Jump to content

Mathwiz

Member
 View Profile  See their activity

  • Posts

    1,728

  • Joined

  • Last visited

  • Days Won

    49

  • Donations

    0.00 USD 

  • Country

    United States

 Content Type 

Everything posted by Mathwiz

  1. Mathwiz
    Something I've long advocated for official Firefox, Chrome/ium, Edge, etc. Enough already with these silly "my version number is bigger than yours" wars! All it accomplishes is a "new" version every few weeks that barely differs from the previous one, except of course for whatever Googlisms or Mozilla-isms someone decided CSS or Javascript just had to have added this month.
  2. Mathwiz
    To be clear, "Xitter" was just a mashup of X and Twitter. I didn't intend to bring up geopolitics; only to use President Xi's name as a pronunciation guide Meanwhile, back in Serpentland: I wonder if a FF 52.9 user agent is all that's needed to dissuade Facebook from sending all the Googlescript that slows UXP down so badly? I've seen this elsewhere; e.g., office.com runs much faster, although you lose some features (and Micro$oft will show you an annoying "update your browser" banner )
  3. Mathwiz
    So I take it you're still working on "1030 rebuild 9?"
  4. Mathwiz
    I just call it Xitter now. "Xi" pronounced as in Xi Jinping, President of China.
  5. Mathwiz
    Yes, I think that's the case; that's why I limited my polyfill to chase.com. Everyone else gets the built-in support, which I assume handles object types that JSON.stringify doesn't.
  6. Mathwiz
    Done. But there's so much output in the js console, including many from the console.log added to the structuredClone polyfill, it's really hard to know which one is the problem. And oddly, I can't seem to find the [Circular ~] part anywhere in the output. Perhaps try cloning this simple self-referencing array and see if it triggers a failure. I'm pretty sure @UCyborg's version looped on cloning an array: var arr = []; arr[0] = arr;
  7. Mathwiz
    One more polyfill from the 360EE threads: // ==UserScript== // @name Inject Object.hasOwn Polyfill // @version 0.0.1 // @match *://*/* // @run-at document-start // @grant none // ==/UserScript== if (!Object.hasOwn) { Object.defineProperty(Object, "hasOwn", { value: function (object, property) { if (object == null) { throw new TypeError("Cannot convert undefined or null to object") } return Object.prototype.hasOwnProperty.call(Object(object), property) }, configurable: true, enumerable: false, writable: true }) }
  8. Mathwiz
    Warning: this version predates the WebP buffer overflow bugfix by nearly two months. I tried running later versions (known to run on Win 8.1) with the help of VxKex, but had no luck. As a result, I'm sticking with 115 ESR. Of course, if someone's willing to download the source code, apply the WebP fix, and rebuild this nightly release, I'd have no objection to that.
  9. Mathwiz
    That's helpful. I had forgotten that the WebP bug wasn't even publicly acknowledged until 9/11. That makes 117.0a1 even less desirable, even if it (technically) runs. Sorry for the OT; we now return you to your regularly scheduled @roytam1 browser coverage....
  10. Mathwiz
    OT: MSFN's Win 7 forum has a link to a Nightly version of FF 117 that runs on Win 7. Presumably, it has the WebP fix, but I don't know how to confirm that for sure. 117 Nightly might not be worth keeping anyhow, though, by the time we get to 115.9 (or wherever the ESR release tops out), unless it happens to support some new Googlism or Mozilla-ism that becomes ubiquitous. Probably won't know either way for a few years.
  11. Mathwiz
    Well, I stand corrected. Chase is fine with SMS (or even a browser cookie, which isn't actually all that secure, since it can be moved from one machine to another relatively easily, at least on Firefox-based browsers) being the second "factor," and I think most US banks are similar. They want security, but not at the expense of convenience for their customers, and this is the compromise they arrived at. But it probably varies from country to country since banking regulations would also vary. Chase is also not very consistent. I have an old Android 6 phone. Chase long ago blacklisted their Android 6 app (presumably because Android 6 was deemed "not secure enough") but they're perfectly fine with Chrome 106 on that same phone. All that said, I still believe that making it a hassle to sign out and back in was a motivating factor behind Github's decision to require what I call "burdensome" 2FA. Yes, I get that message too, plus "caches is not defined." (At least it's not "define is not defined" as I was getting for a time at Chase!) But isn't that the M$ app store? Yeah, it'd be nice if it worked, but not much use for it on XP or Vista (or even Win 7, for that matter). OT: M$ "apps" are yet another step in the "Androidification" of Windows. So much of Windows 11 was redone to resemble Android (e.g., the new "Open With" dialog), I'm just wondering when Google and Micro$oft will officially announce the merger. Since I'm the one who raised the issue, I'll perform the test, although it appears @tvholic already tried without success. But maybe I can shed more light on the issue. Edit: Looks like the same message as before: Those fixes didn't seem to cause any harm, although they didn't fix the Chase issue. So they still may be worth including in the next release. OTOH, they may complicate things if upstream actually does fix the Chase issue at some point.
  12. Mathwiz
    Wow - I'm famous! It is admittedly odd that to date, no one has encountered this issue at another site. Self-referential Javascript objects can't be that rare; otherwise Andri Möll wouldn't have felt the need to create the code necessary for the fix in the first place. Since their merger with JP Morgan, Chase has been one of the biggest banks in the US, so I'd be surprised if no one with the necessary expertise has an account there. (Internationally, I understand, is a rather different issue.) Perhaps the polyfill I cobbled together from Möll's and @UCyborg's code, or at least the ideas behind it, could be rewritten in C++ for a native structuredClone implementation, and then tested by other Chase account holders who frequent the official PM forums.
  13. Mathwiz
    I suspect that may be the true reason for GH's particularly burdensome form of 2FA: to increase the "hassle factor" of signing in so much that folks just stay signed in, and as a result, any GH link you click is logged to your user ID. I never bought the excuse that 2FA using email or (especially) SMS just wasn't "secure enough." They're secure enough for banking and Web mail sites! But this is the sort of thing Serpent's container support can help with. You can have a GH container, with those signed-in GH cookies, while your "regular" Web browsing is signed out and GH-cookie free. (Just don't make the mistake of signing in to GH while not in a GH container tab - you'll have to go through 2FA - then it will mess your cookies up! If you need to sign into GH, right-click the GH link and open it in a GH container tab, and you'll already be signed in.)
  14. Mathwiz
    Finally, here's my stucturedClone polyfill specifically for chase.com. Should be good on both Chrome (prior to version indicated) and FF-derived browsers. // ==UserScript== // @name Inject structuredClone() Polyfill [98] // @version 0.0.1 // @match *://*.chase.com/* // @run-at document-start // @grant none // ==/UserScript== function stringify(obj, replacer, spaces, cycleReplacer) { return JSON.stringify(obj, serializer(replacer, cycleReplacer), spaces) } function serializer(replacer, cycleReplacer) { var stack = [], keys = [] if (cycleReplacer == null) cycleReplacer = function(key, value) { if (stack[0] === value) return "[Circular ~]" return "[Circular ~." + keys.slice(0, stack.indexOf(value)).join(".") + "]" } return function(key, value) { if (stack.length > 0) { var thisPos = stack.indexOf(this) ~thisPos ? stack.splice(thisPos + 1) : stack.push(this) ~thisPos ? keys.splice(thisPos, Infinity, key) : keys.push(key) if (~stack.indexOf(value)) value = cycleReplacer.call(this, key, value) } else stack.push(value) return replacer == null ? value : replacer.call(this, key, value) } } self.structuredClone = function (value) { return JSON.parse(stringify(value)); } This correctly deals with self-referential arrays and objects, but has other restrictions, so I use it only when a site (like chase.com) needs it.
  15. Mathwiz
    And here's @UCyborg's polyfill for structuredClone (Chrome before v.98; K-Meleon, New Moon 27, FF 45; not needed on UXP-based browsers or Serpent 55) // ==UserScript== // @name Inject structuredClone() Polyfill [98] // @version 0.0.1 // @match *://*/* // @run-at document-start // @grant none // ==/UserScript== if (typeof self.structuredClone !== "function") { self.structuredClone = function (value) { if (Array.isArray(value)) { const count = value.length; let arr = new Array(count); for (let i = 0; i < count; i++) { arr = self.structuredClone(value); } return arr; } else if (typeof value === "object") { let obj = {}; for (const prop in value) { obj[prop] = self.structuredClone(value[prop]); } return obj; } else { return value; } } } This will fail if an array or object property references itself, but works well in most cases.
