It would be really nice if the addons/extensions page showed which addons were listed as compatible and which weren't. I might thus make a decision to disable/delete an addon or two that were blocking me from using multiprocess firefox. As it is, I have no idea if my firefox is using multiprocess at all. All I know is that I use a lot of addons and I'm probably not, then, using multiprocess.
Seems the only addon I use that isn't compatible is "Disable Ctrl-Q Shortcut". It's an addon I really don't want to get rid of, there have been many cases in the past where I've accidentally pressed ctrl+q instead of ctrl+w, and had Firefox quit on me..
Edit: The page for the addon has a comment saying it does work with multiprocess, so I just forced it on. I'm on Linux, and I don't know of an about:config key to disable ctrl+q
Does anyone know of such an extension for Chrome and Alt-F4? Chrome seems to handle that all by itself on Debian, which is silly because my window manager doesn't use that for "Close Window".
If you set browser.showQuitWarning to true (also make sure browser.warnOnQuit is true; that should be default) it will show a dialog to confirm if you want to quit. But if you check the box "do not show next time" it will set browser.showQuitWarning to false.
Apparently the SSL certificate for that site expired a few days ago and nobody renewed it.
Certificate expiration seems like one of the most ridiculous aspects of TLS. Its only use case (apart from generating more money for CAs) seems like "we somehow can't revoke the certificate, but if we wait it'll expire".
that's kind of also a really important use case. "There is no reason to trust this certificate in perpetuity, so pretending it hasn't been compromised over a long period of time would be stupidly insecure. Let's expire it after X months". There is no reason to trust a certificate that's older than a year, for instance, there's been more than enough time for someone to reverse engineer the keys if they wanted. The real part you should be questioning is why no one renewed it. It's pretty trivial to set up cert renewal, so why didn't they? Maybe the site's no longer maintained, maybe it's not actually intended to be secure. Important questions.
> There is no reason to trust a certificate that's older than a year, for instance, there's been more than enough time for someone to reverse engineer the keys if they wanted.
Cryptography does not work that way.
> It's pretty trivial to set up cert renewal, so why didn't they?
That holds true today, with Let's Encrypt; their short expiration date seems to exist largely to force people to automate it, and in that regard it seems quite effective. But prior to that, many CAs did not have scriptable automated processes to renew certificates.
> There is no reason to trust a certificate that's older than a year, for instance, there's been more than enough time for someone to reverse engineer the keys if they wanted.
> Cryptography does not work that way.
But it kind of does. Imagine if we were still using certificates signed with DES and MD5 hashes because they were available perpetually. Certificate expiration at the very least means that whenever you renew you're keeping up to date with whatever vulnerabilities have been exploited in the past 3-5 years.
It also keeps CRLs short and concise as those certificates that have expired do not need to be included.
Thanks; I disabled quite a few non-critical addons based on this list and was able get the switch in about:support to flip. Will see if it's worth it! All of the addons I disabled are listed as "unknown" so I suspect they will all just work fine if I forced multiprocess but better safe than sorry. Thanks for the information.
That site listed a few of my addons as incompatible, but turned out that that site hasn't been updated in a while. Example, it lists Lastpass as incompatible, but it works just fine for me.
Lastpass definitely was rough at the beginning, but it's been stable for months for me. And I'm one of the crazy ones running multiple content processes.
That's not enough though. In about:addons all my add-ons are listed as compatible, but about:support still says that multiprocess is "disabled by add-ons". So YMMV.
EDIT: The gotcha is that the current release uses a whitelist of only about 20 extensions. If you have anything else, you need to force-enable the feature, even if your extensions are supposed to be compatible.
https://hg.mozilla.org/releases/mozilla-release/file/FIREFOX...
Yeah, as it turns out, when I installed it actually reported misleading info. (But then the official site misreported too.).
Uninstalled some of the tab extensions I had running and went for "Tab Center" from Test Pilot instead. I'm now running on multi-process and it seems quite a bit snappier overall. :)
Simply look under "about:support" tab for Multiprocess Windows to see if enabled or not. You can also force enable it in "about:config" by setting browser.tabs.remote.autostart to TRUE if its not already (note this does circumvent having to disable non-compatible plugins such as Firebug).
