00:24:46 fucking pink unicorns 00:24:57 anyone know when that pref was added 00:29:00 https://bugzilla.mozilla.org/show_bug.cgi?id=446344 00:29:54 therube frg are these bugs currently added to your mozilla base for 2.53? 00:32:00 446344 was already in 2.57, was added to 2.53.13b1pre 00:33:22 So this has been implemented starting with Firefox 59, but defaulting to disabled; Firefox 70 set it to 2 (always send) by default. 00:35:04 (bug 1424076) 01:18:37 njsg: indeed 01:19:03 446344 doesn't look that difficult to backport to the Aura Runtime Environment 01:20:04 was there any further followups made with it? 01:20:12 that are apperent? 01:22:20 njsg: do you know if the 59 to 56 port was pretty much as-is? 01:27:36 I would have to agree with that pref set to 0 m-esr91 loops forever 08:20:06 CapTainTobin needed a minor rebase for the 2.53.13 code but pretty much as is. the followups are harder to do. 08:20:27 https://www.wg9s.com/comm-253/patches/seamonkey-253-patches/mozilla-release/patches/446344-59a1.patch 12:43:32 hi! any chance somebody's using Vimperator or Pentadactyl (or may be some other similar Vim-like extension) with SeaMonkey? is it possible? 17:58:59 frg_Away: what about bugs 1504085 and 1566295 18:01:09 didn't have time yet. The files do not even exist in 60 and need to check if I can/want to add them as a prerequisite first so that the stuff applies clean. As long as you stay with value 1 probably safe. 18:05:39 yeah but will value 1 pass cloudflare's shit? 18:06:18 well that's gonna be even HARDER to test 18:06:26 because i just passed through the check 18:06:34 by doing nothing at all 18:07:48 yeah I can't get it to trigger a bad response in any UA mode now 18:08:08 so I will put this on the back burner until later i guess 18:08:27 or do the main bug and leave it disabled 18:08:32 or at one 18:08:37 why is 2 unsafe? 18:19:30 CaptainTobin yes for all sites so far. therube tested and I and njsg too. 18:21:55 might send headers when it should not and have privacy disclosure problems. But can't say I am a firm with this so need to check first. As long as it is same origin should not matter. 18:24:10 https://www.fanfiction.net/ did bring up a hcaptcha, & i'm not quite sure what happened with that exactly, but back-arrow then loaded the page. & actually, with that site, simply disabling JavaScript allows the page to load. (don't know if there are further issues there without JS?) 18:24:21 I am guessing 2 is refined with those followup patches based on a fuck-ton of refactoring in netwerk and dom/security 18:24:43 no captcha for me 18:25:16 therube: they HAVE changed something but Pale Meme users were reporting captcha PLUS infinate reload 18:25:40 yes, in PM that does happen. 18:25:49 so why not in Borealis 18:26:28 functionally save for GMP and EME and mac code.. UXP 5.1 and ARE 5.0 are functionally identical 18:26:33 who knows, maybe it's just a UA thing (on particular sites) ? 18:26:34 for the moment 18:35:03 frg_Away: I do have ONE regret.. That i sent 8 years working on Pale Meme and associated projects instead of SeaMonkey 18:35:36 maybe if I had done the work here instead of merely bitching at all of you to do it.. things would be better 18:39:17 and now that I have the skills and experience I have gained they aren't much use here beyond looking at bugs and finding shit because there are still things and ways of doing stuff that have to be dealt with in a specific way 18:40:35 and I can lobby for superior options all day but the shit I pulled during that time doesn't inspire a lot of trust now.. of which i can only try and make up for but still.. the world ain't as stable as it used to be 18:42:31 Well what is the saying A fault confessed is half redressed? 18:43:09 that's a new one for me 18:44:11 i guess fanfiction wasn't really a good site to reference, as even (now ?) in PM, it is allowing access (after 1st going to the cloudflare screen) 18:44:23 I personally just wish that more people would vcontribute. I can take the mozilla stuff all day if needed but can't say I like it. Things like rust are just good for the programming language dumpster. 