Firefox 1.0 RC2
- Fixed: Add creative commons search plugin to default set.
- Fixed: Updated Firefox icon. 32x32 is brighter, 16x16 is darker and higher-contrast.
- Fixed: 266554 - No referrer sent for meta refresh.
- Fixed: 264560 - Security hole.
- Fixed: 267263 - Security hole.
- Fixed: 267244 - Ensure Locales all use correct tracking params for Yahoo/Google.
- Fixed: 266292 - Strange behaviour with command line, or even sometimes crash, when using gtk handled arguments.
- Fixed: 267367 - Image loading from chrome results in auth prompts if src is protected.
- Fixed: Add to credits: Namachivayam Thirumazhusai (shiva), Doron Rosenberg, Peter van der Woude (peter6), Jonathan Granrose, Chase Phillips
- Fixed: [Mac] Many changes to Pinstripe (default theme for Firefox on Mac)
Official Windows,
Official Windows installer
(morning build discussion) (RC2 discussion)
Official Linux,
Official Linux installer
More about RC2: Mozillazine, Ben (including what needs testing), Unofficial changelog.
November 4th, 2004 at 2:44 am
Do you mean to say ‘More about RC1:…’?
November 4th, 2004 at 3:56 am
The installer does not work under NT4. When it is supposed to start copying files it hangs. After 1 minute setup.exe crashs. Then it starts copying the files for some strange reason anyway. When you start firefox.exe its causing 100% cpu usage and keeps restarting itself. (new process-ID generated every second)
November 4th, 2004 at 4:27 am
where are the GTK2 XFT Builds for Linux?
November 4th, 2004 at 4:28 am
where are the GTK2 XFT Builds for Linux?
November 4th, 2004 at 5:07 am
For some reason RC2 won’t update the URL field when I browse to sub-pages on a domain – it keeps the top domain…
November 4th, 2004 at 6:34 am
For RC2, does anyone else have a blank plug-ins window. For me, the following is blank, Tools > Options > Downloads > File Types
More curious, Flash, QT and PDF still work.
Noman
November 4th, 2004 at 9:04 am
Noman : I have that too (Windows XP SP1). No extension, no theme, but an old profile for me. Already tried a new one ?
November 4th, 2004 at 12:20 pm
Jean-Marc: I totally wiped out everything before installing RC2. This includes uninstalling Firefox and deleting my profile.
Also, I have FlashPlayer installed. Maybe that caused a problem?
November 4th, 2004 at 1:46 pm
How is bug 266554 (No referrer sent for meta refresh) a security hole by any definition?
November 4th, 2004 at 2:53 pm
Does it bug anyone else that it’s incredibly difficult to get to about:credits in the About screen credits? I mean, there’s only a link in tiny text, in the middle of the copyright notice, that’s nearly impossible to click because of the scrolling? Why not put a button that says “more credits”?
November 4th, 2004 at 4:08 pm
Jonas, it was part of a security hole. See its dependency list.
November 4th, 2004 at 4:18 pm
I added the security hole to the list and removed “Security hole” from my description of 266554.
November 4th, 2004 at 5:17 pm
What the heck is the Creative Commons search plugin? I don’t see it in about:plugins…
November 5th, 2004 at 8:15 am
OSX: ironically, story about the patent on using a computer for doing international business…
This page won’t successfully scroll down, it keeps resetting to the top; the progress bar flashes over and over. AdBlock does not see anything helpful.
Bug? New ad strategy?
http://www.potomactechjournal.com/displayarticledetail.asp?art_id=60363
November 5th, 2004 at 9:02 am
Werd: Search plugins appear in the search field in the toolbar. (Google is selected by default; clicking on the icon lets you choose other searches.)
November 5th, 2004 at 9:23 am
Got it, Matt. Thanks.
November 5th, 2004 at 5:55 pm
>>Bug? New ad strategy?
hmmm, the page does the same thing in MSIE6, so I think the page is just screwed up…
November 5th, 2004 at 9:44 pm
>>Bug? New ad strategy?
Same for me as codguy.
Temporary work-around, press ESC to stop the site from reloading itself.
November 5th, 2004 at 11:16 pm
>Bug? New ad strategy?
>http://www.potomactechjournal.com/displayarticledetail.asp?art_id=60363
This is niether a firefox bug NOR a new ad strategy. It is a site bug, that shows up in both Firefox and IE 6.
Looking at the HTML code, the BODY tag has an onLoad javascript. This javascript function is badly written (It’s supposed to switch protocols to secure for subscription purchase) and just repeatedly replaces the window location with itself (after replacing “http:” with “http:”), then gets called again when the page reloads.
ZC
November 6th, 2004 at 8:34 am
Thanks ZC, for the sanity check.
November 6th, 2004 at 8:49 am
Why don’t you start a new project on sourceforge.net for official Firefox downloads (only PR, RC and final versions)?
They’ve a stunning mirror service, so Firefox would be more visible among international users and other open source software.
Mozilla (and SpreadFirefox.com) can trace of exact Firefox total downloads without waste their FTP bandwidth.
[Excuse me for the off-topic]
November 6th, 2004 at 12:07 pm
When you set the Page style (under view) to “no style”, and middle click to auto scroll, the crosshair thinger appears at the bottom left of the page…
November 6th, 2004 at 7:26 pm
I talked about the lack of constraints that bonsai.mozilla.org puts on security related bugs fixes in my blog.
I visited this blog and found out the author listed many security bug numbers without description, so I obtained them through checkin comments.
Here are the description of the security related bugs.
Bug 265728
Don’t paste on middle click from events not generated by the user.
Bug 249332
Don’t use getters/setters for link.href in browser code.
Bug 264560
Tighten up referrer requirements for XPI whitelist
For the first item
Go to about:config
change middlemouse.paste to true
Select text and middle click in an input field
and watch it inserted.
Put this in an onload event handler
and remote sites can steal what is in your clipboard. This uses something called synthetic events which are events generated by javascript rather than the user.
For issue three, I guess one can fake the referer header to point
to update.mozilla.org which has no restrictions by default.
Thus, one can install packages without a security warning?
I do not know, but maybe a better programmer may come along and exploits these security holes before people get a chance to update
November 7th, 2004 at 12:32 pm
Another funny-looking page, which I don’t know enough to interpret — FF rendering? page design?
http://www.ngdc.noaa.gov/seg/hazard/resource/soc/prof_ssa.html
November 7th, 2004 at 6:01 pm
Yes, I do happen to be looking for cheap hotels on an obscure weblog dedicated to the bugstatus of a browser! How did you know?
Sincerely,
Sarcasm Man
November 7th, 2004 at 8:18 pm
Sheesh, since when did they start spamming weblogs?
November 8th, 2004 at 1:07 am
They started long time ago. Only many site owners do delete this spam others don’t. At least this is not xxx spam…