1Password isn't compatible with multi-process? That sucks. :(
I use 1Pass for everything but I use Chrome right now. I've been eyeing Firefox again (it used to be my primary browser) but that kinda kills the deal for me. I'll probably start integrating it slowly. I can't imagine 1Pass will hold out for too long.
Here is the e10s bug about 1Password and it was resolved fixed in 2015. It might not be included in the initial extension whitelist for the Firefox Release channel but should work if you force-enable e10s or use Firefox Nightly.
I upgraded to the latest version of the LastPass plugin direct from the LastPass site and it seems to work fine. For whatever reason, the one they have listed on AMO is a whole major version behind.
Looks like you can either set browser.tabs.remote.autostart=true to soft-enable it, or browser.tabs.remote.force-enable=true to force it on. The wiki[1] does not encourage the latter, but suggests the former may only be available for beta (and more frequent) builds.
I like how Firefox multiprocess has evolved and continues to evolve taking measurements into account.
When multiprocess was announced several years ago, my main worry was that it would be a Chrome clone with one process per tab and become sluggish like Chrome (my general use of browsers is a minimum of 10 tabs and on certain machines a lot, lot more). Finding a balance between responsiveness, security and stability is what I'd prefer. I personally don't see many stability issues in Firefox even without multiprocess. So I'm happy with this progress even though it may seem slow to dime people or that Firefox isn't keeping up with Chrome (the latter is meaningless for my use since Firefox and it's extensions provide a lot more).
I hate typos, and can't edit the comment anymore. The last sentence should read:
So I'm happy with this progress even though it may seem slow to some people or that Firefox isn't keeping up with Chrome (the latter is meaningless for my use since Firefox and its extensions provide a lot more).
I force-enabled multi-process FF a while ago and haven't had any issues. In the 49.x series there were one or two tab crashes, but I can't think of any recently. All of my extensions have worked just fine too.
I have a few reasons to prefer 1P over a browser based option:
1Password doesn't require a cloud sync. I just use the local wifi sync. I'm less worried about data breaches as a result.
1Password lets me save more than browser passwords: especially on mobile where I have lots of apps to log into, which shares a password with a desktop website.
Also, I store additional data (like bank info, account numbers, etc) in 1P, and browsers don't have UX for that, even if the back end could be useful for that.
> 1Password doesn't require a cloud sync. I just use the local wifi sync. I'm less worried about data breaches as a result.
Firefox Sync encrypts all of its data; a data breach on the server would only result in a pile of email addresses and encrypted blobs.
> 1Password lets me save more than browser passwords: especially on mobile where I have lots of apps to log into, which shares a password with a desktop website.
Fair enough. All the mobile apps I use just stay logged in once you log in once.
> Also, I store additional data (like bank info, account numbers, etc) in 1P, and browsers don't have UX for that, even if the back end could be useful for that.
Hadn't occurred to me to store non-passwords in a password manager. That seems like something a Firefox extension could provide on top of the Firefox password manager, which would make a nice substitute for a locally encrypted file. I wouldn't mind using that to store things like security questions/answers.
The old Firefox sync used a local-only passphrase to encrypt things. The new one, as far as I can tell, just tires everything to your Firefox Account (i.e. nothing local is required). That's not really better than what 1Password does, I think.
The current Firefox Sync (based on Firefox Accounts) still keeps everything client-side encrypted, rooted in password-derived keys and locally generated keys. It never sends the password to the server.
It does, however, download JavaScript served by Mozilla when you log into your Firefox Account, which means that Mozilla can cause your password to be sent to them unencrypted, if they so choose. This in turns means that a disgruntled employee, Mozilla the organization and any government which is able to compel Mozilla the organization or key employees can get access to your password at any time, rendering Firefox Sync completely untrustworthy.
That only occurs when you log into your Firefox Account via the web-based system, which necessarily has to use JavaScript to provide a client. If you log in via your browser, all the code lives in the browser.
Or, if you prefer, you could run a self-hosted version of Firefox Accounts on your own server.
Firefox Sync is cross-platform (it runs everywhere Firefox does), and it has every feature I want. What additional features do you want that it doesn't have?
Disclaimer: I'm writing this on Firefox. I was one of a couple of ten thousand people who donated money ten or so years ago for their famous NY Times ad when they were still going head-on against IE. I like them.
