Supermium

[dmiranda]

What do you mean? Spell it out for me, cuz I'm a non-English speaking peasant, who in his spare time takes care of goats. Do you want a goat? 

[D.Draker]

3 hours ago, dmiranda said:

What do you mean? Spell it out for me, cuz I'm a non-English speaking peasant, who in his spare time takes care of goats.

Do you want a goat? 

I don't know (and could care less who you are), but you are not allowed to curse on developer win32, so taking care of goats is indeed better for you, I agree.

[dmiranda]

As per the loader, the relevant parts are

[Setup]
AppName=chrome

[Environment]
Profile=YOURPATHTOPROFILE

[FileToRun]
PathToExe=.\Supernium\$AppName$.exe
Parameters=--user-data-dir="%Profile%" --no-first-run --no-default-browser-check --no-referrers --no-pings --disable-component-update --disable-logging --disable-background-networking --allow-outdated-plugins --disable-client-side-phishing-detection --safebrowsing-disable-download-protection --disable-background-mode --disable-quic --disable-suggestions-service --kiosk-printing --disable-print-preview --load-media-router-component-extension=0 --ssl-version-min=tls1.2 --enable-strict-mixed-content-checking --process-per-site --renderer-process-limit=3 --disable-breakpad --disable-machine-id --block-new-web-contents --disable-crash-reporter --disable-default-apps --disable-domain-reliability --disable-external-intent-requests --disable-file-system --gpu-rasterization-msaa-sample-count=0 --lite-video-force-override-decision --num-raster-threads=4 --process-per-site --site-per-process --time-zone-for-testing=UTC --use-fake-device-for-media-stream --enable-features="BlockInsecurePrivateNetworkRequests,BlockInsecurePrivateNetworkRequestsForNavigations,BrowserDynamicCodeDisabled,DesktopScreenshots,DisableProcessReuse,ElementSuperRareData,EnableCsrssLockdown,EncryptedClientHello,ForceIsolationInfoFrameOriginToTopLevelFrame,GpuAppContainer,ImprovedCookieControls,IntensiveWakeUpThrottling:grace_period_seconds/10,IsolateOrigins,IsolatePrerenders,IsolateSandboxedIframes,MinimizeAudioProcessingForUnusedOutput,NetworkServiceSandbox,NetworkServiceCodeIntegrity,OpaqueResponseBlockingV01,OriginIsolationHeader,PartitionConnectionsByNetworkIsolationKey,PartitionDomainReliabilityByNetworkIsolationKey,PartitionExpectCTStateByNetworkIsolationKey,PartitionHttpServerPropertiesByNetworkIsolationKey,PartitionNelAndReportingByNetworkIsolationKey,PartitionSSLSessionsByNetworkIsolationKey,PartitionedCookies,PostQuantumCECPQ2,PrefetchPrivacyChanges,ReduceUserAgent,ReducedReferrerGranularity,RendererAppContainer,RestrictGamepadAccess,SandboxExternalProtocolBlocked,ScopeMemoryCachePerContext,SplitAuthCacheByNetworkIsolationKey,SplitCacheByIncludeCredentials,SplitCacheByNetworkIsolationKey,SplitHostCacheByNetworkIsolationKey,StrictOriginIsolation,SubframeShutdownDelay,SuppressDifferentOriginSubframeJSDialogs,ThirdPartyStoragePartitioning,ThrottleForegroundTimers,TurnOffStreamingMediaCachingAlways,TurnOffStreamingMediaCachingOnBattery,WinSboxDisableExtensionPoint,WinSboxDisableKtmComponent" --disable-features="AcceptCHFrame,AdInterestGroupAPI,AllowClientHintsToThirdParty,AllowURNsInIframes,AnonymousIframeOriginTrial,AutofillEnableAccountWalletStorage,AutofillServerCommunication,BrowsingTopics,ClearCrossSiteCrossBrowsingContextGroupWindowName,ClientHintThirdPartyDelegation,ClientHintsDPR,ClientHintsDPR_DEPRECATED,ClientHintsDeviceMemory,ClientHintsDeviceMemory_DEPRECATED,ClientHintsMetaHTTPEquivAcceptCH,ClientHintsMetaNameAcceptCH,ClientHintsResourceWidth,ClientHintsResourceWidth_DEPRECATED,ClientHintsViewportWidth,ClientHintsViewportWidth_DEPRECATED,ComputePressure,ContextMenuPerformanceInfoAndRemoteHintFetching,ConversionMeasurement,CookieDomainRejectNonASCII,CopyLinkToText,CrashReporting,CriticalClientHint,CrostiniAdditionalEnterpriseReporting,CssSelectorFragmentAnchor,DocumentReporting,EnableStructuredMetrics,EnterpriseRealtimeExtensionRequest,ExpectCTReporting,EnableTLS13EarlyData,FedCm,Fledge,FontAccess,GreaseUACH,IdleDetection,InterestGroupStorage,Journeys,LensStandalone,MediaDrmPreprovisioning,MediaEngagementBypassAutoplayPolicies,NavigationRequestPreconnect,NetworkTimeServiceQuerying,NotificationTriggers,OmniboxTriggerForNoStatePrefetch,OptimizationHints,OptimizationHintsFetching,OptimizationHintsFetchingAnonymousDataConsent,OptimizationHintsFieldTrials,Parakeet,Prerender2,PrefersColorSchemeClientHintHeader,PreloadMediaEngagementData,Reporting,RetailCoupons,SCTAuditing,SegmentationPlatform,SignedExchangeReportingForDistributors,SignedHTTPExchange,SpeculationRulesPrefetchProxy,SubresourceWebBundles,TabMetricsLogging,TFLiteLanguageDetectionEnabled,TextFragmentAnchor,SafeBrowsingBetterTelemetryAcrossReports,UserAgentClientHint,UserAgentClientHintFullVersionList,UsernameFirstFlow,UsernameFirstFlowFilling,UsernameFirstFlowFallbackCrowdsourcing,ViewportHeightClientHintHeader,WebNFC,WebOTP,WebSQLInThirdPartyContextEnabled,WebXR,WinrtGeolocationImplementation,RecordWebAudioEngagement" --cipher-suite-blacklist=",0x000A, 0xc013,0xc014,0xe013,0x009c,0x009d,0x002f,0x0035" --component-updater=url-source=0.0.0.0 --crash-server-url=0.0.0.0 --gcm-checkin-url=0.0.0.0 --gcm-mcs-endpoint=0.0.0.0 --gcm-registration-url=0.0.0.0 --google-apis-url=0.0.0.0 --lso-url=0.0.0.0 --oauth-account-manager-url=0.0.0.0 --override-metrics-upload-url=0.0.0.0 --realtime-reporting-url=0.0.0.0 --reporting-connector-url=0.0.0.0 --sync-url=0.0.0.0 --variations-server-url=0.0.0.0 --variations-insecure-server-url=0.0.0.0 --cipher-suite-blacklist="0xc013,0xc014,0x009c,0x009d,0x002f,0x0035" --blink-settings="dnsPrefetchingEnabled=false,preferredColorScheme=1,strictMixedContentChecking=true,strictMixedContentCheckingForPlugin=true,strictlyBlockBlockableMixedContent=true" --isolation-by-default --js-flags=--jitless --disable-webgl --component-updater=url-source=0.0.0.0 --enable-features="RendererAppContainer" 
 