18:45:14 That reminds me.. there are still some stubs for early rust hanging about.. I should clean those up 18:45:39 frg_Away: rust is literal corrosion on the codebase 18:45:44 perfectly named 18:45:46 eh? 18:50:03 code rust :) 18:51:50 we need to unite to fight the one and only enemy: Microsoft, er, Google 18:52:12 oh, and to get webdevs to stop chasing shiny 18:53:09 speaking of bloat 18:53:11 go here: https://www.greysheet.com/world-paper-money-prices 18:53:14 choose any random country 18:53:28 enjoy your browser eating all of your CPU 18:54:16 (no "unresponsive script" warning pops up - and the browser UI is still somehow responsive - only the entire site becames unusable due to some script gone amok) 18:55:03 https://code.binaryoutcast.com/projects/aura-central/issues/33 18:56:00 lolCloudflare 18:56:12 tomman fine with NoScript and only greysheet enabled. 18:56:25 so a third-party script, eh? 18:57:28 tomman enable cloudflare and it takes some time but eventually loads. DidnÄt try the others. 18:57:29 yeah but NoScript has a lot of baggage when using it and what it does can't even be tested unless you disable it AND clear every known cache ever and still its effects can persist 18:58:05 network console shows hundreds of petitions for jquery.min.js and owl.carousel.min.js from CloudFlare 18:58:21 ...why the site tries to load the same two scripts over and over and over!? 18:58:23 plus the majority of users install it thinking it is an instafix for their privacy woes but it requires some indepth knowhow to operate properly.. especially the xul-based version 18:58:42 tomman: my guess is that it is expecting the correct response with the correct headers 18:58:57 that is what this whole origin header csrf crap is about 18:59:01 the browser is(wisely) telling "use the copy in cache" 18:59:17 and seems to be one of the big things they were checking for in the change they made what.. last week? 19:00:16 also any one notice that Mozilla started signing their omnijar? 19:00:25 guess that is one way to do it 19:01:01 well omnijars.. given they still do dist subdir 19:11:08 wait, this site is using TWO DIFFERENT JQUERY VERSIONS on the same page?! 19:11:09 WHY 19:11:15 (3.4.1 and 3.6) 19:11:20 is that even legal?! 19:11:29 because web developers aren't anymore 19:11:43 One is locally hosted, the other is served via ClownFlare 19:11:54 they are snake oil salesmen who get kickbacks from Google and other cartel members 19:12:13 ClownFlare 19:12:15 I LIKE IT 19:17:09 speaking of clowns, it seems that this site tries to load the entire catalog on a single page 19:17:19 haven't they ever heard about pagination? 19:17:23 Not even InfiniScroll™ 19:18:02 just... load each and every banknote known to this catalog on a single page, combined with whatever toxic jQuery hellstew their "webdevs" have cooked there 19:18:17 not only it kills client performance, it also eats bandwidth too! 19:18:33 these guys are good selling money... not so much buying competent IT 19:19:15 I would complain to them (there is a chat widget), but aside of the obvious expected "CLOSED WONTFIX USECHROME" non-solution, these are the same folks that bought a well-known banknote catalog just to kill PDF downloads for their subscribers 19:19:18 so screw'em 19:19:30 well if you have site specific user agent overrides and the page has more than 6000 images.. you might have a performance drop off too 19:19:38 best remove it like Mozilla did ;) 19:19:55 sorry but that one always gets me.. 19:21:50 it seems it's their "Owl Carousel" script causing the weird delays 19:22:08 the scripts don't even wait until the page has finished loading 19:22:46 likely dependant on 800 different libs all compiled on the fly from a nodejs backend and then shoved into spidermoney asyncronously using dyanmic es modules that load and unload constantly 19:22:54 because that is how the "modern" web works 19:23:25 i may still be slightly bitter about some things lol 19:23:28 does it show? 19:25:11 still.. I can load a very long text or html file and (once it is fully loaded and the UI thread unhangs) scroll top to bottom with no issue.. wheras with Firefox and Chrome it may NEVER fully load and even if it does it will invalidate more than a few viewport size chunks above and below making reading large ass documents literally impossible 19:25:37 i assume 56 doesn't have this quantum change where the document in question is both there and not there at the same time 19:27:46 FWIW, the behavior is mostly the same on FF91ESR 19:28:06 (although the UI is far more responsible there, but the CPU impact is still huge) 19:29:58 CLOSED WONTFIX USECHROME BUYAMACM1 19:31:09 oh i know because the behavior is the same in chrome 19:32:16 the site IS STILL LOADING on FF91ESR, with my laptop fan at full jetblast! 