Jump to content

My Browser Builds (Part 3)


Recommended Posts

On 8/14/2022 at 8:29 PM, anton12 said:

BUT when clicking on the red dots the faqs WON'T OPEN  !

WHY ??

Welcome to the MSFN forums! :)

As a general rule, consulting your browser's Web Console/Browser Console/Error Console will provide useful hints/clues as to the "why" :P:

f4art9u.jpg

... and even if that's "Greek" to you, it'll give prospective helpers a general idea...

The ING Bank site relies heavily on customElements, a web spec (part of the Web Components JS+CSS framework) discussed, by pure coincidence :), in posts of this thread's previous page...

CE/WC is a technology originally created by Google (they currently are the only ones who dictate how the web should evolve :realmad:), the upstream developers of UXP/Pale Moon, due in part to their aversion of anything Google, put WC support inside UXP in the "back-burner", so to speak; truth be told, there still exist major technical issues to backport/glue-in all of WC to the platform, which, as you might already know, evolved from a now quite "old" Mozilla Firefox forkpoint...

CE/WC are currently behind a disabled pref, in an incomplete/immature developmental state... Third party extension authors try. with various success and targeting selected URLs only, to mitigate lack of CE/WC support in UXP-based browsers :whistle:; at this point in time, the extension which holds the best promise for UXP users is one maintained by your compatriot Sebastian Hütter, aka martok, which is called palefill:

https://github.com/martok/palefill/releases

Install the XPI file linked in that page and then kindly ask him to include support for ING Bank, by filing an issue (GitHub account required):

https://github.com/martok/palefill/issues

From my initial testing, implementing support would be as easy as adding in file "./lib/builtin-rules.js" below code:

 exports = String.raw`
+www.ing.de
+    std-customElements
+! --
 developer.apple.com
     std-customElements

For your convenience, I have prepared myself a patched XPI file of palefill, 

(.XPI file attachment removed on 202208160022Z)

that you are free to test; works as intended here ;)  (under latest St52):

FgWkO3Q.jpg

Later addition: Bank sites are a major pain in the posterior for "legacy"/non-mainstream web engines, because Bank IT staff insist on using the very latest Web Specs in them (even ones that haven't yet made it to final state, though this is not the case for CE/WC), as they think it gives the higher members of the Bank's hierarchy (who probably know little about web development), as well as most of the Bank's clientele, a false sense of "on-line security" :angry: ...
I'm not saying Bank sites should stick to TLS 1.0/1.1 to merely satisfy old browsers, but not always using the latest Google-derived "shinies" won't make their sites (and their customers' interactions) less secure, would it? :whistle:

Edited by VistaLover
XPI attachment removed
Link to comment
Share on other sites


I want to get started using these browsers. So, a few questions:

- Does Google search website now render properly in roytam1's browsers? The last time I remember, in January this year, it was said that it renders in classic layout.

- When a new version of these browsers come, how do I transfer the data (browsing history, cookies, etc) from the previous version to the new version? Do I just run the new version, and it will still remember them or what's the method?

Thanks.

Link to comment
Share on other sites

22 minutes ago, mina7601 said:

When a new version of these browsers come, how do I transfer the data (browsing history, cookies, etc) from the previous version to the new version?

All that stuff is saved in the browser's "profile," which is stored in a separate directory from the browser code itself. (To see the directory it's stored in, click Help / Troubleshooting, find the "Profile Folder" row, and click "Open folder.") So yes; all you have to do is unpack the new version and run it, and all your data will still be there.

You can almost always unpack a new version over the previous version, although I prefer to keep at least one prior version, in case the new version has bugs the old version didn't have. Also, you don't have to update every week, although you're free to do so if you wish, of course.

Link to comment
Share on other sites

4 hours ago, VistaLover said:

kindly ask him to include support for ING Bank, by filing an issue (GitHub account required):

https://github.com/martok/palefill/issues

From my initial testing, implementing support would be as easy as...

Most unfortunately, @martok isn't willing to "fix" Bank sites in UXP-based browsers through his extension :( :

https://github.com/martok/palefill/issues/38#issuecomment-1192738141

Quote

Doesn't really matter what you answer, banking sites are one thing I'm not going to touch.

(This might just be a case of adding customElements, at least that's the first error message. But yeah. Nope.)

The reasons he cites are security-related :dubbio:...

Link to comment
Share on other sites

RE:  New Moon/palemoon-28.10.6a1.win32  on W2K/Kex v30fM
        ING Banking

Dear VistaLover,

Thank you very much for your palefill-v1.19-3-git-20220814.xpi
and your explanations !