[Milkinis]

11 hours ago, UCyborg said:

Also why is only Google on the built-in search engine list?

what's wrong with this ? 

Supermium is not a paid browser unlike the chinese one

https://msfn.org/board/topic/185045-supermium/?do=findComment&comment=1254569

I wish Supermium devs could make a profit from the Goooogle search bar to cover their expenses.

[66cats]

14 hours ago, NotHereToPlayGames said:

"Secure" web browser on "insecure" OS does not equate to "secure web browsing".

Arguably more secure than an "insecure" web browser on an "insecure" OS. 

[Milkinis]

On 1/28/2024 at 9:27 AM, TSNH said:

Why such an extracting nonsense?

Probably to still keep the project open-source and at the same time charge lazy non-tech experienced users for the premium installer on XP.

Not a bad idea actually.

https://github.com/win32ss/supermium/issues/178#issuecomment-1913762383

[seven4ever]

The only positive point here is a working 64 bits version. Mypal68  64 bits is still not working.

[66cats]

5 minutes ago, seven4ever said:

The only positive

Tough crowd. My new favorite browser for XP, XP x64 & Vista; twice as fast as other XP browsers on all my HW. BTW 32-bit Mypal works fine on x64, not sure if there's a performance hit, though i doubt it.

[seven4ever]

I had stability problems with 360 browsers on Xp64. No vista here and my oldest XP32 is not compatible.

[NotHereToPlayGames]

<OT>

All of the goat talk reminded me of this  --  https://www.youtube.com/watch?v=xrTUmYxnNlo

</OT>

 

re:  "Tough crowd".  Yep, MSFN seems to always be a "tough crowd".  Good and bad.