  16. Mathwiz
    What - no polyfills? Here are a few contributed by n16s. Should be good on both Chrome (prior to version indicated) and FF-derived browsers. // ==UserScript== // @name Inject findLast() Polyfill [97] // @version 0.0.1 // @match *://*/* // @run-at document-start // @grant none // ==/UserScript== if (!Array.prototype.findLast) { Object.defineProperty(Array.prototype, "findLast", { value: function (predicate, thisArg) { let idx = this.length - 1; while (idx >= 0) { const value = this[idx]; if (predicate.call(thisArg, value, idx, this)) { return value; } idx--; } return undefined; } , writable: true, enumerable: false, configurable: true }); } // ==UserScript== // @name Inject findLastIndex() Polyfill [97] // @version 0.0.1 // @match *://*/* // @run-at document-start // @grant none // ==/UserScript== if (!Array.prototype.findLastIndex) { Object.defineProperty(Array.prototype, "findLastIndex", { value: function (predicate, thisArg) { let idx = this.length - 1; while (idx >= 0) { const value = this[idx]; if (predicate.call(thisArg, value, idx, this)) { return idx; } idx--; } return -1; } , writable: true, enumerable: false, configurable: true }); } // ==UserScript== // @name Inject randomUUID() Polyfill [92] // @version 0.0.1 // @match *://*/* // @run-at document-start // @grant none // ==/UserScript== if (!('randomUUID' in crypto)) crypto.randomUUID = function randomUUID() { return ( [1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g, c => (c ^ crypto.getRandomValues(new Uint8Array(1))[0] & 15 >> c / 4).toString(16) ); };
  17. Mathwiz
    SOLVED!! Both UXP's built-in structuredClone implementation and @UCyborg's polyfill kept blowing up on a circular reference, so neither works on chase.com. I had to go hunting for a fix; finally found one at https://github.com/moll/json-stringify-safe Here's my (chase.com only) polyfill incorporating that code. I don't fully understand what I did, but it works: // ==UserScript== // @name Inject structuredClone() Polyfill [98] // @version 0.0.1 // @match *://*.chase.com/* // @run-at document-start // @grant none // ==/UserScript== function stringify(obj, replacer, spaces, cycleReplacer) { return JSON.stringify(obj, serializer(replacer, cycleReplacer), spaces) } function serializer(replacer, cycleReplacer) { var stack = [], keys = [] if (cycleReplacer == null) cycleReplacer = function(key, value) { if (stack[0] === value) return "[Circular ~]" return "[Circular ~." + keys.slice(0, stack.indexOf(value)).join(".") + "]" } return function(key, value) { if (stack.length > 0) { var thisPos = stack.indexOf(this) ~thisPos ? stack.splice(thisPos + 1) : stack.push(this) ~thisPos ? keys.splice(thisPos, Infinity, key) : keys.push(key) if (~stack.indexOf(value)) value = cycleReplacer.call(this, key, value) } else stack.push(value) return replacer == null ? value : replacer.call(this, key, value) } } self.structuredClone = function (value) { return JSON.parse(stringify(value)); } I think what it does is convert the object to a JSON string then convert it back to a new object. If any circular references are detected, a special value is placed in the JSON string instead of going into a loop and blowing up on a stack overflow. There are probably a lot of things this won't work on, so I limited it to chase.com, leaving the native implementation for everything else. Perhaps someone more skilled than I (@UCyborg?) can apply the same idea to UXP's native implementation and submit a pull request upstream.
  18. Mathwiz
    No. I'm adding the suggested polyfills to Serpent via the Violentmonkey add-on. Chrome was just used to narrow down which polyfills might be needed. Knowing that version 98 includes the needed functionality means that all missing functionality was added between Chrome versions 88 and 98. Unfortunately, no luck so far....
  19. Mathwiz
    Appears there's more to this than structuredClone. Installed the user script, but still no joy. I'll give it a closer look from home; I'm at work now.... That index only appears to go through the year 2016. But it was only for test purposes anyhow. Sure enough, Chrome 98 did the trick.
  20. Mathwiz
    OK, that's even more surprising! It proves you can access the site from your PC, but only from Chrome, not Serpent... (And you tried a clean profile, so it's not a browser extension interfering.) But the rest of us can access it from Serpent just fine. Sounds like a firewall rule. Perhaps port 80 is blocked, with an exception for Chrome? Or perhaps a different proxy configuration? (Chrome uses Windows Internet settings; Serpent has its own, which would default to "direct connection" on a clean profile.)
