Simon Willison’s Weblog

Tabula Fracta. Mozilla hacker Robert O’Callahan offers advice for anyone aiming to create a new rendering engine from scratch. The WHATWG’s work on specifying real-world browser behaviour and error models gets a well deserved mention.

# 9th October 2007, 1:20 am / whatwg, html5, roberto-callahan, browsers, mozilla

Firefox 3 Antiphishing Sends Your URLs To Google. Stories like this crop up every now and then, but no one ever seems to mention that the Google Toolbar has been doing this since it was released (more than five years ago) provided you have PageRank display turned on.

# 25th September 2007, 11:04 pm / pagerank, google, privacy, firefox, mozilla, firefox3, toolbars, google-toolbar

Hello JS-CTYPES, Goodbye Binary Components. Mark Finkle is porting Python’s ctypes functionality to the Mozilla platform, to allow binary XPCOM components to be defined in pure JavaScript.

# 22nd September 2007, 11:57 pm / mark-finkle, ctypes, javascript, mozilla, python, xpcom

HTTPOnly cookie support in Firefox. Five years after the bug was filed, HTTPOnly cookie support has gone in to the Mozilla 1.8 branch. This is a defence in depth feature that has been in IE for years—it lets you set cookies that aren’t available to JavaScript, and hence can’t be hijacked in the event of an XSS flaw.

# 6th September 2007, 6:27 am / httponly, brad-fitzpatrick, firefox, security, ie, mozilla, javascript

Why Tamarin instead of... Justification for Tamarin in Mozilla over Mono and the JVM. It mainly comes down to license compatibility and overall size.

# 9th August 2007, 12:43 pm / tamarin, mono, java, jvm, mozilla, john-resig, open-source

Mozilla and IronPython: IronMonkey. Interesting to note that all three new Mozilla projects are being lead by experienced Python developers.

# 26th July 2007, 8:07 pm / python, javascript, mozilla, ironpython, ironmonkey, voidspace

Brendan Eich: New Projects. Exciting new projects from Mozilla. ActionMonkey is joined by IronMonkey (IronPython/IronRuby on Tamarin) and ScreamingMonkey (Tamarin for IE). Upgrading IE’s JavaScript using the Flash Player as a vector is a game-changing idea.

# 26th July 2007, 8:05 pm / ironmonkey, actionmonkey, flash, internet-explorer, ie, brendan-eich, ironpython, ironruby, mozilla, screamingmonkey, tamarin, javascript

ActionMonkey (via) SpiderMonkey + Tamarin = ActionMonkey. New JavaScript engine for Mozilla 2, incorporating code from Adobe’s Open Source ActionScript VM.

# 24th July 2007, 3:29 pm / spidermonkey, tamarin, actionmonkey, javascript, actionscript, adobe, mozilla

Debian GNU/Linux 4.0 released. Includes Iceweasel (Firefox), Icedove (Thunderbird), Iceape (Seamonkey) and Python 2.4.4 as standard.

# 8th April 2007, 6:25 pm / python, mozilla, debian, linux

Mozilla Gran Paradiso Alpha 3 Release Notes. New features include animated PNGs, <link rel="offline-resource"> and the HttpOnly cookie flag which indicates that a cookie should not be accessible to script (borrowed from IE).

# 25th March 2007, 9:37 pm / mozilla, granparadiso, httponly, offlinebrowsing

opensource @ Joost. Joost is built on top of Mozilla, Redland, SQLite and a bunch of other bits and pieces of Open Source infrastructure.

# 12th March 2007, 1:29 pm / joost, open-source, mozilla

VCS Migration: The Hare and the Tortoise. Bazaar and Mercurial compared from the point of view of importing 1 million diffs from Mozilla CVS. Bazaar’s import is more robust but will take more than a month to complete.

# 26th January 2007, 11:44 pm / bazaar, mercurial, version-control, mozilla

Correo. New open-source OS X mail client, based on Thunderbird but with a Camino-style native interface.

# 12th January 2007, 11:36 am / open-source, camino, correo, mail, mozilla, osx, thunderbird

Introducing Operator. New microformat detecting Firefox extension, developed at IBM and released by Mozilla Labs. Examples are from Yahoo! Local, Upcoming and Flickr.

# 18th December 2006, 4:36 pm / extension, firefox, ibm, microformats, flickr, mozilla, mozillalabs, upcoming, yahoo

Better Metrics for Security—Understanding the Symantec Internet Security Threat Report. Mozilla defends against yet more spurious bug count reports.

# 27th September 2006, 9:54 am / security, mozilla, symantec

Mozilla causing XSS in Livejournal. Their recent worm attack was caused by the -moz-binding CSS property.

# 22nd January 2006, 9:37 pm / mozilla, css, livejournal, security, xss

XMLHTTP notes: abort() and Mozilla bug. PPK finds the bugs so you don’t have to.

# 12th September 2005, 7:37 pm / mozilla

Mozilla Corp. in 12 simple items. Daniel Glazman clears up the confusion.

# 4th August 2005, 6:22 pm / mozilla

Migrate apps from Internet Explorer to Mozilla. Surprisingly comprehensive guide to browser differences.

# 31st July 2005, 1:06 pm / mozilla

Mozilla Gains Canvas Element Support (via) After discussion and documentation by the WHATWG.

# 20th April 2005, 5:27 pm / mozilla

IE to Mozilla Guide for Web Application Developers. Extremely useful overview of CSS and DOM differences between the two browsers.

# 17th April 2005, 10:53 pm / mozilla

Mozilla XPath Documentation. This is extremely useful for writing Greasemonkey user scripts.

# 14th April 2005, 12:57 pm / mozilla, xpath, greasemonkey

Mozilla aims for mobile browser market (via) Minimo project targets phones, PDAs and TV set top boxes.

# 13th December 2004, 10:17 am / mozilla

Mozilla Firefox article on Wikipedia. Today’s featured article.

# 28th November 2004, 1:24 pm / mozilla, firefox

Mozilla Firefox Start Page. Firefox 1.0 is out. The default home page is hosted by Google.

# 9th November 2004, 11:29 am / mozilla, firefox

Critical Mozilla Vulnerabilities Fixed in New Versions. Various buffer overflows, fixed in Firefox PR 1.0.

# 15th September 2004, 9:49 pm / mozilla