On Tuesday 12 Jul 2011 23:48:19 Luke R. wrote: > I think we are looking over the obvious. Submit a bug to FireFox and say that > we want it to alert us before going into Private Browsing mode. Make it an > option, even if forced from a command line app. Then everyone is happy.
Okay, testing shows: - FF5 just ignores -remote <url> and opens it in a new window which is not afaics in private mode. - FF3.6.19 clobbers all the tabs, and saves them. - According to our bug reporter FF3.6.18 clobbers the tabs and doesn't save them. So the solution to the immediate problem is: - Don't use -private on FF3.6.18 and earlier. However, FF5's outcome isn't terribly functional. It'd be really nice if we could create a profile while being 100% sure it won't overwrite the user's default ... the problem is that bug was never easily reproduced, and there's a side issue that if they open a new url while the freenet profile is open it'll be opened in it. Not an immediate issue though... > > > --- On Tue, 7/12/11, Matthew Toseland <toad at amphibian.dyndns.org> wrote: > > From: Matthew Toseland <toad at amphibian.dyndns.org> > Subject: Re: [freenet-dev] Firefox privacy mode destroys existing windows - > how the **** can we deal with this? was Fwd: [Freenet 0005209]: Freenet > forces firefox into private browsing mode > To: devl at freenetproject.org > Date: Tuesday, July 12, 2011, 11:30 AM > > On Monday 11 Jul 2011 21:46:10 Matthew Toseland wrote: > > It looks like the original justification for this is somewhat less now, > > since Firefox 4 and later *mostly* fix the CSS history leak. They don't > > eliminate all possibilities, there are some options if you know what url > > you are looking for, but probing hundreds of editions via javascript or > > image loading doesn't work. > > > > Having said that, it does make sense to launch the browser in privacy mode > > if possible. E.g. to prevent history being written at all. > > > > Going to privacy mode manually saves all tabs, and they can be got back by > > manually exiting privacy mode or restarting the browser. > > > > Also, firefox -privacy <url> for me on ff5 on windows just opens another > > tab, without using privacy mode. Much the same as (some older versions of?) > > Chrome. The bug reporter was using 3.6. > > > > All this changes things somewhat. See the bug: > > https://bugs.freenetproject.org/view.php?id=5209 > > > Given that: > 1) -private doesn't work anyway on FF5 if there are other tabs, it just > ignores it, like Chrome used to, and > 2) It does clobber the other tags in ff3.6 (according to the bug reporter, we > should test this), and > 3) The CSS history leak doesn't happen with ff4+ (or is very hard to exploit > at least), and > 4) We would like to use privacy or incognito mode nonetheless as it should > result in the browser being more careful, and in particular it won't record > history > ... > The easiest solution would appear to be to not use -private with ff3.6+. > Maybe we should test it with 3.6, 4 and 5 - if on 4 and 5 it merely ignores > the private flag, that's at least not destructive, we could only use it on > 4+??? > > Another option is to have a checkbox in the installer. > > BOTH OF THESE SOLUTIONS SUCK! So we're back to where we started. :( > > Telling them to use Chrome sucks too. It's not widely available on linux yet, > and it's not clear whether it has the CSS history fix. > > Are there any other options? :( > > -----Inline Attachment Follows----- > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://freenetproject.org/cgi-bin/mailman/listinfo/devl -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20110713/ed8429af/attachment.pgp>