This being said: if their Sync platform works for you, great. Here are my reasons why I choose 1Password as my password manager:
1. It's made by a company that focuses exclusively on this one product. It's their raison d'être, not a side project.
2. They're old-fashioned in a way: they provide me with something, and I give them money for it. 1Password is not cheap, but very good value for money - for me.
3. I've been using it for over half a decade now. 1. and 2. together give me a good reason to believe I can continue to do so for a long time to come. This is in stark contrast to Mozilla, who have been throwing stuff against the wall for quite a while now and abandoning it whenever things do not pan out
4. Various sync options. I'm not required to trust any one "cloud" provider when it comes to privacy, security or continued availability
5. The 1Password vault format can actually be opened in a browser. Even if by some strange fluke I find myself without a client, I can simply download the file on pretty much every machine and still access my passwords
6. UI. 1Password is very well thought out, and that's an important thing for me for something I use about a couple dozen times every day.
While I cannot swear to it, I think I only paid twice over the last six years - the initial purchase plus one paid upgrade some time in the middle. I actually hope to pay for the next one; not only because of what I consider to be fair, but because I want them to do well and be around a long, long time.
And when it comes to security, I've seen HN's resident crypto luminary tptacek give it his thumbs-up. This is something I am not able to properly assess on my own, so his word is good enough for me.
Speaking as a 1Password customer and Firefox user ...
Just because you pay for something, it doesn't make the business model sustainable. 1Password may be a solid product, but it's in essence a key-value store, which means that there isn't much AgileBits can do to improve it in order to get people to upgrade to a version 7. Heck mobile users would get that for free anyway. And btw, you're probably on macOS, because there is no Linux version, the stable Windows client sucks (version 4) and their new beta client (version 6) is read-only for usage without an account.
In other words they have a potential problem: their market is not that big and the standalone version requires convincing people to upgrade for sustainability. And this puts their new subscription model in a new perspective. Which is cool and all, except that would you really pay $3 / month on a yearly contract ($3.6 actually with VAT included) for a password manager? I wouldn't. You can bring up the coffee comparisons of course, but I have other more important subscriptions to pay for that have priority (e.g. phone, email, storage, hosting, domains, etc).
As for the endorsement of tptacek, if you care about the words of an HN user, he has endorsed only the standalone product, not the online enabled version to which they are now transitioning. Which no sane expert would endorse actually, given the problem of needing to enter your password in a web interface for account management.
Now don't get me wrong, I think 1Password is a good product, but then you compared it with Firefox and Firefox is open source with its development being done in the open, with contributions by third parties as well, which means that no matter what, it will stick around for as long as people want it. Firefox is also one of our champions for open standards, being essentially an open platform for app development. Now this puts it in another league entirely.
Integration outside of the browser is why I use keepass. I can press ctrl-alt-w and it will enter my passwords for things such as Steam, Skype, etc. in the applications themselves.
I use passwords outside Firefox. Ergo, a password manager tied to Firefox is inherently too limited.
I read the description of cli-get, and it appears to be similar to a feature built-in to the network tab of the standard developer tools. If you right-click a request in the list of requests you can select "copy as cURL" from the popup menu to get the equivalent curl command line.
FWIW, I've been running FF multiprocess with a pile of extensions since it was first introduced (there's a preference you can set to say "yes really I want to do this and I realise I get to keep both pieces"). A few extensions failed, but mostly it's been wonderful and I would recommend it to any techie user.
Sadly it's not realistic. Even if someone were to put in the time to make it work, Vimperator would just break again within the next year when XUL addons are deprecated in favor of WebExtensions, and unfortunately WebExtensions do not support all the features of Vimperator. You can use VimFx for now, but again it is a XUL addon and would take a massive amount of work to port to a WebExtension. Hopefully someone can get Vimium or cVim ported over as a WebExtension. I have played around some with this but haven't got it to work. It seems some of the needed API's are missing from WebExtensions at the moment.
Pentadactyl is also going to break then, for the same reason. That's why I've been moving from Firefox to Pale Moon, where Pentadactyl continues to work. I expect Vimperator will continue to work on Pale Moon too.
I just took a gander: no tab-search, the keybindings are closer to Vimium than plain vim and no external editor. Also the hinting is _slow_ - it takes a second to render the link hints on the hacker news home page.