Your XPI file corrects many errors when visiting https://www.ing.de/
with  New Moon/palemoon-28.10.6a1

FAQs                 now ok
Suche (Search)   now ok
Menü (Menue)    now ok
Privatkunden (Private Customers)   now ok
etc.

The functionality of the ING Bank website has improved considerably.

Sadly enough there is still trouble with  Log-in Banking:
https://banking.ing.de


Basically the loading of ING's Log-in Banking seems to be incomplete.

Considering that until the month of May 2022  the then latest versions of New Moon worked fine with ING's Log-in Banking, is there a realistic chance to get New Moon properly working with ING's Log-in Banking again ?

 

PS:  
The Log-in Banking problem with ING Bank is the same here:

(Comment: ING was formerly known as ING-DiBa)

https://github.com/martok/palefill/issues/38#issuecomment-1192738141

ING-DiBa: cannot enter "DiBa key" when logging in #38

 

 

 

 

 

 

 

 

 

 


 

 

Edited by anton12
Link to comment
Share on other sites

On 8/14/2022 at 10:06 AM, VistaLover said:

 

Finally, I did find some time (actually, a quite big chunk of time :whistle:) to troubleshoot the "about:support" instant crash in recent NM27 builds...

The last build (buildID=20220722014511) without the crash (LastGOOD) was from package:
palemoon-27.10.0.win32-git-20220723-b6b16147cc-xpmod.7z
while the first build (buildID=20220729155323) exhibiting the crash (FirstBAD) was from package:
palemoon-27.10.0.win32-git-20220730-93f97225b6-xpmod.7z

More recent NM27 releases still crash here when "about:support" is being loaded...

In my dirty NM27 profile, the OS crash report is as below: 

Problem signature:
  Problem Event Name:	BEX
  Application Name:	palemoon.exe
  Application Version:	27.10.0.7727
  Application Timestamp:	62e4040f
  Fault Module Name:	StackHash_a950
  Fault Module Version:	0.0.0.0
  Fault Module Timestamp:	00000000
  Exception Offset:	00000000
  Exception Code:	c0000005
  Exception Data:	00000008
  OS Version:	6.0.6003.2.2.0.768.3
  Locale ID:	1032
  Additional Information 1:	a950
  Additional Information 2:	c07297ba8acc6462e9fe86ee369f49b9
  Additional Information 3:	0a9c
  Additional Information 4:	524d1a1d9730c6e8f6d176ea5e0fcd20

In a new, fresh, NM27 profile, "about:support" loads OK as expected... :dubbio:

In safe mode, my dirty profile ALSO CRASHES, which means the crash isn't (probably) being caused by an extension, but rather because of one (or more) of my user-modified "about:config" prefs (file "prefs.js" inside my NM27 profile).

That file is quite big in my case; many entries are originating from extension settings, so these could be disregarded (because the crash happens even in safe mode), but that still left me with a large number of candidate culprits... To cut a long story short, after a lengthy trial-and-error procedure, I managed to isolate the culprit pref:

webgl.force-enabled;true

It was a remnant from some time ago (probably more than a year), as a result of me force-enabling WebGL in older builds of NM27 in this laptop... That way, I could get in "about:support" => Graphics:

WebGL Renderer: Google Inc. -- ANGLE (Mobile Intel(R) 965 Express Chipset Family Direct3D9Ex vs_3_0 ps_3_0)

Now that I had discovered the culprit pref, I toggled it to "false" (the default), but in doing so I discovered two additional bits:

1. In the LastGOOD build (see above), that pref has no bearing at all, because even in its default state of "false", WebGL Renderer was set to ANGLE (no force-enabling is required); as noted, "about:support" loads fine...

NhDb60C.jpg

2. In the FirstBAD build (see above), and all builds released after it, WebGL Renderer now shows as "Blocked for your graphics driver version":

Jwuweig.jpg

Force-enabling WebGL in the "BAD" builds (requires a browser restart) will cause the "about:support" internal page to crash the whole browser - I see this as a regression/bug...

The source-code changelog between "LastGOOD" and "FirstBAD" builds is:

https://github.com/roytam1/palemoon27/compare/b6b1614...93f9722

The only one WebGL-related change is

- Bug 1191042 - Use CreateOffscreen for WebGL instead of CreateHeadless. - r=jrmuizel (f98fd02e59)

which altered source files:

dom/canvas/WebGLContext.cpp
dom/canvas/WebGLContext.h
dom/canvas/WebGLContextState.cpp
dom/canvas/WebGLContextUtils.cpp
(plus some test files...)

@roytam1 : Any insight from your part?