19:32:39 do any user of this catalog ever manages to get results from it?! 19:33:58 ooooh, you also get those scary mixed content warnings because they're serving those banknote images over unencrypted HTTP 19:34:49 And that's the content you get for free, can't imagine how hard my computer would get abused if I paid those folks a $15/mo subscription to access the full catalogs... 19:35:13 "if you're collecting banknotes, you can afford a new Mac", I guess they would say 19:35:37 if you're collecting banknotes you can afford to have loading issues be someone ELSES problem 19:35:46 ...not really, I could buy a bunch of rare bills for the cost of a new Mac 19:36:12 i mean you can pay someone else to find everything and make it their problem 19:37:49 apparently collectibles catalog sites AND JavaScript/Chromeisms™ serial abusers go hand in hand these days 19:38:13 tomman: we shouldn't have let HUMANS on the internet 19:38:19 that is the problem 19:38:23 what other of my hobbies have JS/Chrome killed/nerfed recently? 19:38:42 anime imageboards, numismatic catalogs... 19:38:50 soon 19:39:32 animorph chanboards tend to be coded by memestrs so some may not be AS infected 19:40:04 what about Pixiv then? 19:40:19 that place has come up before 19:40:23 Japan's very conservative 1990s Internet have finally got infected with the Chromeisms™ pandemic 19:40:32 that's plain sad 19:40:45 things like webp being sent as gif mime.. user agent sniffing.. js abominations 19:40:53 and i am sure webcomponents eventually 19:41:08 oooh, bugtrackers requiring Google WebComponents™ 19:41:15 that's where you draw the line 19:41:28 tomman: yeah 19:41:52 well it sure prevents people filing or catching up on issues when webcomponents fails or is non-existant 19:42:03 you can't even READ tickets without WebComponents on, say, Monorail 19:42:26 a bugtracker is the LAST place in world where I would expect "disrupting technology" 19:42:53 ...one of my banks is already threatening to deploy that garbage soon, too 19:44:38 ...which is curious, because they still use IE and 16-bit software on their branches 19:44:50 (their ATMs still run XP, too) 19:45:04 Windows 3.1 used in airline software 19:46:46 well, they finally upgraded then :D 19:46:57 they were using IBM mainframes last time I bothered checking :) 19:48:00 https://www.numismatica.info.ve/en/ <= this catalog is a rare island of sanity in a sea of Google-induced insanity 19:48:04 browser-agnostic? YES 19:48:11 does not require JS? YES! 19:48:25 the guy knows that paging exists? ALL OF MY YES! 19:48:56 (Well, it uses jQuery, but sparingly) 19:49:50 of course the site is not for profit, so that means it doesn't need to appease to the Mac/Chrome generation 21:12:30 The Cloudflare protected sites all seem to work OK now with a default Firefox/68.0 SeaMonkey/2.53.12 UA. Prior to yesterday, using a UA of FF 100 worked on 80% of them. 21:16:38 tomman: https://www.greysheet.com/world-paper-money-prices - works fine for me with a default SM using a Firefox/68.0 SeaMonkey/2.53.12 UA 21:17:21 Rahul: have you picked a country/bank there? That's the page that goes insane, both on SM 2.53.12 and on actual FF91ESR 21:21:03 tomman: Yep, just tried 3 different countries and banks and they work fine. FWIW I use uBlock Origin, but we all do anyway. 21:21:32 need to figure out what exactly I need to block there 21:21:58 this page uses scripts served from Cloudflare and Fontawesome, aside of Google tracking (which I block via DNS anyway) 21:54:36 tomman: bugtrackers requiring something specific is really urgh 21:55:29 requiring javascript is bad enough. using gitlab or github.com for issue tracking is really narrowing down your audience too much 22:12:59 njsg: While I can understand the appeal of Gitlab/Github (selfhosting is hard AND costs money), what I don't get is why build something that should be as simple and robust as possible like a bugtracker must be done over the latest shiny Chromeisms 22:13:04 like, the case of Monorail 22:13:17 in the case of Github, you can at least read SOMETHING 22:13:42 in the case of Gitlab, it degrades further, but you can at least read the bug description 22:13:53 in the case of Monorail, you get a blank page 22:14:35 And people wonder why I go with Trac whenever I need something simple on premises (or can afford selfhosting)