[D.Draker]

14 hours ago, dmiranda said:

As per the loader, the relevant parts are

[Setup]
AppName=chrome

[Environment]
Profile=YOURPATHTOPROFILE

[FileToRun]
PathToExe=.\Supernium\$AppName$.exe
Parameters=--user-data-dir="%Profile%" --no-first-run --no-default-browser-check --no-referrers --no-pings --disable-component-update --disable-logging --disable-background-networking --allow-outdated-plugins --disable-client-side-phishing-detection --safebrowsing-disable-download-protection --disable-background-mode --disable-quic --disable-suggestions-service --kiosk-printing --disable-print-preview --load-media-router-component-extension=0 --ssl-version-min=tls1.2 --enable-strict-mixed-content-checking --process-per-site --renderer-process-limit=3 --disable-breakpad --disable-machine-id --block-new-web-contents --disable-crash-reporter --disable-default-apps --disable-domain-reliability --disable-external-intent-requests --disable-file-system --gpu-rasterization-msaa-sample-count=0 --lite-video-force-override-decision --num-raster-threads=4 --process-per-site --site-per-process --time-zone-for-testing=UTC --use-fake-device-for-media-stream --enable-features="BlockInsecurePrivateNetworkRequests,BlockInsecurePrivateNetworkRequestsForNavigations,BrowserDynamicCodeDisabled,DesktopScreenshots,DisableProcessReuse,ElementSuperRareData,EnableCsrssLockdown,EncryptedClientHello,ForceIsolationInfoFrameOriginToTopLevelFrame,GpuAppContainer,ImprovedCookieControls,IntensiveWakeUpThrottling:grace_period_seconds/10,IsolateOrigins,IsolatePrerenders,IsolateSandboxedIframes,MinimizeAudioProcessingForUnusedOutput,NetworkServiceSandbox,NetworkServiceCodeIntegrity,OpaqueResponseBlockingV01,OriginIsolationHeader,PartitionConnectionsByNetworkIsolationKey,PartitionDomainReliabilityByNetworkIsolationKey,PartitionExpectCTStateByNetworkIsolationKey,PartitionHttpServerPropertiesByNetworkIsolationKey,PartitionNelAndReportingByNetworkIsolationKey,PartitionSSLSessionsByNetworkIsolationKey,PartitionedCookies,PostQuantumCECPQ2,PrefetchPrivacyChanges,ReduceUserAgent,ReducedReferrerGranularity,RendererAppContainer,RestrictGamepadAccess,SandboxExternalProtocolBlocked,ScopeMemoryCachePerContext,SplitAuthCacheByNetworkIsolationKey,SplitCacheByIncludeCredentials,SplitCacheByNetworkIsolationKey,SplitHostCacheByNetworkIsolationKey,StrictOriginIsolation,SubframeShutdownDelay,SuppressDifferentOriginSubframeJSDialogs,ThirdPartyStoragePartitioning,ThrottleForegroundTimers,TurnOffStreamingMediaCachingAlways,TurnOffStreamingMediaCachingOnBattery,WinSboxDisableExtensionPoint,WinSboxDisableKtmComponent" --disable-features="AcceptCHFrame,AdInterestGroupAPI,AllowClientHintsToThirdParty,AllowURNsInIframes,AnonymousIframeOriginTrial,AutofillEnableAccountWalletStorage,AutofillServerCommunication,BrowsingTopics,ClearCrossSiteCrossBrowsingContextGroupWindowName,ClientHintThirdPartyDelegation,ClientHintsDPR,ClientHintsDPR_DEPRECATED,ClientHintsDeviceMemory,ClientHintsDeviceMemory_DEPRECATED,ClientHintsMetaHTTPEquivAcceptCH,ClientHintsMetaNameAcceptCH,ClientHintsResourceWidth,ClientHintsResourceWidth_DEPRECATED,ClientHintsViewportWidth,ClientHintsViewportWidth_DEPRECATED,ComputePressure,ContextMenuPerformanceInfoAndRemoteHintFetching,ConversionMeasurement,CookieDomainRejectNonASCII,CopyLinkToText,CrashReporting,CriticalClientHint,CrostiniAdditionalEnterpriseReporting,CssSelectorFragmentAnchor,DocumentReporting,EnableStructuredMetrics,EnterpriseRealtimeExtensionRequest,ExpectCTReporting,EnableTLS13EarlyData,FedCm,Fledge,FontAccess,GreaseUACH,IdleDetection,InterestGroupStorage,Journeys,LensStandalone,MediaDrmPreprovisioning,MediaEngagementBypassAutoplayPolicies,NavigationRequestPreconnect,NetworkTimeServiceQuerying,NotificationTriggers,OmniboxTriggerForNoStatePrefetch,OptimizationHints,OptimizationHintsFetching,OptimizationHintsFetchingAnonymousDataConsent,OptimizationHintsFieldTrials,Parakeet,Prerender2,PrefersColorSchemeClientHintHeader,PreloadMediaEngagementData,Reporting,RetailCoupons,SCTAuditing,SegmentationPlatform,SignedExchangeReportingForDistributors,SignedHTTPExchange,SpeculationRulesPrefetchProxy,SubresourceWebBundles,TabMetricsLogging,TFLiteLanguageDetectionEnabled,TextFragmentAnchor,SafeBrowsingBetterTelemetryAcrossReports,UserAgentClientHint,UserAgentClientHintFullVersionList,UsernameFirstFlow,UsernameFirstFlowFilling,UsernameFirstFlowFallbackCrowdsourcing,ViewportHeightClientHintHeader,WebNFC,WebOTP,WebSQLInThirdPartyContextEnabled,WebXR,WinrtGeolocationImplementation,RecordWebAudioEngagement" --cipher-suite-blacklist=",0x000A, 0xc013,0xc014,0xe013,0x009c,0x009d,0x002f,0x0035" --component-updater=url-source=0.0.0.0 --crash-server-url=0.0.0.0 --gcm-checkin-url=0.0.0.0 --gcm-mcs-endpoint=0.0.0.0 --gcm-registration-url=0.0.0.0 --google-apis-url=0.0.0.0 --lso-url=0.0.0.0 --oauth-account-manager-url=0.0.0.0 --override-metrics-upload-url=0.0.0.0 --realtime-reporting-url=0.0.0.0 --reporting-connector-url=0.0.0.0 --sync-url=0.0.0.0 --variations-server-url=0.0.0.0 --variations-insecure-server-url=0.0.0.0 --cipher-suite-blacklist="0xc013,0xc014,0x009c,0x009d,0x002f,0x0035" --blink-settings="dnsPrefetchingEnabled=false,preferredColorScheme=1,strictMixedContentChecking=true,strictMixedContentCheckingForPlugin=true,strictlyBlockBlockableMixedContent=true" --isolation-by-default --js-flags=--jitless --disable-webgl --component-updater=url-source=0.0.0.0 --enable-features="RendererAppContainer" 
 