  21. Mathwiz
    So far, so good; but I don't expect that situation to continue for long. As mentioned in @Humming Owl's 360EE thread, Chase finally lowered the boom. So far I haven't found an XP-compatible browser that works, even with an "acceptable" (to Chase) UA. 360EE and MiniBrowser (based on Chromium 86/87 respectively) let you sign in, but only the page header appears. St 55 and IceApe (UXP) seem to get a little further; it briefly looks like it's going to build the rest of the page, but then it goes away and the message We’re having trouble showing this page right now. Please try again later. appears. I get the following Javascript errors: DataCloneError: The object could not be cloned. https://static.chasecdn.com/web/library/@webchan/cxo-host-app/1.15.41/33.d848b99ac7fbd9417767.js:1 {} https://static.chasecdn.com/web/library/@webchan/cxo-host-app/1.15.41/3935.94d28eeeaa747c5a1efa.js:16 ["[@webchan/overview-dashboard-microapp]",{}] https://static.chasecdn.com/web/library/@webchan/overview-dashboard-microapp/2.10.200/995d6cce2cb94409d19a.js:1 I'm not sure what any of that means. I can install a Win 7 browser, so all is not lost for me; but others with only Win XP won't be so fortunate. Edit: Trying to narrow down the Googlism that caused this breakage, I experimented a bit with portable versions of UnGoogled Chromium. It appears the minimum version that works is Chromium 98-100. (I can't be more exact because PortableApps didn't have versions 98 or 99. 100 worked but 97 did not.) I assume official Pale Moon and Basilisk fail as well, but I haven't yet tried them to be certain of that. I haven't yet tried MyPal 68 either, but I'm not optimistic.
  22. Mathwiz
    Sorry; I'm not trying to ghost you. Since you can ping that site (and the IP address you get matches mine), I couldn't think of any other obvious reason why you alone can't access it with your browser, so I didn't have anything to say that was worth saying when I read your reply! Then the thread went on to other topics, and I just forgot. The only other thing I can think of is that Web access to that site is blocked downstream, perhaps by a firewall or router setting. Clearly ICMP messages are getting through, though, so it's not a complete block.
  23. Mathwiz
    Let me rephrase my query. If I want to change the default for, say, "Access Location" to "Block" vs. "Always Ask" (so it never asks; that function is blocked by default unless I explicitly allow sites to use it), can I do that? I know I can set pref geo.enabled to false but that blocks it for all sites.
  24. Mathwiz
    Welp - Chase finally lowered the boom this week, and it appears there are no XP-compatible browsers left that still work with Chase.com! 360EE (Chromium 86-based) doesn't work; nor does Kafan MiniBrowser (Chromium 87-based), nor do @roytam1's browsers. (I'll post more on those at his thread.) As mentioned above, your UA must claim at least Chromium 109 on Windows or Chase will flat-out reject your browser. (I found that Chrome 106 on Android does still work, so apparently 106 is "good enough" in terms of capability, and Chase accepts a "Chrome 106 on Android" UA even though they reject a "Chrome 106 on Windows" UA. An Android UA produces an unwanted pop-up suggesting their app, though; so I'd stick with 109 on Windows if it worked.) BTW, Chase.com also rejects Edge 109! I had to use a Chromium 109 UA to get in. Ridiculous. Anyway, with a UA that Chase will accept, you can sign in - but (except Edge 109) the next screen only has the header with no account details, so it's pretty useless. Edit: I experimented a bit with portable versions of UnGoogled Chromium. It appears the minimum version that works is Chromium 98, unless you use polyfills. StructuredClone at a minimum is required, but the polyfill contributed by @UCyborg doesn't work for Chase. Edit 2: Using some code I found on the Web, I was able to create a structuredClone polyfill that works for Chase on Chromium 97. I'll test it later and see if it works on 86/87 too. Edit 3: It does! Here's the link:
  25. Mathwiz
    Yes, and that would make sense to me. But as discussed above, M$ does not let you choose the old UI any more! Once you sign in, apparently you're presented with the new UI whether you like it or not. So, being apparently mandatory, I'd expect it even for folks who aren't signed in. Color me baffled....
×
×
  • Create New...