Language Selection

English French German Italian Portuguese Spanish

Chromium/Mozilla Firefox: Chrome 78 Beta, Keygen Setback and iframes

Filed under
Google
Moz/FF
Web
  • Chrome 78 Beta: a new Houdini API, native file system access and more

    Unless otherwise noted, changes described below apply to the newest Chrome Beta channel release for Android, Chrome OS, Linux, macOS, and Windows. Find more information about the features listed here through the provided links or from the list on ChromeStatus.com. Chrome 78 is beta as of September 19, 2019.

  • Chrome 78 Hits Beta With Native File System API, Much Faster WebSockets

    Google on Friday released the Chrome 78 web-browser beta following last week's release of Chrome 77.

    Chrome 78 Beta is coming with a new Houdini API or more formally known as the CSS Properties and Values API Level 1, which lets developers register variables as fully custom CSS properties and can better handle animations and other use-cases.

  • Firefox 69 dropped support for <keygen>

    With version 69, firefox removed the support for the <keygen> feature to easily deploy TLS client certificates.
    It's kind of sad how used I've become to firefox giving me less and less reasons to use it...

  • [Mozilla] Restricting third-party iframe widgets using the sandbox attribute, referrer policy and feature policy

    Adding third-party embedded widgets on a website is a common but potentially dangerous practice. Thankfully, the web platform offers a few controls that can help mitigate the risks. While this post uses the example of an embedded SurveyMonkey survey, the principles can be used for all kinds of other widgets.

    Note that this is by no means an endorsement of SurveyMonkey's proprietary service. If you are looking for a survey product, you should consider a free and open source alternative like LimeSurvey.

More in Tux Machines

today's howtos

Compilers Leftovers

  • LLVM "Stack Clash" Compiler Protection Is Under Review

    Two years after the "Stack Clash" vulnerability came to light, the LLVM compiler is working on adding protection against it similar to the GCC compiler mitigation. The Stack Clash vulnerability pertains to clashing/smashing another program's stack while circumventing existing stack protections at the time. Stack Clash opens up the door to memory corruption and arbitrary code execution. Linux x86/x86_64 wasn't the only one affected but also the BSDs and Solaris. Those unfamiliar with it or wanting to refresh your memory of it can do so via this Qualys blog post with the firm having discovered this vulnerability.

  • pocl v1.4 released

    Please note that there's an official pocl maintenance policy in place. This text describes the policy and how you can get your favourite project that uses OpenCL to remain regression free in the future pocl releases.

  • POCL 1.4 Released For Advancing OpenCL On CPUs - Now Supports LLVM 9.0

    Version 1.4 has been released of POCL, the "Portable Computing Language" implementation that allows for a portable OpenCL implementation to be executed on CPUs as well as optionally targeting other accelerators via HSA or even CUDA devices. POCL 1.4 brings support for LLVM Clang 9.0, with that open-source compiler stack doing a lot of POCL's heavy lifting. Support meanwhile for pre-6.0 LLVM releases were removed. POCL 1.4 also adds support for building relocatable POCL binaries and improves SPIR/SPIR-V support for CPU devices.

starship – elegant cross-shell prompt at your fingertips

The Command Line Interface (CLI) is a way of interacting with your computer. And if you ever want to harness all the power of Linux, it’s highly recommended to master it. It’s true the CLI is often perceived as a barrier for users migrating to Linux, particularly if they’re grown up using GUI software exclusively. While Linux rarely forces anyone to use the CLI, some tasks are better suited to this method of interaction, offering inducements like superior scripting opportunities, remote access, and being far more frugal with a computer’s resources. For anyone spending time at the CLI, they’ll rely on the shell prompt. I always seem to gravitate back to Bash even though I’ve used more than a dozen shells over the years. By default, the configuration for Bash on popular distributions identifies the user name, hostname, and the current working directory. I recently reviewed Liquid Prompt, an intelligent and non-intrusive prompt for Bash and zsh. starship is an alternative to Liquid Prompt. The software aims to show information you need while you’re working, yet being unobtrusive as possible. Read more

Tired of Windows and Mac OS? Switch to Elementary OS!

Elementary OS is one of the most beautiful and clean-looking operating systems available for use in computers. It is fast, open and privacy-oriented. Elementary has its characteristic design philosophy and made aesthetic use of colours. Over the years, this free-to-use operating system has collected heavy praise by reviewers around the world – making it a strong replacement option for both Windows and Mac users. The initial development of ElementaryOS started with building themes and applications for Ubuntu, which later inspired the developers to transform it into a full-fledged Linux distribution. The first release of the operating system was on 31 March 2011, and so far, it has been through continuous bugfix and major feature updates. The Elementary OS took shape with the concept of making Linux easier for non-technical users. Instead of terminal-based codes, elementary provides a graphical user interface and settings menus to allow users to perform almost all day-to-day tasks without writing any code. Read more