the following changes have been pushed to bugzilla.mozilla.org:

• [868044] Bugzilla should be automagically aware of which product channel a bug-filer is using.
• [815531] splinter fails to display attachment 681995 correctly
• [869077] Component isn’t preselected from the query_string when cloning a bug
• [850135] hide the textarea custom fields by default with an (edit) link
• [866447] Make form.doc set up whiteboard for scrumbu.gs
• [871436] release tracking flag refresh (24)
• [870907] Project Kickoff Form: javascript responsible for checking for required values not working
• [828344] “contains all of the words” no longer looks for all words within the same comment or flag
• [872022] don’t link a review flag to splinter unless the attachment is a patch
• [841559] Project Kickoff Form: Simplify finance question regrading budget
• [850920] Project Kickoff Form: Add new question to Legal subsection area
• [841449] Project Kickoff Form: New Question within Finance Sub Questions
• [850934] Project Kickoff Form: Make Release Date a Required Field
• [850932] Project Kickoff Form: Rework Privacy Policy/Project sub questions
• [826214] New file with one line isn’t shown
• [797840] Replying to a comment on Splinter always replies to the first comment
• [821889] Make it so that Splinter shouts loudly when a patch introduces Windows line endings

Filed under: bmo, mozilla

Firefox 22 reached beta status (it will be released June 24). It's time to list accessibility improvements we made for this version.

ARIA
ARIA role="note" doesn't allow name from subtree (bug) anymore. The bug caused JAWS, for example, to announce role="note" content twice.

HTML
* HTML radio group position doesn't count hidden radio elements (bug). So if the page contains hidden input@type="radio" then a screen reader doesn't take them into account announcing the number of radios.

* HTML input@type="file" changed its hierachy. Now it contains a push button and a label. Be careful if you have dependences on this hierarchy (see bug).

* HTML5 header and footer has changed their mapping according to HTML spec:
footer element that is not a descendant of an article or section element. contentinfo role;

header element that is not a descendant of an article or section element.  banner role.
XUL
XUL label@value element now implements text interface (partially). You can obtain a text between offsets but you can't get it by words for example (refer to bug). XUL label is used wide in Firefox user interface (for example, in Options dialog). Let us know if you have problems with new implementation.

ATK
RELATION_NODE_PARENT_OF has been implemented. It's exposed for aria-owns markup and XUL trees (used in Thunderbird and Firefox bookmarks).

Text interface
As I wrote before we started text interface reimplementation. Firefox 22 got improved getTextAt and getTextBefore offsets at word boundaries. Note, in case of getTextAt we had to mimic WebKit behavior rather than follow the ATK spec to keep Orca working.

Attention. It might be important
* Document load event may be fired a bit later than we used to do that, it will be fired right after all events contained in the queue at the time when document got loaded (see bug).

* IServiceProvider interface is implemented as a tear off (bug).

It’s been a long ride but we can finally say it. This week Firefox 21 shipped and it includes the add-on SDK modules.

What does this mean? Well for users it means two important things:

1. Smaller add-ons. Since they no longer need to ship the APIs themselves add-ons only have to include the unique code that makes them special. That’s something like a 65% file-size saving for the most popular SDK based add-ons, probably more for simpler add-ons.
2. Add-ons will stay compatible with Firefox for longer. We can evolve the modules in Firefox that add-ons use so that most of the time when changes happen to Firefox the modules seamlessly shift to keep working. There are still some cases where that might be impossible (when a core feature is dropped from Firefox for example) but hopefully those should be rare.

To take advantage of these benefits add-ons have to be repacked with a recent version of the SDK. We’re working on a plan to do that automatically for existing add-ons where possible but developers who want to get the benefits right now can just repack their add-ons themselves using SDK 1.14 and using cfx xpi --strip-sdk, or using the next release of the SDK, 1.15 which will do that by default.