I have been testing out VimFx as well (long time Pentadactyl user). I miss being able to do ":b" and quickly find open tabs, but the Firefox awesomebar has a similar functionality if you type "%". That's what I have been using. You can see more information here: https://support.mozilla.org/en-US/kb/awesome-bar-search-fire...
At this point I think it's either fix it yourself or look elsewhere :(. I don't think the current maintainers have the bandwidth to port it to WebExtensions.
It lacks many features of Pentadactyl but covers the basics -- clicking links and text boxes with the keyboard. I have found it possible to replicate some of the things I missed from Pentadactyl through built-in features of Firefox I didn't know about (like the awesomebar filters I linked to above). Also, from using VimFx and accidentally hitting ":", i discovered the GCLI. It is a little clunky, but it is possible to define custom commands for the GCLI that have similar access to Firefox as XUL addons (and I think the GCLI is supposed to survive through WebExtensions).
Looks like accessibility tools (e.g. screen readers) also disable multi-process support as of Firefox 50. I know enough about accessibility APIs and their implementations to guess that it's going to be difficult to modify that code to work efficiently in a multi-process configuration.`
Edit: I'm talking about Windows. Don't know about other platforms.
I'm the dev who is responsible for the Windows implementation. It has been quite the... gnarly experience to say the least. We were shooting for 52 for enabling a11y+e10s, but it is increasingly looking like we're going to need to slip to 53.
Note that the approach we are taking on Windows is different from the way that Chrome works. They cache the entire a11y tree in the parent process so that the DLLs injected by assistive technologies may quickly enumerate the a11y tree via virtual function calls.
In 2017 we want to start moving away from injected DLLs in Firefox. As part of that initiative I decided not to take the caching route in a11y as that would require continuing to allow injected DLLs for a11y purposes. Instead I am implementing a COM handler that should allow us to significantly reduce the number of round trips required to enumerate the tree. I am hoping that this will offer AT vendors a migration path that eventually moves them out of our process.
Feel free to join us in the #accessibility channel on Mozilla's IRC server to chat further. I am aklotz on that server.
It should be noted that 'compatible' is not actually the tested compatibility, it's whether or not the add-on author has declared that it is compatible within their manifest.
Has anyone noticed bookmarklets not working when multi-process is turned on?
I installed a V 51 developer edition to test out multi-process, and when multi-process was on, my bookmarks that modify the dom did not work. Any one else noticed anything similar?
That's sounds like a bug, as if the bookmarklet is executed in the main browser process and can't see the page's DOM. What DOM bookmarklet water you using? The Pinboard bookmarklet works for me but it is not agreeing the DOM.
Just tested Firefox Nightly 53 with the three bookmarklets I use most often, they all work in 53. Therefore it must have been a bug with the 51 version.
> Our measurements and user feedback were all positive and so with Firefox 50 we deployed multi-process Firefox to users with a broader set of extensions, those whose authors have marked them as multi-process compatible.
How can one check if some extension is marked as such?
I'm using Firefox beta (which is now 51.0b9) and I noticed that Firefox now splits a separate "Web" process. Is that the indication that multiprocess is enabled?
Yes. I do think you it enabled. To confirm, go to about:support, and look for the field that says, "Multiprocess Windows". If it is a value > 0, you do have multiprocess.
If you are on an old version, check for the string "Multiprocess staged rollout". If it is true, you do have e10s enabled.
Even on a clean Firefox 50.1.0 x64 install with just uBlock Origin and multi-process enabled Firefox feels quite a bit slower than Chrome. This really shouldn't still be a thing especially with Chrome also having to deal with a bunch of Flash based content on some sites (looking at you BBC News).
I've noticed most people at my office seem to use chrome because of that seems faster feeling and it's always chromes obsessive page caching which a lot of the time is a pain to deal with. Our site added some cache busting params in the Javascript request based around our git pulls but there's so many times I have to figure a situation because a chrome user is seeing something to old.
An alternative vertical tab bar I discovered some time ago is Tab Center (https://testpilot.firefox.com/experiments/tab-center).
Although still a little buggy, I switched over from Tree Style Tab. It feels better IMO and I really didn't care about the "tree style" of TST, I just felt the need for a vertical tab bar.
