Announcement

Collapse
No announcement yet.

Firefox 120 Ready With Global Privacy Control, WebAssembly GC On By Default

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by Danny3 View Post
    Please don't tell me that Google convinced them to let websites know if I'm active on a page or not!
    If I'm switching to another tab or minimize the browser, it's my ob / business, not something that websites need to be informed about!
    That is exactly what it is: https://developer.mozilla.org/en-US/...UserActivation

    Comment


    • #12
      Originally posted by cynic View Post

      the only sane option to GC is Rust.
      So, i think GC is good

      (not that I don't like Rust, only, it is not always the better option)
      Rust is brilliant for when GC is not wanted or not possible. For many applications though GC is the right way to go.

      Comment


      • #13
        Originally posted by pgeorgi View Post
        "Support for the Global Privacy Control "Sec-GPC" request header for when a user does not consent to a website or service selling or sharing their personal information with third parties. Users can set this if so desired via the Privacy and Security area within preferences."

        https://developer.mozilla.org/en-US/...eaders/Sec-GPC says "Otherwise, the header is not sent, which indicates that either the user has not made a decision or the user is okay with their information being shared with or sold to third parties."
        Not sure if opt-out is really the way to approach this: How about "By June 2024, if the request doesn't contain "Sec-GPC: 0", there is no consent to selling or sharing data with third parties"?
        The same thing happened with the Do Not Track header. In the absence of international treaties to force them to obey, this "Unspecified by default" dynamic was a necessary compromise to prevent the targeted advertising industry from unanimously agreeing to just completely ignore the header.

        Comment


        • #14
          Originally posted by V1tol View Post
          Ah yes, garbage collected JS is not enough, my CPU bought last year is too old, more bloat needed.
          The problem already exists. The WebAssembly GC API is for making it less bloated by allowing runtimes compiled to WebAssembly to hook into the browser's GC instead of carrying along their own separate GC that's been compiled to WebAssembly.

          In the long term, it'll probably also be a step toward allowing WebAssembly to interact with the DOM natively rather than going through JavaScript, since even Servo just relied on SpiderMonkey and its GC to manage DOMy stuff.

          Comment


          • #15
            Originally posted by varikonniemi View Post
            I think it already is possible to tell if the tab is active. Remember twitter doing this few years ago and stopped video playback if tab was not active. Way to circumvent it was to leave tab active, but switch to another window to multitask.
            *nod* The Window object has had JavaScript focus and blur events for a long time (since Firefox 6), which allow sites to spy on whether they're the active window and tab.

            Support for the Page Visibility API was added in Firefox 10 and un-prefixed in Firefox 18, which allows sites to implement mobile app-style "sleep when the user can't see me" behaviour more effectively than the browser's built-in background tab throttling achieves and, as you might expect for that intended use-case, there are various cases where the page isn't actually visible to you but the API still tells the site it is.

            If switching to another window worked, then Twitter would have been using the Page Visibility API,

            Here's a test you can play with: https://gist.github.com/ssokolow/6ef...adb2ecb02bfb76

            This new one is about allowing websites to extend the "only in response to user input" behaviour that modern browsers force on various APIs for more reliability, consistency, and better performance.​

            Specifically, it's about allowing websites to not start on potentially heavy operations such as generating the desired export format for a document only to have APIs like Clipboard.writeText()​ fail for lack of permissions. See this page for a list of APIs that require the website's code to be running in a user-activated context. ("Sticky activation" refers to things like video players which can't run until the user's interacted with the tab at least once. "Transient activation" refers to APIs that only work when called from inside a click/keypress/etc. handler though, if I'm reading it correctly, they actually implemented it based on "within X time of a user clicking" semantics because of how common it is to use something like setTimeout(stage2, 0); to yield to the cooperative scheduling part-way through a task.)
            Last edited by ssokolow; 20 November 2023, 09:23 PM.

            Comment


            • #16
              Finally, the Webassembly GC extension.

              Another step in the right direction of making the browser a universal client-application platform instead of being a document viewer with a dynamic scripting language used to build huge apps.

              Comment


              • #17
                I don't know if it's placebo or not but to me Firefox 120 feels quite snappier than 119.

                Nothing about that in the release notes, so I might be hallucinating:

                Comment


                • #18
                  Originally posted by ssokolow View Post
                  This new one is about allowing websites to extend the "only in response to user input" behaviour that modern browsers force on various APIs for more reliability, consistency, and better performance.​
                  I'm not a web developer so I might be talking out of my ass, but it seems to me while there might be good usecases for this, it also seems to be yet another tool in the box for websites to implement some kind of "Think you can cheat by doing something else while we play this obnoxious ad? Ha ha, no dice!" behavior.

                  Comment


                  • #19
                    Originally posted by ssokolow View Post
                    The same thing happened with the Do Not Track header. In the absence of international treaties to force them to obey, this "Unspecified by default" dynamic was a necessary compromise to prevent the targeted advertising industry from unanimously agreeing to just completely ignore the header.
                    I recall reading somewhere that it's recommended to leave DNT at whatever the default setting is, as it's yet another bit websites will use to fingerprint you. Thus making it easier to track you, doh!

                    So yes, without some law (with teeth!) requiring this to be followed, it seems as dead in the water as DNT.
                    Last edited by jabl; 21 November 2023, 12:36 PM. Reason: Clarify meaning.

                    Comment


                    • #20
                      Originally posted by Vorpal View Post

                      Not much from what I can tell. In fact it has even worse chance: It is Firefox specific, non-standard.

                      ​​​​​Nothing like this would become widely accepted without EU making a law mandating it. Websites count on you being too lazy to disable all the cookie categories and just clicking on accept all. A global setting would just make it way too easy for you.
                      Apparently, at least part of the point of GPC is that it actually is supposed to be backed by the law, at least in California and the EU.

                      Comment

                      Working...
                      X