Spyke
๐Ÿ‘๏ธ๐Ÿ‘„๐Ÿ‘๏ธ
lemm.ee

Certain Firefox users may come across a message in the extensions panel indicating that their add-ons are not allowed on the site currently open. We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns.

What is this bullshit? Feel like this will lead to adblocks being blocked for certain websites under the guise of "security", aka: we don't have to justify shit to you.

81
Vincentreply
feddit.nl

It's not going to inconvenience you that much, and the proof for that is that this has always been the case: extensions would never run on e.g. addons.mozilla.org. This makes sense; you don't want extensions to trick you into installing other extensions, for example, or to hijack your sync password.

It looks like the main change is that this actually loosens this restriction: it looks like some trusted extensions from now on will be allowed.

38
bahmanmreply
lemmy.ml

I don't know. Though, to my mind, Firefox has been all about tight defaults for everyone paired with a not-so-obvious opt-out for those who really need it.

That said I do understand the concern here. The page about quarantined domains doesn't provide much details and it's quite vague.

19
PaulDevonUKreply
lemmy.world

1st thing to do on every release from now on.

This is a step too far for me. My device, my choice of browser and I am adult enough to make my own decisions.

1
maiskanzlerreply
feddit.de

Oh come on, it's still a free and open source browser. As seen in the other comments, it's a badly worded security feature for firefox internal pages and mozilla pages.

It's not going to kill adblock, it won't send your data everywhere and it can be disabled through an option as well as by simply building firefox yourself.

Everybody should stop being so negative towards open source developers.

34
FeelzGoodMan420reply
eviltoast.org

Did everyone in this thread drink the conspiracy theory kool-aid or something? The accusations here are wild.

3
Azzureply
lemm.ee

Is there even some way to see which addons this applies to on which websites? I can't find anything. Or am I just going to find out randomly while browsing?

17
gearsreply
sh.itjust.works

I was curious as well so I looked at the git tree. I'm not familiar with Firefox code, but I'm assuming I found the list:

pref("extensions.webextensions.restrictedDomains", 
"accounts-static.cdn.mozilla.net,accounts.firefox.com,
addons.cdn.mozilla.net,addons.mozilla.org,
api.accounts.firefox.com,content.cdn.mozilla.net,
discovery.addons.mozilla.org,install.mozilla.org,
oauth.accounts.firefox.com,profile.accounts.firefox.com,
support.mozilla.org,sync.services.mozilla.com");

From here

So it looks like it's mostly to do with the account system of Firefox. I'm not sure why their websites would need special protection, but whatever. It's not malicious, for now

44
Lichtblitzreply
discuss.tchncs.de

Makes sense. You don't want Addons to navigate to the addons page and install other addons. You also don't want to give them access to the firefox sync data through your account to do the same from that end.

38
Azzureply
lemm.ee

Thanks! Nicer list:

  • accounts-static.cdn.mozilla.net
  • accounts.firefox.com
  • addons.cdn.mozilla.net
  • addons.mozilla.org
  • api.accounts.firefox.com
  • content.cdn.mozilla.net
  • discovery.addons.mozilla.org
  • install.mozilla.org
  • oauth.accounts.firefox.com
  • profile.accounts.firefox.com
  • support.mozilla.org
  • sync.services.mozilla.com
38
iodreply
lemmy.ml

at least it can be disabled in the prefs for now

3
Dojanreply
lemmy.world

โ€œSecurity concernsโ€ is such a bullshit reason. If an add on is such a security concern, why host it in the first place?

Iโ€™m disappointed Mozilla is going down this path, but not surprised.

2
NRoach44reply
lemmy.ml

So allowing any random, possibly compromised, possibly installed by malware, add-on to run during the Firefox account login pages (see the list of URLs in this thread) isn't a security concern to you?

11
Contend6248reply
feddit.de

The alternative would be to give addons so little permission that the damage wouldn't matter. Effectively break the whole system, i'm fine with the ignore list.

2
kevincoxreply
lemmy.ml

To me it sounds more like they plan on blocking all addons (other than some whitelist of "trusted" addons) on important pages (like the Google login page maybe?).

0
const_voidreply
lemmy.ml

You can always download the xpi and install it manually

1
cetra3
lemmy.ml

On Linux, middle clicks on the new tab button will now open the xclipboard contents in the new tab. If the xclipboard content is a URL then that URL is opened, any other text is opened with your default search provider.

Mega useful!

31
FabiSahnereply
feddit.de

Why is this not on Windows. This sounds actually cool.

3
gruereply
lemmy.ml

Because Windows doesn't have two different copy/paste mechanisms like X does.

(X has "highlight text to copy"/"middle-click to paste" and "ctrl-c to copy"/"ctrl-v to paste", which have completely different origins (homegrown Unix vs. copying Windows) and don't even share the same clipboard. Frankly, although it can be useful it's also kind of a mess.)

6
monobot
lemmy.ml

Most important for some of us

Hardware video decoding is now enabled for Intel GPUs on Linux.

Yey! Test it by starting intel_gpu_top and than playing video in firefox, if row "Video" goes over 0.0% it is working!

intel-gpu-top: Intel Coffeelake (Gen9) @ /dev/dri/card0 -  921/ 925 MHz;  38% RC6
    1.78/10.41 W;      813 irqs/s

      IMC reads:     3883 MiB/s
     IMC writes:     1632 MiB/s

         ENGINES     BUSY                                         MI_SEMA MI_WAIT
       Render/3D   12.82% |โ–ˆโ–ˆโ–ˆโ–ˆโ–Š                                |      0%      0%
         Blitter    0.00% |                                     |      0%      0%
           Video   27.99% |โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–                          |      0%      0%
    VideoEnhance    0.00% |                                     |      0%      0%

   PID              NAME   Render/3D      Blitter        Video      VideoEnhance  
   578       RDD Process |            ||            ||โ–ˆโ–ˆโ–ˆ         ||            |
 32431       firefox-bin |โ–Š           ||            ||            ||            |
  2301    elogind-daemon |โ–Œ           ||            ||            ||            |
  4151        pcmanfm-qt |            ||            ||            ||            |
  4153         keepassxc |            ||            ||            ||            |
  4154         pasystray |            ||            ||            ||            |
  4521             slack |            ||            ||            ||            |
  6067            chrome |            ||            ||            ||            |
 29222       jcef_helper |            ||            ||            ||            |

Of course, you need second monitor, it goes down to 0 if video is not visible, since Firefox is not rendering it.

14
PropaGandalf
lemmy.world

What happened to the cookie banner reduction? I can't find it in the release notes.

13
Vincentreply
feddit.nl

I think they hit some snags that it wasn't working satisfactorily yet, so hopefully in a future release ๐Ÿคž

5
PropaGandalfreply
lemmy.world

Ah man, this was the main feature I was hyped for. Thanks for the info!

0

You reached the end