Wow! What a huge list! Do you know what every flag means? What time does it take for the browser to start with such a list?

[dmiranda]

6 hours ago, D.Draker said:

Wow! What a huge list! Do you know what every flag means? What time does it take for the browser to start with such a list?

I did research them at the time (following the development of all 360chrome versions for the last 3 or 4 years? More importantly, I tested them progressively, to see nothing in the stuff I was using going awry in what I used 360chrome for (mostly social media by the e-oligopoly). Please be aware I don't use chrome for payments (I use a tablet for that).

As per loading time, it is probably faster than normal, but supernium is RAM heavy at startup, so if I had been using other RAM consuming app (such as another browser - I run all my profiles from RAM), it still fails to stick until the second or third time. Once it is up, it is really fast, as already reported. 

Please also note that I haven't yet disable flags related to webl, payments, or (unless I use whatsapp) wasm. That should reduce the loading burden too. 

 

Edited January 30 by dmiranda

[D.Draker]

The list needs to be rechecked, from a short stare, I can see: some flags were added several times --process-per-site, for example.

[D.Draker]

8 hours ago, D.Draker said:

--time-zone-for-testing=UTC

What is good, at least you learn from me the right variants (my post link), and not replicate the errors made in @Sampei.Nihira's list.

 

[dmiranda]

13 minutes ago, D.Draker said:

The list needs to be rechecked, from a short stare, I can see: some flags were added several times --process-per-site, for example.

True that. I also noticed I added a --site-per-process in there. It doesn't seem to hurt, but who knows. For my use it doesn't do damage. All suggestions/corrections are welcome. Supernium itself recommended dropping ones I was using in 360 chome.

As per chrome://flags, many of the old ones that I used in 360chrome are not there anymore.  I'm systematically disabling flags related to: autofill, webrtc, webgl (now unnecessary, chrome finally caught up), payment, credit (reviewing card with detail, for there are some related to cards other than credit cards and smart card), share/sharing, password (most of them), sync (most of them), geolocation, and history (most of them).

Edited January 30 by dmiranda