Wow, I just tried it, and it's the tab interface I always wanted. More vertical space for reading web pages, and wider tabs to read the tab titles more easily. Why isn't this the default yet?
I must admit I don't really understand the use case here. (Vertical, obviously, because you can exploit the wide screens we "all" have.) Can you explain why you want nested tabs?
Using Tree Style Tab myself and forced multiprocess. Sometimes when I close a tab, it folds some other tabs into it, but they are still active and you can alt + tab to them, but not visible in the UI. Not that it bothers me too much, since activating multiprocess gave me a huge performance increase
I've been gradually disappointed by Firefox - more and more websites no longer work. Okay, I'm using Firefox Developer Edition, but nonetheless, it's been disappointing compared to, let's say, Google Chrom Canary. Memory and CPU footprint is worse than latest Canary, too!
So now Firefox will become much slower due to per tab process overhead, just like Chrome, will pollute the task list with processes, and lose the enormous benefits of it's fantastic extension model, all for some intangible security benefits?
I've almost never had a security issue or crash on Firefox with a hundred tabs and maybe fifty extensions, it's still faster than chrome with 10 tabs.
More seriously—it's somewhat sad to see Chrome get all the credit for this, when it's undoubtedly the case that both IE and Chrome were working on this at the same time.
Chrome was built from scratch around this concept. Firefox wasn't, and there's a whole wealth of infrastructure around the non-multiprocess approach, from the way plugins work, all the way on up. Migrating towards multi-process has been a decidedly non-trivial task for Mozilla, involving a lot of effort from a lot of people.
Does anyone have insight on why we're getting this for Firefox in (very late) 2016 while Chrome has had this since 2008 and IE since 2009?
Seriously, I understand the need for competition in the browser, and wish there was a viable alternative to chrome on things that aren't Windows, but the failure of Firefox to keep pace is really disappointing.
Slow and lacking basic features for years almost makes Firefox feel like the new IE, but at least we can be thankful that not many people are stuck with it.
To put this in perspective, Firefox has lagged on multi-process for 8 years. Everyone's beloved IE6 only had 5 years of ruining the internet before it was replaced.
Firefox supported way more in the way of extensions and alterations then chrome, things like the zotero citation manager, grease monkey for user scripts, tree tyle tab for modifying the tab and bookmark menus, downthemall download manager, and importantly, TOR. Some of these could be ported to chrome, but they were easier to implement on firefox.
It's always been incredibly hackable, in the classic sense. That ability and the legacy of tools built on top of firefox was an important feature that they have largely maintained.
Chrome not only didn't have a legacy but still may break things for developers and sometimes just shrug off their complaints. It's a powerful browser, but it's focused on the needs of the parent company.
Adding multi-process support is the biggest single architectural change ever made to Firefox.
It was started, then put on hold for a couple of years because it seemed insurmountable, and then started again. It's taken a huge amount of work, and thus a huge amount of time. But it's mostly done now and the benefits are reaching users.
And during the same time, they changed the JS engine to use a generational compacting garbage collector, which was also a bizarrely large amount of work for a more flexible future.
Firefox has cooler extensions than Chrome. It took ages to create shims for all the troublesome internal APIs that popular extensions use, to make them keep working with multi-process.
Chrome was a greenfield product with no extension ecosystem to contend with.
Trying to overhaul the entire architecture of a browser with a huge extension ecosystem (and over a decade's worth of baggage associated with that) is hard.
I do recall IE6. It had many, many other issues besides "it's a resource hog". As for "lacks basic features," I do not recall anything that I would call "a basic feature" coming out in the browser landscape for the few recent years. A lot of new, cool stuff, yes; but nothing that would make me go "ooh, that's what I was missing all this time!"
(Disclaimer: user of Chromium,Chrome,FF,Midori,K-Meleon,various Operae,IE and "not-IE-whatever-it's-called",elinks and other stuff)
Does anyone know what the incentive behind the development of Firefox is at this point? Like, Chrome has such a huge browser market share, so why do they still develop Firefox? I assume it is not that feasible to invest time and money if the share is only 4%.
I am just curious, and not trying to hate on Firefox. But I think most (?) non-tech people use Chrome. So maybe I am asking, what is the point of Firefox if the shares are so low?
