Quote
Dorian
Quote
JohnHell
For example, the first thing I noticed is that the icon of the buttons in a toolbar created with a macro (pluginmsg command), now aren't taken from the default skin and then fallback to the user skin. Now, it should be in the user skin folder.
Order should be:
- User profile (profile/skins/)
- Skin in user profile (profile/skins/{skinname}/)
- Skin in program folder (kmeleon/skins/{skinname}/)
- Shared in user skin folder (profile/skins/shared)
- Shared in program skin folder (kmeleon/skins/shared)
Quote
Dorian
Order should be:
- User profile (profile/skins/)
- Skin in user profile (profile/skins/{skinname}/)
- Skin in program folder (kmeleon/skins/{skinname}/)
- Shared in user skin folder (profile/skins/shared)
- Shared in program skin folder (kmeleon/skins/shared)
Quote
adodupan
There are still missing functions:
menuchecked
menugrayed
also, there missing possibility to get a tab list (imagine this as nsIDOMWindow for each tab),
also, possibility to listen to events
TabOpen
TabClose
TabSelect
I hope you will not spend one more year for this.
Quote
adodupan
After restarting, if previous session has more than one tab, km crashes after reload all tabs.
Quote
adodupan
If checked 'Show closing buttons on the tab buttons', active tab is not in hot color.
Quote
adodupan
Edit:
Can you explain these:
GetWindows
CreateCallbackButton
http://kmeleonbrowser.org/forum/read.php?3,133574Quote
cfpp2p
kPrivacy_ClearAll macro does not seem to work for me on win xp K-Meleon75RC3. It's completely fine for me win xp K-Meleon74.0.
I reduce kPrivacy_ClearAll macro to just a single plugin(privacy, xxxxx) and it doesn't matter. Tested each of the five types as a single plugin() call as a single call in the main.kmm . Not one, for each of the five separate tests, functioned.
Quote
JohnHell
Forget the above Dorian, must be something deeper... but I can't catch it.
The first tab shows the most noticable difference, but many other sites have this problem. As you can see from the screenshot, I have the same pages open in IE and K-M, and most of the favicons don't show up in K-Meleon at all; instead "default.ico" will show (instead of "main.ico" which used to in that case.Quote
Dorian
Quote
thomase13
[*] All favicons are quite dark
Your screenshot doesn't show this, except maybe the first tab.
Quote
Dorian
Quote
thomase13
[*] YouTube comments still don't work with default settings.
Third party cookies are mostly used by tracker. I won't change a 12+ years old setting for one site. But it should indeed be in the FAQ.
Quote
Dorian
Quote
thomase13
[*] Also, while testing YouTube, the video turned grey a few times and I had to refresh (flash crashed I guess), which has never happened to me in any previous version of K-Meleon.
Yeah plugin container is still used by default but i'll fix this.
I'm using the html5 player with youtube and never had any problem.
Quote
Dorian
Quote
thomase13
As you can see, many of these issues I mention are quite minor, but this screenshot comparing K-Meleon to MSIE should show the biggest and most bothersome ones.
Fixed that for you.
Quote
thomase13
The first tab shows the most noticable difference, but many other sites have this problem. As you can see from the screenshot, I have the same pages open in IE and K-M, and most of the favicons don't show up in K-Meleon at all; instead "default.ico" will show (instead of "main.ico" which used to in that case.Quote
Dorian
Quote
thomase13
[*] All favicons are quite dark
Your screenshot doesn't show this, except maybe the first tab.
Quote
JohnHell
Quote
thomase13
The first tab shows the most noticable difference, but many other sites have this problem. As you can see from the screenshot, I have the same pages open in IE and K-M, and most of the favicons don't show up in K-Meleon at all; nstead "default.ico" will show (instead of "main.ico" which used to in that case.)Quote
Dorian
Quote
thomase13
[*] All favicons are quite dark
Your screenshot doesn't show this, except maybe the first tab.
About the icons, read this:
http://kmeleonbrowser.org/forum/read.php?3,130000,130000
Quote
JohnHell
Anyway, it's strange about FaceBook, as it must be showing without problems the icon with any browser preference.
Quote
JohnHell
The break of the web is a common reference nowdays for these cases where a lack of efforts and automation of process creates incompatibilites for future or backwards compatiblity for those who follow the rules.
This path we are following makes me sad
I tried making a cookie exception for "youtube.com", and it did nothing, so then I tried making one for "google.com", and it did the trick!Quote
siria
As for the cookie-exceptions, it used to be just the URL displayed in the URL bar, unless that was changed meanwhile. The origin url of third-party stuff didn't matter, only the current URL.
Quote
thomase13
my exception is equivalent to *.google.com, the wildcard giving Google and all of its subdomain tentacles full rein to track my every move. Perhaps I only need "plus.google.com" or "apis.google.com", so I will try a few more things.
Quote
siria
Quote
thomase13
my exception is equivalent to *.google.com, the wildcard giving Google and all of its subdomain tentacles full rein to track my every move. Perhaps I only need "plus.google.com" or "apis.google.com", so I will try a few more things.