As part of the Grow Mozilla effort, the coding stewards have been working to grow our coding community. Our main focus has been to increase the number of contributions to the core mozilla-central codebase, which includes making it easier for newcomers to get started, as well as keeping existing contributors engaged. Recent work has been focused on things like mentored bugs and recognizing contributors.

We hold open weekly meetings every Wednesday to discuss progress on these goals, but we want to give more developers the opportunity to get involved with this effort, so we created the coding-stewards@mozilla.org mailing list for broader discussion. If you’re interested in growing our coding community, but you might not be interested in another weekly meeting, please join the list!

One of the questions I get asked a lot is how to set default application handlers in Firefox (the Applications page in preferences). Most companies have resorted to creating a default mimeTypes.rdf file and loading this into their default profile. I finally took the time to understand how these handlers work and can give you some code to use.

var handlerSvc = Components.classes["@mozilla.org/uriloader/handler-service;1"].getService(Components.interfaces.nsIHandlerService) // Change "image/tiff" the mime type you want to set the preference for var realMIMEInfo = mimeService.getFromTypeAndExtension("image/tiff", ""); var file = Components.classes["@mozilla.org/file/local;1"].createInstance(Components.interfaces.nsIFile); // This should be the path to the .app file on Mac or the EXE on Windows file.initWithPath("/Applications/Preview.app"); var localHandlerApp = Components.classes["@mozilla.org/uriloader/local-handler-app;1"].createInstance(Components.interfaces.nsILocalHandlerApp); localHandlerApp.executable = file; // The name that will be shown in preferences. // Not used on Mac localHandlerApp.name = "Preview"; realMIMEInfo.preferredApplicationHandler = localHandlerApp; // This says to always use the helper app realMIMEInfo.preferredAction = 2; // useHelperApp // This says not to ask realMIMEInfo.alwaysAskBeforeHandling = false; handlerSvc.store(realMIMEInfo);

You can add this code to your autoconfig file.

All aboard the patch wagon! Next stop: Microsoft, Adobe, Mozilla
Register
Today, right on schedule, Microsoft's monthly security patch bandwagon rolled into town with updates for Internet Explorer, Office and Windows - with Adobe bringing up the rear. This latest instalment of Patch Tuesday addresses 33 bugs in a range of ...

TechSpot
Mozilla releases Firefox 21 for PC, Mac, Linux and Android
TechSpot
Mozilla recently launched version 21 of Firefox for Windows, Mac and Linux. The updated browser brings a number of new features including support for Mozilla's Social API which allows social providers to integrate directly with the browser and display ...

Last week I was in California. It was my first time in the Mozilla SF office --- lovely view of the Bay from the roof. I always enjoy the free snacks and I'm always glad we don't have them in Auckland. I spent quality time with some of the people I know and love at Mozilla, and that's always exciting.

On Wednesday and Thursday I was at Half Moon Bay doing LEAD training. It was fun, but thinking about "soft skills" for two days straight is quite draining for me; my social skills are learned, not innate.

This cohort is different from previous cohorts --- most members are relatively new to Mozilla; of our cohort, Vlad and I have been at Mozilla the longest, by far. This gives me the honor and duty of representing the Mozilla old guard. I feel the power of the narrative that has me in the "crusty old engineer, harping about the old days and resisting change" role ... and I do my best to reject it :-).

One of the results of LEAD so far is that I perceive my relationships with other Mozilla staff to be warmer and stronger than they perceive them, on average. I suspect this may be related to the difficulty of maintaining deep relationships with remote employees I see a few times a year at best. I'm still trying to figure that out.

Plane movies:

• Gangster Squad: Genre flick. OK.
• Zero Dark Thirty: Pretty good. Not exactly entertaining, but interesting.
• Live And Let Die: Some kind of cross between a Bond movie, a blaxploitation flick, and the Dukes Of Hazzard. Odd.
• The Town: Genre flick. Slightly better than average.
• I, Anna: Sort of noir-ish psychological thriller. OK.
• Les Miserable: The movie of the musical. Pretty good. I need to read the book sometime.

