Firefox 1.0 RC2

  • Fixed: Add creative commons search plugin to default set.
  • Fixed: Updated Firefox icon. 32x32 is brighter, 16x16 is darker and higher-contrast.
  • Fixed: 266554 - No referrer sent for meta refresh.
  • Fixed: 264560 - Security hole.
  • Fixed: 267263 - Security hole.
  • Fixed: 267244 - Ensure Locales all use correct tracking params for Yahoo/Google.
  • Fixed: 266292 - Strange behaviour with command line, or even sometimes crash, when using gtk handled arguments.
  • Fixed: 267367 - Image loading from chrome results in auth prompts if src is protected.
  • Fixed: Add to credits: Namachivayam Thirumazhusai (shiva), Doron Rosenberg, Peter van der Woude (peter6), Jonathan Granrose, Chase Phillips
  • Fixed: [Mac] Many changes to Pinstripe (default theme for Firefox on Mac)

Windows builds: Official Windows, Official Windows installer (morning build discussion) (RC2 discussion)

Linux builds: Official Linux, Official Linux installer

Mac builds: Official Mac

More about RC2: Mozillazine, Ben (including what needs testing), Unofficial changelog.

27 Responses to “Firefox 1.0 RC2”

  1. GavinS Says:

    Do you mean to say ‘More about RC1:…’?

  2. NT4 User Says:

    The installer does not work under NT4. When it is supposed to start copying files it hangs. After 1 minute setup.exe crashs. Then it starts copying the files for some strange reason anyway. When you start firefox.exe its causing 100% cpu usage and keeps restarting itself. (new process-ID generated every second)

  3. Sabz Says:

    where are the GTK2 XFT Builds for Linux?

  4. Sabz Says:

    where are the GTK2 XFT Builds for Linux?

  5. eteb Says:

    For some reason RC2 won’t update the URL field when I browse to sub-pages on a domain – it keeps the top domain…

  6. Noman Says:

    For RC2, does anyone else have a blank plug-ins window. For me, the following is blank, Tools > Options > Downloads > File Types

    More curious, Flash, QT and PDF still work.

    Noman

  7. Jean-Marc Gillet Says:

    Noman : I have that too (Windows XP SP1). No extension, no theme, but an old profile for me. Already tried a new one ?

  8. Noman Says:

    Jean-Marc: I totally wiped out everything before installing RC2. This includes uninstalling Firefox and deleting my profile.

    Also, I have FlashPlayer installed. Maybe that caused a problem?

  9. Jonas Says:

    How is bug 266554 (No referrer sent for meta refresh) a security hole by any definition?

  10. Jason Barnabe Says:

    Does it bug anyone else that it’s incredibly difficult to get to about:credits in the About screen credits? I mean, there’s only a link in tiny text, in the middle of the copyright notice, that’s nearly impossible to click because of the scrolling? Why not put a button that says “more credits”?

  11. Jesse Ruderman Says:

    Jonas, it was part of a security hole. See its dependency list.

  12. Jesse Ruderman Says:

    I added the security hole to the list and removed “Security hole” from my description of 266554.

  13. werd Says:

    What the heck is the Creative Commons search plugin? I don’t see it in about:plugins…

  14. Hank Roberts Says:

    OSX: ironically, story about the patent on using a computer for doing international business…
    This page won’t successfully scroll down, it keeps resetting to the top; the progress bar flashes over and over. AdBlock does not see anything helpful.
    Bug? New ad strategy?
    http://www.potomactechjournal.com/displayarticledetail.asp?art_id=60363

  15. Matt Brubeck Says:

    Werd: Search plugins appear in the search field in the toolbar. (Google is selected by default; clicking on the icon lets you choose other searches.)

  16. werd Says:

    Got it, Matt. Thanks.

  17. codguy Says:

    >>Bug? New ad strategy?

    hmmm, the page does the same thing in MSIE6, so I think the page is just screwed up…

  18. Duey Says:

    >>Bug? New ad strategy?

    Same for me as codguy.

    Temporary work-around, press ESC to stop the site from reloading itself.

  19. ZC Says:

    >Bug? New ad strategy?
    >http://www.potomactechjournal.com/displayarticledetail.asp?art_id=60363

    This is niether a firefox bug NOR a new ad strategy. It is a site bug, that shows up in both Firefox and IE 6.
    Looking at the HTML code, the BODY tag has an onLoad javascript. This javascript function is badly written (It’s supposed to switch protocols to secure for subscription purchase) and just repeatedly replaces the window location with itself (after replacing “http:” with “http:”), then gets called again when the page reloads.

    ZC

  20. Hank Roberts Says:

    Thanks ZC, for the sanity check.

  21. David Says:

    Why don’t you start a new project on sourceforge.net for official Firefox downloads (only PR, RC and final versions)?
    They’ve a stunning mirror service, so Firefox would be more visible among international users and other open source software.
    Mozilla (and SpreadFirefox.com) can trace of exact Firefox total downloads without waste their FTP bandwidth.
    [Excuse me for the off-topic]

  22. Karl He Says:

    When you set the Page style (under view) to “no style”, and middle click to auto scroll, the crosshair thinger appears at the bottom left of the page…

  23. Anonymouse Says:

    I talked about the lack of constraints that bonsai.mozilla.org puts on security related bugs fixes in my blog.

    I visited this blog and found out the author listed many security bug numbers without description, so I obtained them through checkin comments.

    Here are the description of the security related bugs.

    Bug 265728
    Don’t paste on middle click from events not generated by the user.

    Bug 249332
    Don’t use getters/setters for link.href in browser code.

    Bug 264560
    Tighten up referrer requirements for XPI whitelist

    For the first item

    Go to about:config
    change middlemouse.paste to true

    Select text and middle click in an input field
    and watch it inserted.
    Put this in an onload event handler
    and remote sites can steal what is in your clipboard. This uses something called synthetic events which are events generated by javascript rather than the user.

    For issue three, I guess one can fake the referer header to point
    to update.mozilla.org which has no restrictions by default.
    Thus, one can install packages without a security warning?

    I do not know, but maybe a better programmer may come along and exploits these security holes before people get a chance to update

  24. Hank Roberts Says:

    Another funny-looking page, which I don’t know enough to interpret — FF rendering? page design?

    http://www.ngdc.noaa.gov/seg/hazard/resource/soc/prof_ssa.html

  25. Sunwolf Says:

    Yes, I do happen to be looking for cheap hotels on an obscure weblog dedicated to the bugstatus of a browser! How did you know?

    Sincerely,
    Sarcasm Man

  26. Karl He Says:

    Sheesh, since when did they start spamming weblogs?

  27. CooLynX Says:

    They started long time ago. Only many site owners do delete this spam others don’t. At least this is not xxx spam…