That's where the privbar really shines ;-) By toggling manually only when really needed.
Although I have the uneasy feeling that against evil big brother it doesn't help much, they use too many ways to identify your exact machine, but at least helps against some smaller fishes.
Wow, I haven't heard that about https, but have wondered why everyone is switching over now! I had heard it was so the NSA, CSIS, etc. can't read and track everything, but I don't really know.Quote
siria
For example I've read (but not sure) that https needs certificates and those are unique to each machine? If yes, it's no wonder nearly all big sites now force https all the time :-/ Be it a simple google search, or just viewing yt, or FB, or twitter, etc
Quote
thomase13
The only problem is that simple users like me don't really understand how to use the privacy bar properly; we just assume that the default settings are good and go about our business. As I said, I have changed settings to accept only first-party cookies, but don't really understand the implications of having Javascript, cookies, etc. on or off by default or when they are needed or for what.
Quote
thomase13
Wow, I haven't heard that about https, but have wondered why everyone is switching over now! I had heard it was so the NSA, CSIS, etc. can't read and track everything, but I don't really know.Quote
siria
For example I've read (but not sure) that https needs certificates and those are unique to each machine? If yes, it's no wonder nearly all big sites now force https all the time :-/ Be it a simple google search, or just viewing yt, or FB, or twitter, etc
Quote
siria
... in my view it's quite simple:
javascript, flash, animations etc. cost a LOT of performance (freeze my old machine in minutes), and are also highly dangerous (when reading about new malware they nearly always need JS, flash etc. as open doors). So whenever possible, I keep everything that's unnecessary blocked. Helps speed and safety greatly.
When I come across a site that looks too crippled (like youtube with blocked videos) I consider if I want it badly enough to risk damage or freezing, or if the site may be trustworthy enough, and then switch on JS temporarily. If not enough, try unblocking ads, try allowing popups, and if really need be allowing embedded objects etc. And afterwards off it goes again
Quote
foliator
As for HTTP referers, I leave them blocked all the time.
Quote
foliator
It would be nice to have a macro that toggles all four at once, since most of the time that's what I do, but I'm not going to be the user who creates such a macro.
Quote
foliator
Incidentally, I was amazed to discover that I could log in to this forum with everything blocked, since I can't log into any of my other accounts without enabling JavaScript and cookies at the very least.
Quote
Dorian
Little update, fix german and spanish tooltips, loading title in tab.
http://kmeleon.sourceforge.net/files/km75rc3u1.zip
Quote
Dorian
Should be the last update
The "plugin" macro function is fixed (kPrivacy_ClearAll is working now)
Titles were missing in tab tooltip after loading a session
Disabled OOP for flash by default, and tweaked it a bit for OOP
Jsbridge registercmd, add experimental enabled and checked callback
Quote
siria
Quite often just cookies and referer are all that's needed.
Quote
siriaQuote
foliator
It would be nice to have a macro that toggles all four at once, since most of the time that's what I do, but I'm not going to be the user who creates such a macro.
Why not? If you really want it and would like some help, just create a thread for it or look for the macro-help thread.
Quote
siria
Sounds like a fun and easy one, the hardest part being to invent names ;-) Multitoggle?
Quote
siria
... it's an extremely simple forum, but are you really sure about no cookies?? Or perhaps have set an exception for here?
Quote
Dorian
Should be the last update
The "plugin" macro function is fixed (kPrivacy_ClearAll is working now)
Titles were missing in tab tooltip after loading a session
Disabled OOP for flash by default, and tweaked it a bit for OOP
Jsbridge registercmd, add experimental enabled and checked callback
Quote
Dorian
The "plugin" macro function is fixed (kPrivacy_ClearAll is working now)
Quote
adodupan
Give me your test example for last two parameters.
(in RegisterCmd)
var check = false; KMeleon.RegisterCmd( "test", "test", function() { logger.debug('Coucou'); check = !check; }, {path:"tabbar.png",top:0,left:24,right:48,bottom:48}, function() {return false;}, function() {return check;} );
Quote
cfpp2p
By the way, can anyone tell me where I can browse the source and change-sets?
Quote
siria
Quote
thomase13
The only problem is that simple users like me don't really understand how to use the privacy bar properly; we just assume that the default settings are good and go about our business. As I said, I have changed settings to accept only first-party cookies, but don't really understand the implications of having Javascript, cookies, etc. on or off by default or when they are needed or for what.
Wow too - it never occured to me that something as simple as the privbar could be considered difficult!
Quote
siria
I'm not a computer wiz at all (just trying to keep my machine somehow running, except for advanced playing with macros).
So in my view it's quite simple:
javascript, flash, animations etc. cost a LOT of performance (freeze my old machine in minutes), and are also highly dangerous (when reading about new malware they nearly always need JS, flash etc. as open doors). So whenever possible, I keep everything that's unnecessary blocked. Helps speed and safety greatly.