Interestingly, Air New Zealand lets you see what movies they're showing on their routes. This Web interface is a pretty faithful mockup of the actual in-seat interface (which is pretty bad ... it would be great to be able to see more than one movie title at a time).

On Friday I leave for Taiwan for a week at the Mozilla office, a "Web rendering" work week. This should be even more fun than last week.

Last week I was in California. It was my first time in the Mozilla SF office --- lovely view of the Bay from the roof. I always enjoy the free snacks and I'm always glad we don't have them in Auckland. I spent quality time with some of the people I know and love at Mozilla, and that's always exciting.

On Wednesday and Thursday I was at Half Moon Bay doing LEAD training. It was fun, but thinking about "soft skills" for two days straight is quite draining for me; my social skills are learned, not innate.

This cohort is different from previous cohorts --- most members are relatively new to Mozilla; of our cohort, Vlad and I have been at Mozilla the longest, by far. This gives me the honor and duty of representing the Mozilla old guard. I feel the power of the narrative that has me in the "crusty old engineer, harping about the old days and resisting change" role ... and I do my best to reject it :-).

One of the results of LEAD so far is that I perceive my relationships with other Mozilla staff to be warmer and stronger than they perceive them, on average. I suspect this may be related to the difficulty of maintaining deep relationships with remote employees I see a few times a year at best. I'm still trying to figure that out.

Plane movies:

• Gangster Squad: Genre flick. OK.
• Zero Dark Thirty: Pretty good. Not exactly entertaining, but interesting.
• Live And Let Die: Some kind of cross between a Bond movie, a blaxploitation flick, and the Dukes Of Hazzard. Odd.
• The Town: Genre flick. Slightly better than average.
• I, Anna: Sort of noir-ish psychological thriller. OK.
• Les Miserable: The movie of the musical. Pretty good. I need to read the book sometime.

Interestingly, Air New Zealand lets you see what movies they're showing on their routes. This Web interface is a pretty faithful mockup of the actual in-seat interface (which is pretty bad ... it would be great to be able to see more than one movie title at a time).

On Friday I leave for Taiwan for a week at the Mozilla office, a "Web rendering" work week. This should be even more fun than last week.

Over time I've become increasingly impressed with the broad applicability of Matthew 18:15-17:

If your brother or sister sins, go and point out their fault, just between the two of you. If they listen to you, you have won them over. But if they will not listen, take one or two others along, so that ‘every matter may be established by the testimony of two or three witnesses.’ If they still refuse to listen, tell it to the church; and if they refuse to listen even to the church, treat them as you would a pagan or a tax collector.

The first step is often difficult but crucial. The path of least resistance can be to go behind your antagonist's back --- to your friends, or their friends, or their manager. I've seen all kinds of negative consequences from following that path --- hurt, distrust, unnecessary escalation, confusion and fear. I feel my integrity depends on people knowing that whatever I say about them to others, they will not be surprised by because they've already heard it from me.

This applies in the other direction too, when people complain about third parties to me. If the third party is unaware of the issue, I don't want to know --- go away and talk to them first.

There are rare exceptions, usually involving time-critical emergencies or complex secrecy requirements.

Over time I've become increasingly impressed with the broad applicability of Matthew 18:15-17: If your brother or sister sins, go and point out their fault, just between the two of you. If they listen to you, you have won them over. But if they will not listen, take one or two others along, so that ‘every matter may be established by the testimony of two or three witnesses.’ If they still refuse to listen, tell it to the church; and if they refuse to listen even to the church, treat them as you would a pagan or a tax collector.

The first step is often difficult but crucial. The path of least resistance can be to go behind your antagonist's back --- to your friends, or their friends, or their manager. I've seen all kinds of negative consequences from following that path --- hurt, distrust, unnecessary escalation, confusion and fear. I feel my integrity depends on people knowing that whatever I say about them to others, they will not be surprised by because they've already heard it from me.