This old (Toshiba) laptop has a vendor-modified, proprietary, gfx driver, I had already updated to the last the vendor released for this laptop model ... :dubbio:

I tried to revert this changes in git HEAD, you may try again when next build is available.

Link to comment
Share on other sites

16 hours ago, mina7601 said:

- Does Google search website now render properly in roytam1's browsers? The last time I remember, in January this year, it was said that it renders in classic layout.

This behaviour is controlled by a Google SSUAO; latest Serpent 52.9.0 has it as:

general.useragent.override.google.com;Mozilla/5.0 (%OS_SLICE% rv:71.0) Gecko/20100101 Firefox/71.0 Basilisk/52.9.0

i.e. it spoofs itself as Fx 71.0; result:

CQ7yTWx.jpg

(that one above is with its dark theme enabled - selection is stored inside a cookie ;) )

If you're in the habit of using localised Google TLDs (e.g. google.co.uk) other than ".com", you need create additional SSUAOs for these...

Link to comment
Share on other sites

20 hours ago, Mathwiz said:

So yes; all you have to do is unpack the new version and run it, and all your data will still be there.

Good to hear! Thanks.

4 hours ago, VistaLover said:

This behaviour is controlled by a Google SSUAO; latest Serpent 52.9.0 has it as:

general.useragent.override.google.com;Mozilla/5.0 (%OS_SLICE% rv:71.0) Gecko/20100101 Firefox/71.0 Basilisk/52.9.0

i.e. it spoofs itself as Fx 71.0; result:

CQ7yTWx.jpg

(that one above is with its dark theme enabled - selection is stored inside a cookie ;) )

If you're in the habit of using localised Google TLDs (e.g. google.co.uk) other than ".com", you need create additional SSUAOs for these...

Thank you for testing. :)

Link to comment
Share on other sites

RE:  New Moon/palemoon-28.10.6a1.win32
       cookies

This is a question especially for Roytam1,
but also for the other experts of this forum.

Please,visit the following banking sites:

https://www.postbank.de/
https://www.paypal.com/de/home
https://www.ing.de/

When visiting Postbank and Paypal with  New Moon
these banking sites  ask for our consent to save cookies.

But the Ing banking site won't ask for our consent to save cookies.

Why ??

PS:
When successfully logging into my ING bank account with New Moon in May 2022 , I was asked  for my consent to save cookies.

PPS:

Explicitly accepting cookies is part of a formal Legal Procedure

to make any online bank account work  -  at least in the EU.

 

 

 

 

Edited by anton12
Link to comment
Share on other sites

On 8/14/2022 at 7:13 PM, VistaLover said:

Most unfortunately, @martok isn't willing to "fix" Bank sites in UXP-based browsers through his extension :( :

https://github.com/martok/palefill/issues/38#issuecomment-1192738141

The reasons he cites are security-related :dubbio:...

His argument seems to be that you, the user, shouldn't trust any add-on that allows logging into a banking site, because the add-on author could have slipped some code in to steal your password. (And although I doubt Martok would do such a thing, perhaps he worries about being falsely accused if someone's bank account were coincidentally hacked shortly after installing his add-on.)

He has a point, but it seems his point proves too much, as it could apply to any add-on, not just one that specifically permits logging into a banking site. You have to grant a bit of trust to every add-on you install! Perhaps this is why Mozilla started requiring all the add-ons at AMO to be digitally signed: makes it easier to track down the author if malware is discovered in an add-on.... :unsure:

Link to comment
Share on other sites

23 hours ago, mina7601 said:

I know I would be off-topic for asking this, but where did you get FF Quantum's (FF 57 until 88) beautiful (Photon UI) theme on your Serpent 52.9.0?

... Why would you be off-topic if your query pertains to Serpent 52.9.0 ? :dubbio:

Well, here's the long story of it:

My complete theme is called Photonic and it was created by Lootyhoof, a member of the upstream MCP dev team, who specialises in Complete Themes for the Pale Moon browser!
Photonic had originally support for both Pale Moon (which has a pre-Australis default theme) as well as support for (official) Basilisk (which has the Australis GUI). As such, it was hosted in both

https://addons.palemoon.org/themes/

(where it still is) and

https://addons.basilisk-browser.org/themes/

In late January, Moonchild halted further development of Basilisk; in May, Photonic was removed from:

https://addons.basilisk-browser.org/addon/photonic/

(archived snapshot: https://web.archive.org/web/20220511055801/https://addons.basilisk-browser.org/addon/photonic/ )

Lootyhoof continued the theme's development, but he removed Basilisk support in versions > 4.0.0... :angry:

The source code repo for Photonic is:
https://github.com/Lootyhoof/photonic

A no-longer-maintained mirror is:
https://repo.palemoon.org/Lootyhoof/photonic

The easiest way to get the last Basilisk-compatible version of Photonic is via GitHub:

https://github.com/Lootyhoof/photonic/releases/tag/v4.0.0

But (there's always a "but" for us on "unsupported" OSes+forks), getting that XPI is NOT enough, sadly...