When I come across a site that looks too crippled (like youtube with blocked videos) I consider if I want it badly enough to risk damage or freezing, or if the site may be trustworthy enough, and then switch on JS temporarily. If not enough, try unblocking ads, try allowing popups, and if really need be allowing embedded objects etc. And afterwards off it goes again
Quote
siria
To tell the truth, before switching on JS, I first try if killing the css styles doesn't already do the trick and unhide the stuff I want to see - works wonders quite often!
Quote
siria
And in general prefer simple mobile versions for twitter etc., which are nearly unbearable in default view.
Quote
siria
Of course, it depends from the computer power and especially from the sites one regularly visits. But personally I prefer simple clear sites anyway, so no prob. If someone needs those flashy big sites though like Facebook or mail accounts all the time they'd go crazy when toggling stuff all the time on-off-on-off...
Quote
siria
To keep the NSA &Co from spying via encrypted transfer?? Hehe, good one They did force by law the encryption companies to build in special keys for them, so they can read everything anyway. If they refused or wouldn't keep that order top secret, they were treated as enemies of the state and threatened with jail.
Quote
JohnHell
Here is a thread:
http://kmeleonbrowser.org/forum/read.php?1,131701,131701
And this is in K-meleon74:
http://kmeleonbrowser.org/forum/read.php?8,127127
Quote
JohnHell
For cookies and youtube. Set allow to youtube.com and session to google.com.
Quote
JohnHell
After set the permanent cookies to log in for youtube, you can remove the google.com session rule and set youtube.com to session. You don't need anything else.
Quote
JohnHell
If I'm not wrong, I explained in the forum a few months back.
Quote
JohnHell
Quote
thomase13
Wow, I haven't heard that about https, but have wondered why everyone is switching over now! I had heard it was so the NSA, CSIS, etc. can't read and track everything, but I don't really know.Quote
siria
For example I've read (but not sure) that https needs certificates and those are unique to each machine? If yes, it's no wonder nearly all big sites now force https all the time :-/ Be it a simple google search, or just viewing yt, or FB, or twitter, etc
Wow, wow, wow.... step back and breath, LOL.
The reason to switch to TLS is because aside the ISP, that only knows where are you connecting, the only one who knows what are you transferring is the server and you. Unless in the endpoints the connection if being sniffed (httpmonitor/httpfox extension for K-meleon/Firefox, for example) or there is a MiTM attack (harder with TLS).
Said that, no, each machine hasn't a unique certificate. In fact, with TLS, every connection has a handsake where is negotiated a new key pair for the asymmetric connection. Unless you need to use a certificate, which is not mandatory, unless you need to log in, for example, to your government websites, where you have to identify yourself unequivocally with your own personal certificate issued by your government. This applies, in the same way, to your company, for example, or other similar uses. In this case, your certificate can be used to create the asymmetric encryption (note that this connection isn't the handsake where still is negotiated a key pair).
Quote
Dorian
Should be the last update
The "plugin" macro function is fixed (kPrivacy_ClearAll is working now)
Titles were missing in tab tooltip after loading a session
Disabled OOP for flash by default, and tweaked it a bit for OOP
Jsbridge registercmd, add experimental enabled and checked callback
Quote
thomase13
Quote
JohnHell
For cookies and youtube. Set allow to youtube.com and session to google.com.
I did this and YouTube comments work now!
Quote
JohnHell
After set the permanent cookies to log in for youtube, you can remove the google.com session rule and set youtube.com to session. You don't need anything else.
I did this step and then it won't work anymore, so I reverted to the first way.
By needing nothing else, do you mean I can safely clear out all my hundreds of cookies and keep them blocked with that exception in place?
Quote
JohnHell
If I'm not wrong, I explained in the forum a few months back.
Their commenting system may have changed since then. I say "if it ain't broke, don't fix it", but that is not Google ideology.
Quote
thomase13
Quote
JohnHell
Quote
thomase13
Wow, I haven't heard that about https, but have wondered why everyone is switching over now! I had heard it was so the NSA, CSIS, etc. can't read and track everything, but I don't really know.Quote
siria
For example I've read (but not sure) that https needs certificates and those are unique to each machine? If yes, it's no wonder nearly all big sites now force https all the time :-/ Be it a simple google search, or just viewing yt, or FB, or twitter, etc
Wow, wow, wow.... step back and breath, LOL.
The reason to switch to TLS is because aside the ISP, that only knows where are you connecting, the only one who knows what are you transferring is the server and you. Unless in the endpoints the connection if being sniffed (httpmonitor/httpfox extension for K-meleon/Firefox, for example) or there is a MiTM attack (harder with TLS).
Said that, no, each machine hasn't a unique certificate. In fact, with TLS, every connection has a handsake where is negotiated a new key pair for the asymmetric connection. Unless you need to use a certificate, which is not mandatory, unless you need to log in, for example, to your government websites, where you have to identify yourself unequivocally with your own personal certificate issued by your government. This applies, in the same way, to your company, for example, or other similar uses. In this case, your certificate can be used to create the asymmetric encryption (note that this connection isn't the handsake where still is negotiated a key pair).
I don't think I understand all of this, but I do not know how to switch to TLS. I see nothing about this in the preferences.