This applies in the other direction too, when people complain about third parties to me. If the third party is unaware of the issue, I don't want to know --- go away and talk to them first.

There are rare exceptions, usually involving time-critical emergencies or complex secrecy requirements.

We’ve all seen it: we’re working along, and we come across code that just has a feel to it. It’s like déjà vu. You’ve seen this code before. You open another file – sure enough, there it is. The same code. Almost line for line. In large code bases, it’s likely that there are dozens [...]

Computerworld
Mozilla to Firefox: 'Browser, heal thyself'
Computerworld
Mozilla highlighted the new social media connections now built into Firefox in a blog post. The company debuted its Social API (application programming interface) last November with Firefox 17, which added a sidebar to show Facebook chat sessions and ...
Mozilla's Firefox update fixes three critical holesThe H
Mozilla releases Firefox 21 for PC, Mac, Linux and AndroidTechSpot
Mozilla releases Firefox 21 with usage reportingInquirer
The Next Web -Naked Security -Techtree.com
alle 54 nieuwsartikelen »

Golem.de
Mozilla-Wartungsdienst verschafft Angreifern Systemrechte
Heise Newsticker
Mozilla hat zahlreiche Schwachstellen in Firefox und Thunderbird geschlossen. Neben einigen kritischen, wie etwa ausnutzbaren Speicherfehlern, befindet sich darunter auch eine Lücke im Mozilla Maintenance Service für Windows, die zu einer ...
Sicherheitslücke Rechteerschleichung über den Mozilla Maintenance ServiceGolem.de

alle 2 nieuwsartikelen »

(This is NOT an official Mozilla project and does not in any way reflect the views of my employer.)

Mozilla Persona is a way for users to use their e-mail ID as their identity on the web. While cool, it will only really take off when existing services that people use become Identity Providers. XMPP (Jabber) is a widely deployed IM protocol whose IDs look like e-mail and it is a secure, federated system in alignment with Persona’s goals. I thought it would be really cool if I could log in to Persona enabled sites using Jabber IDs. I’d like to announce browserid-xmpp which does just that.

It should work with any XMPP server that supports components and BOSH. That said I have only tested it on my VPS (with Prosody, ejabberd and Openfire), so any issues and pull requests are welcome, as is a quick comment if you deploy it on your server. You’ll also need a relatively sophisticated web server like Apache or nginx to serve the browserid file with the right Content-Type. CheckMyIdP is a great way to check if everything is setup properly.

browserid-xmpp is two things. The first is a XMPP component that can plug into any XMPP server and answer a certificate signing query. This is a fork of the “official” browserid-certifier with an Jabber-RPC front-end rather than a web service.

The second is the set of provisioning and sign in pages that can be re-used by any domain. The authentication is handled as a two stage process using BOSH. This was my first experience with BOSH and it is ridiculously cool how it works and supports session hand-off to another page, without which this would not be possible. On the sign in page, an XMPP stream is established and authentication is done using standard XMPP authentication. The established BOSH stream has a session ID and every message sent has an incrementing request ID. On successful sign in, the sign in page sticks these two, along with the JID into sessionStorage. The provisioning page reads these out and ‘attaches’ to the existing BOSH stream. Due to the unpredictable nature of the SID and RID, there is a reasonable guarantee that someone who attached to the stream successfully knew about the stream before. The provisioning page then makes a Jabber-RPC call over the same stream to the XMPP component. This call is performed on behalf of the JID and a certificate is sent back to the browser. You are now signed in!

P.S. I’d like to thank Cory Benfield for an excellent guide to writing an IdP.

P.P.S. This post was published right before a 12-hour plane ride, so I’ll be back for tech support in a while.