Again, not trying to hate on it, but I am just curious for the reasons, which I am sure are valid.
First of all, by common measurements Firefox's market share is more like 13.5% [1], not the 4% you mentioned. According to that link Firefox is the #2 browser, ahead of Microsoft and Apple's browsers.
Second, Mozilla is a non-profit, so the incentives are different that the usual ones. Basically Mozilla wants to help the open web. A 13.5% browser can do that in many ways: drive new standards, provide an alternative to browsers from profit-driven corporations, provide an alternative implementation so the web doesn't end up as a monoculture, etc. etc.
One could say that having an open source alternative based on standards could actually allow for a more fair plainfield for online businesses. To be frank although I use several Google services and products , I try to use opem source alternatives as much as I can.
There was a time where Chrome was the up and comer with very low market-share.
We need competition or we will suffer as end users.
Chrome's time will also come eventually. It's not a matter of if, but when. Vivaldi and Brave are growing and coming along very nicely. Brave is actually spearheaded by the ex CEO of Mozilla before he was fired for some nonsense.
I feel like there are a ton more flattering ways to refer to Brave's CEO - "inventor of JavaScript," "co-founder of Mozilla," or "CTO of Mozilla for 9 years" are all way better and way more relevant than "CEO for not even two weeks," and much less likely to cause an argument.
If Chrome's time ever comes you can be sure it'll never be at the hands of Vivaldi or Brave. One more thing, these are nothing but frontends to Google's Chromium.
My impression is that the bulk of Mozilla's financial backing is from competitors to Google (Yahoo, Baidu, Yandex), who have an interest in preventing Google from gaining a monopoly in the browser market.
I think Mozilla employees choose to continue working on Firefox for similar reasons, though with more idealism: they have an interest in the browser market not being dominated by commercial vendors.
Firefox has more than a 4% market share[0][1]. One of the main reasons I've heard, is that it's free, and that the Mozilla Foundation is a non-profit.
I also just found this bit, that explains how some browsers might be over or under estimated, because of how their internals work[2]. So we really don't know what the market shares really are.
Using a Google to check the marketshare of a product rival to Google's Chrome. It's interesting how important Google Search is and how powerful it could be. (BTW I certainly don't imply Google's algorithms are skewed)
In the excellent Dr. Dobb's Journal interview "A Triumph of Simplicity: James Clark on Markup Languages and XML" [1], they ask him:
DDJ: You're well known for writing very good reference implementations for SGML and XML Standards. How important is it for these reference implementations to be good implementations as opposed to just something that works?
JC: Having a reference implementation that's too good can actually be a negative in some ways.
DDJ: Why is that?
JC: Well, because it discourages other people from implementing it. If you've got a standard, and you have only one real implementation, then you might as well not have bothered having a standard. You could have just defined the language by its implementation. The point of standards is that you can have multiple implementations, and they can all interoperate.
You want to make the standard sufficiently easy to implement so that it's not so much work to do an implementation that people are discouraged by the presence of a good reference implementation from doing their own implementation.
DDJ: Is that necessarily a bad thing? If you have a single implementation that's good enough so that other people don't feel like they have to write another implementation, don't you achieve what you want with a standard in that all implementations — in this case, there's only one of them — work the same?
JC: For any standard that's really useful, there are different kinds of usage scenarios and different classes of users, and you can't have one implementation that fits all. Take SGML, for example. Sometimes you want a really heavy-weight implementation that does validation and provides lots of information about a document. Sometimes you'd like a much lighter weight implementation that just runs as fast as possible, doesn't validate, and doesn't provide much information about a document apart from elements and attributes and data. But because it's so much work to write an SGML parser, you end up having one SGML parser that supports everything needed for a huge variety of applications, which makes it a lot more complicated. It would be much nicer if you had one SGML parser that is perfect for this application, and another SGML parser that is perfect for this other application. To make that possible, the standard has to be sufficiently simple that it makes sense to have multiple implementations.
James Clark [1] has written some amazing stuff [2] [3]!
The story behind the design [4] of Relax/NG [5] [6] is fascinating and triumphant (thanks to simplicity). That July 2001 interview is apparently from before he merged his work on TREX [7] with Makoto Murata's [8] work on RELAX [9], working together on the OASIS RELAX NG technical committee [10].
