This is a fully-featured Firefox Send client. Max file size is 2GB and recipients can download the file via the same tool or their web browser.

Called “letterboxing,” this new technique adds “gray spaces” to the sides of a web page when the user resizes the browser window, which are then gradually removed after the window resize operation has finished.

This appears to be a major win for privacy advocates. It also seems like a chink in the armor of Chrome’s dominance, given that many people have lost trust in its privacy model.

Gervasio Marchand lays out all the ways in which Slack’s threads feature is lacking. Then he goes one to describe why his browser extension, Refined, makes threads better.

Should I read this 22 minute read on the state of web browsers? Sure. Count me in!

Microsoft has confirmed the rumor to be true. We now have one less browser engine, and a last man standing (Firefox) in deep trouble (reasons below).
…
The web now runs on a single engine. There is not a single browser with a non-Chromium engine on mobile of any significance other than Safari. Which runs webkit, kind of the same engine as Chromium, which is based on webkit.

Several major browsers you and I use everyday are capable of leaking our browsing history, and they all know about it. Caroline Haskins at Motherboard writes:

Most modern browsers—such as Chrome, Firefox, and Edge … have vulnerabilities that allow hosts of malicious websites to extract hundreds to thousands of URLs in a user’s web history, per new research from the University of California San Diego.

In a statement provided to Motherboard via email, senior engineering manager of Firefox security Wennie Leung said that Firefox will “prioritize our review of these bugs based on the threat assessment.” Google spokesperson Ivy Choi told Motherboard in an email that they are aware of the issue and are “evaluating possible solutions.”

Ben Adida shared this on Twitter:

When first web history sniffing attacks came out, I suggested we had to change the notion of a visited link: a link would be marked visited by origin (edges, not nodes.) That was considered too dramatic a change. Maybe it’s necessary after all.

Who’s ready to dig into this research and share how vulnerable we really are and what types of malicious websites could/would extract our browsing history? If you do, let us know so we can link it up.

Specifically, they are considering making CloudFlare the default nameserver. A new feature called “Trusted Recursive Resolver” (TRR) could be turned on by default, and therefore override the DNS changes you’ve configured in your network.

Cloudflare says it takes your privacy more seriously than telecommunication service providers do because this DNS query will be encrypted, unlike regular DNS. They also promise not to sell your data or engage in user profiling.

Cloudflare and Mozilla have set out a privacy policy that rules out any form of customer profiling. Their story is that many ISPs are doing user profiling and marketing, and that moving your DNS to Cloudflare is therefore a win for your privacy.

This is a deep subject with many, many layers. Dig deep on this one. So, the question is — under what circumstances would it be OK for Cloudflare (or any other third party) to take over our DNS by default?

• uses a built-in Marionette through remote protocol
• no Selenium WebDriver is needed
• works with Headless mode
• compatible subset of Puppeteer API

Very much a WIP. 🚧

Waytab connects to your browser bookmark, Github, Twitter, Pocket, Pinterest and Unsplash account to remind you of your stars, likes and bookmarks every time you open a new browser tab.

This looks like a good idea, well executed. I’ve long given up on bookmarking, liking, and starring stuff because I never go back and revisit. Waytab changes all that.

Benjamin Bouvier, Compiler Engineer at Mozilla, writes about speeding up calls from JS to Wasm in Firefox.

If we want more WebAssembly (wasm) adoption, there shouldn’t be a big costly barrier between the two universes. That is, calls from one world to the other should be fast. For a very long time, calls from JS to asm.js/WebAssembly have been quite slow in Firefox. In fact, we didn’t optimize them at all.

He goes on to say…

Starting with Firefox 60, the JIT compiler makes no distinctions between calling a JavaScript function or a WebAssembly function, meaning it uses the same call optimizations for both kinds of function.

Benjamin continues through several more bugs mentioned on the Bugzilla bug board with fixes to speed up calls from JS to Wasm in Firefox.

The latest version of Firefox adds some powerful new features. It enables parallel CSS parsing, which combines with their existing parallel CSS style computation to make CSS in Firefox incredibly fast. In addition, this version adds a brand new Accessibility Inspector, giving developers direct access to the ‘accessibility tree’ screen-readers use to interact with a website. This is HUGE for helping developers make websites more accessible.

This was an insta-install for me after Nick gave the project a shout-out on today’s recording of JS Party. Comes packaged in Chrome, Firefox, Safari, and Opera flavors.

Dustin Driver with a nice, in-depth writeup on using Firefox’s excellent debugger.html.

For more on that project (and to hear the excellent backstory), go back and listen to The Changelog #247 with Jason Laster.