I think that Firefox should stay as the default browser in Ubuntu for the following reasons:

• Mozilla has a vibrant open source community and many of our contributors are active in both Ubuntu and Mozilla.
• Mozilla’s mission is to promote openness, innovation and opportunity and Firefox encompasses all of those goals.
• Chromium as a package has fell behind in the past while Firefox has team of contributors in the Ubuntu Community who keep it up-to date every cycle.
• Firefox is perhaps one of the most popular open source browsers.
• And most importantly in my opinion Mozilla by default respects user privacy and choice.

Why fix something if it’s not broken? If others prefer Chromium well then “sudo apt-get install chromium-browser” and I guess that’s just my two-cents on the topic.

Mozilla Firefox 21 released, adds social API on desktop and open source fonts ...
BGR India
Mozilla has launched the new version of its open source browser Firefox for the desktop platforms including Mac, Windows and Linux, as well as the Firefox browser for Android. The all new Firefox 21.0 comes with feature and performance improvements ...

Speed & memory:

• Fixed: 805241 - JS: Merge the new baseline compiler.
• Fixed: 804676 - JS: Remove dependence of Ion compilation on ScriptAnalysis::analyzeTypes.
• Fixed: 825928 - Graphics: Layers refactoring.
• Fixed: 865546 - Graphics: Large scaled images in SVG's cause choppy scrolling.
• Fixed: 854803 - Graphics: Images on slow network continously use 1 full core.
• Fixed: 600307 - Rewrite and cleanup DOMStorage code.
• Fixed: 566746 - Form history should use asynchronous storage API.
• Fixed: 697377 - Form Autocomplete should use asynchronous storage API.

For more, read Taras's Snappy blog and MemShrink blog posts.

New web technologies:

• Fixed: 765780 - Enable plugins and JavaScript in designMode.

For more, read Firefox 23 for developers.

Security & privacy:

• Fixed: 838692 - Don't allow navigating named targets from sandboxed iframes.
• Fixed: 549697 - Add click-to-play plugin UI to the addon manager.
• Fixed: 834836 - Turn on pref to block mixed active content.

Other notable fixes:

• Fixed: 858538 - Download-attribute kills WebSocket connections.
• Fixed: 560072 - Object.getOwnPropertyDescriptor throws for many DOM objects.
• Fixed: 485149 - Using box-shadow on a <fieldset> with <legend> does not follow box shape.
• Fixed: 857820 - Drop only blink effect from text-decoration: blink; and completely remove <blink> element.
• Fixed: 369180 - Proxy Authentication required while typing Search String.
• Fixed: 649216 - Remove unnecessary delay when clicking tab close buttons sequentially.
• Fixed: 636564 - [Mac] Lion-style floating scrollbars.

Sources:

• @FirefoxNightly on Twitter
• All 4828 changes between FIREFOX_AURORA_22_BASE and FIREFOX_AURORA_23_BASE

Mozilla rolls out Firefox 21, and adds HTML5 support for Android
V3.co.uk
Mozilla has updated its Firefox desktop web browser with a set of social networking plug-ins as well as new presentation options for the Firefox for Android mobile browser. The company said that the new messaging options would include support for ...

This past Monday I gave a presentation at the Mobile Monday Detroit meeting about Firefox OS. Thanks to some great screen recording software by TechSmith, I also recorded it

I’ve also made the slides available online for those who just want to read (press ‘s’ on your keyboard to see my speaker notes, you may have to allow pop-ups).

Mobile Monday Detroit is a monthly meetup that gets people together to talk about activity in the mobile space. Many topics cover Android and iOS, so it was really cool to snag a spot on the podium and give a talk about one of the ‘alternative’ operating systems. Also presenting this week was Randy Nunez from Ford who gave a talk about the various open source mobile operating systems and Chris Peplin from Ford who talked about the Open XC API for cars that Ford is working on.

If you live in southeast Michigan you should try to make it out to one of the meetings. More information can be found at the Mobile Monday Detroit Meetup page.

Tagged: detroit, firefox, firefoxos, mozilla, planet-mozilla, presentation