uses the default theme.
  25. Mathwiz
    It looks like Mozilla at least keeps the user informed and in control: That's the way it should be. You can disable it, or choose a DoH provider other than the default Cloudflare. I don't entirely trust Mozilla, but I trust them more than Google!
×
×
  • Create New...