As you might know already, (official) Basilisk is meant to run on Win7+, so Photonic's author made sure to use Win7+ specific CSS code during its development :(; many of its internal CSS scripts have the below code:

@media (-moz-os-version: windows-win7) {

which makes sure the theme (is designed for and) properly runs at minimum on Windows 7, only!  Additional specific code

@media (-moz-os-version: windows-win8) {

and

@media (-moz-os-version: windows-win10) {

configures the theme on Win8/8.1 and Win10 - there's absolutely no provision for the theme running under XP and/or Vista, which are the target (i.e. most frequently used) OSes for Serpent 52.9.0 users... :(

Fortunately, its install.rdf file is compatible with St52, so it doesn't require any modification to install the theme there...

But: I don't have XP here to check, so I have no clue how the theme behaves (if and at what degree it works) under an XP installation of Serpent 52.9.0... :dubbio: :(

All I can tell you is that when I first installed it in my Vista SP2 installation of St52, the tab bar was BROKEN/mostly unusable; I had to unpack the theme and apply trial-and-error many times, adding several additional "(-moz-os-version: windows-vista)" conditionals to select script places, to get a properly working tab bar on Vista, keeping full Aero support, too...

Along with the theme itself, I'm also using the "Classic Theme Restorer v1.7.8.2019.10.27" extension (by Aris), to further modify it to my liking... A glimpse of what it looks like as I type this is:

feL5r5k.jpg

I understand Photonic (being an abandonware for Basilisk, at least for now) is susceptible to future partial/complete breakage, as Serpent 52 is being further developed - though, TBH, I don't expect "deal-breakers", as "upstream" very infrequently touch the GUI code; some minor bugs did fall under my radar, but I'm willing to live with them for the time being... :rolleyes:

So, now you know! :)

 

Link to comment
Share on other sites

On 8/14/2022 at 1:11 PM, Mathwiz said:

It seems odd.... custom elements (part of Web components) have been around for quite some time now and are recognized as a standard part of the DOM by now, while optional chaining and "nullish" coalescing are relative newcomers - yet we got support for the latter first! Evidently implementing custom elements is a great deal more work.

Well, the concern is, no support may be better than incomplete or buggy support. That certainly seems the case with Web components. I leave it disabled, and let add-ons like palefill try to substitute for its absence. Leads to a better browsing experience overall.

I'm less sure about PerformanceObserver. @VistaLover has evidently been inadvertently browsing the Web with it enabled for some time now, without apparent ill effects - so enabling it doesn't seem to hurt anything, at least.

We need a relatively thorough Javascript features test page, even though I'm sure it'd be a lot slower than the pages I'm familiar with, like the GitHub test page and html5test.com. Those just test for the presence of a feature, but don't really exercise it enough to show whether it works properly.

I'll leave it then at the defaults as my graphic card is factory junk. Normally I don't us any hardware acceleration prefs because of this reason (mainly). 

Thank you guys for the information as I wasn't aware of those settings, but I see looking at about:support I need to also disable more as its been disabled already as my graphic card doesn't support and there are no updated drivers for this old clunker.

dom.enable_performance;false

dom.enable_performance_observer;false

dom.webcomponents.enabled;false

Guess will leave those as is then.

Link to comment
Share on other sites

15 hours ago, VistaLover said:

... Why would you be off-topic if your query pertains to Serpent 52.9.0 ? :dubbio:

Sorry, I misworded my post. I meant to say "this may not sound important to ask", not "i know i would be off-topic for asking this".

Anyway,

15 hours ago, VistaLover said:

So, now you know! :)

Yes, I now know! Thank you so much for your explanation regarding the theme you are using.

Link to comment
Share on other sites

Watch out with playing this Janet Jackson video on or near old laptops with 5400 RPM drives. :D:worship:

https://www.theregister.com/2022/08/18/janet_jackson_video_crashes_laptops/

https://devblogs.microsoft.com/oldnewthing/20220816-00/?p=106994

CVE-2022-38392.

Quote

A certain 5400 RPM OEM hard drive, as shipped with laptop PCs in approximately 2005, allows physically proximate attackers to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation music video.

Edited by nicolaasjan
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...