Wikipedia: Makoto Murata: RELAX and RELAX NG [9]
Some people, including Murata and James Clark, had critical attitudes toward XML Schema. XML Schema is a modern XML schema language designed by W3C XML Schema Working Group. W3C intended XML Schema to supersede traditional DTD (Document Type Definition). XML Schema supports so many features that its specification is large and complex. Murata, James Clark and those who criticised XML Schema, pointed out the following:
It is difficult to implement all features of XML Schema.
It is difficult for engineers to read and write XML Schema definitions.
It does not permit nondeterministic content models.
Murata and collaborators designed another modern schema language, RELAX (Regular Language description for XML), more simple and mathematically consistent. They published RELAX specification in 2000. RELAX was approved as JIS and ISO/IEC standards. At roughly the same time, James Clark also designed another schema language, TREX (Tree Regular Expressions for XML).
Murata and James Clark designed a new schema language RELAX NG based on TREX and RELAX Core. RELAX NG syntax is the expansion of TREX. RELAX NG was approved by OASIS in December 2001. RELAX NG was also approved as Part 2 of ISO/IEC 19757: Document Schema Definition Languages (DSDL).
Yes, I know and appreciate RNG and James Clark of course.
However, for the web, like it or not, XML is a lost cause; yet the web is still the most important markup application by far.
In my project I'm trying to re-establish SGML (the good parts) for broad and practical web applications. SGML gives you HTML-style tag omission and empty elements, custom Wiki syntaxes eg. markdown plus markdown customizations, and injection-free templating, all based on an ISO standard.
I've just created a new SGML DTD with full coverage of W3C HTML5.1 [2]. As an outcome of this project, I also have been encouraged to push for a new SGML (ISO/IEC 8879) revision.
Because competition is a good thing. I personally wouldn't want the fate of web standards solely dictated by Google. Also, I'm not sure where you got that number, but Firefox's market share is well above 4% for most websites.
You're not reading that link properly, but it's understandable since the link isn't the clearest. A specific version of Firefox has the 4% you mentioned, Firefox 49. Look a little lower down and you'll see Firefox 50 has another 3% on top of that, and so forth.
Each individual version is broken down separately in that chart, so you're looking at the market share for Firefox 49 specifically. The broader number seems to be closer to 11%. Anecdotally, people and organizations that aren't tech-savvy are more likely to use Firefox as well, so it just depends on the target audience.
Does firefox run each tab in its own process yet? Or live inside a sandbox? I switched from firefox + noscript to chrome after accepting that firefox's security (even with noscript enabled) was just so far behind that of chrome.
Yes but why bother actually reading the article when you can shoot off in the comments with minimal effort? If you're wrong, someone will correct you. Amirite?
And if you want so, the about:config key to fiddle with is called "dom.ipc.processCount" and currently defaults to 1, with plans to raise this soon, as described by the article.
EDIT also, to come back to DanBlake's question about whether Firefox now "run[s] each tab in its own process yet": no it doesn't; the architecture that was chosen is a process pool, available to all tabs. I won't elaborate much as you can find blogposts where Mozilla engineers detail why this design; IIRC it boils down to: it fulfills the security/performance objectives, and avoids a bit of overhead caused by the one-process-per-tab approach.
Would you mind linking to some of those blogposts. I used to read the weekly mozilla meeting notes but they seemed to have stopped including content about 2 years ago. https://wiki.mozilla.org/WeeklyUpdates I just looked and now it seems that notes link out to separate pages. What's the best way for a non-contributor to follow firefox development?
> "Would you mind linking to some of those blogposts."
A quick parsing of https://wiki.mozilla.org/Electrolysis yields "Memory Usage of Firefox with e10s Enabled" [1] and its followup "Are they slim yet?" [2], with [1] closing with these words:
"Simply put: the more content processes we use, the more memory we use. On the plus side it’s not a 1:1 factor, with 8 content processes we see roughly a doubling of memory usage on the TabsOpenSettled measurement. It’s a bit worse on Windows, a bit better on OSX, but it’s not 8 times worse. Overall we see a 10-20% increase in memory usage for the 1 content process case (which is what we plan on shipping initially). This seems like a fair tradeoff for potential security and performance benefits, but as we try to grow the number of content processes we’ll need to take another look at where that memory is being used."
