
Firefox 38 released - AshleysBrain
https://www.mozilla.org/en-US/firefox/38.0/releasenotes/
======
Touche
> Mac OS X: Implemented a subset of the Media Source Extensions (MSE) API to
> allow native HTML5 playback on YouTube HTML5

> Implemented Encrypted Media Extensions (EME) API to support encrypted HTML5
> video/audio playback (Windows Vista or later only) HTML5

> Automatically download Adobe Primetime Content Decryption Module (CDM) for
> DRM playback through EME (Windows Vista or later only)

:( Notice which OSes are left off the list. I don't blame Mozilla as they were
just following inevitability but it's a sad day for the web as there's now a
lot of content that, by design of W3C, only works on certain OSes.

Of course the EME champions promised us that this wouldn't happen and they are
apparently silent for the moment.

~~~
portaljacker
Does EME being implemented finally mean that I can uninstall Silverlight for
watching Netflix in Firefox in the near future?

~~~
k-mcgrady
Don't do it. I've been using the non-silverlight Netflix in Safari and it's
such a nightmare I switched back. Constantly fails to load content.

~~~
Alphasite_
Really? I had some issues with the very first release of HTML5 Netflix, but it
is pretty solid now.

~~~
k-mcgrady
Might need to look at it again. I used it throughout the last OS X beta and
then it still had issues in the first release so I moved away from it.

------
nominated1
Can someone explain why Mozilla is not signing gmpopenh264.dll and now eme-
adobe.dll? These are executed from AppData (a folder with read/write
permissions). Executing dll's from AppData is generally a bad idea but if I'm
going to allow it I at least want a Publisher rule attached. Google signs
their CDM (WideVine) dll delivered with Chrome that executes from AppData, why
isn't Mozilla?

~~~
hsivonen
Firefox checks SHA-512 hashes at download time. If you have local malware that
changes the GMP DLLs thereafter, the malware might as well change Firefox
itself.

~~~
nominated1
I'm approaching it like this - I need to execute unsigned binaries from a
location that does not have execute permissions. How can I manage this? The
lack of a signature is at best an administrative burden and at worst an attack
vector depending on how the Admin handles it ("let's just add a wildcard
exeception"). Mozilla should recognize this and sign the dll's. I still
haven't seen a reason for NOT signing them. We don't use WebRTC so ignoring
gmpopenh264.dll was not a problem. However, now we're talking about
"necessary" Adobe code. Need I say more? Chrome performs the same functions
and adheres to common sense. This is one of those things that gets a package
removed from offering. I like and use Firefox myself but I don't like the
position Mozilla has put me in. Should I open a bug report or do you speak for
Mozilla in an official capacity?

~~~
hsivonen
Please open a bug report and CC :hsivonen

~~~
cpeterso
I filed Firefox bug 1164948 for this issue:

[https://bugzilla.mozilla.org/show_bug.cgi?id=1164948](https://bugzilla.mozilla.org/show_bug.cgi?id=1164948)

------
kasabali
> autocomplete=off is no longer supported for username/password fields

Super cool. Don't tell me what not to auto complete!

~~~
whatsgood22
>Improved page load times via speculative connection warmup

turning into chrome!

------
xixixao
So I got momentarily excited that there are new "tab preferences" (like having
new tab open next to the current one), but unfortunately it's just a UI revamp
of the settings pane, which since I'm on OS X I cannot care for much (the UI
is a bit too flat and generally not as familiar as the native box, although
who cares...)

~~~
hobarrera
I fail to see why Mozilla chose this direction. Firefox now looks more alien
on _all_ platforms with no real functional benefit.

~~~
kasabali
Because this way you recognize Firefox everywhere when you see it, that's
their reasoning. There was a presentation about it few years ago but I'm too
lazy to hunt after the link right now.

------
TazeTSchnitzel
> Ruby annotation support

Finally! After only 24 years, East Asian languages get some attention.

Perhaps next Western browser makers might consider vertical text support.

 _sigh_

~~~
robin_reala
Vertical text support is coming on quickly in Firefox. There’s still a bunch
of blockers, but they’re being knocked off fast:
[https://bugzilla.mozilla.org/show_bug.cgi?id=145503](https://bugzilla.mozilla.org/show_bug.cgi?id=145503)

~~~
TazeTSchnitzel
That's great to see!

------
eridal
Honest question to Firefox dev's:

I want to keep using firefox, but not the DRM thingy. I'd rather not see any
video on the web, to be forced to use DRM technology.

Do you plan to support a DRM-free version?

~~~
cpeterso
To disable EME, go to the Firefox Preferences menu and uncheck the "Play DRM
content" checkbox. That will disable EME and delete the Adobe CDM binary if it
has been installed. This preference doesn't disable DRM in Flash and
Silverlight, however.

[https://support.mozilla.org/en-US/kb/enable-
drm](https://support.mozilla.org/en-US/kb/enable-drm)

------
serve_yay
Interesting, I had not heard of ruby before! (more info here, as linked in TFA
[https://hacks.mozilla.org/2015/03/ruby-support-in-firefox-
de...](https://hacks.mozilla.org/2015/03/ruby-support-in-firefox-developer-
edition-38/) )

~~~
wodenokoto
I was really surprised to see this wasn't implemented much earlier. Chrome
apparently had support for XHTML 1.1 Ruby since 2010!

I am also surprised to see how verbose actual ruby markup is.

Better examples of mark-up on wikipedia:

[https://en.wikipedia.org/wiki/Ruby_character#HTML_markup](https://en.wikipedia.org/wiki/Ruby_character#HTML_markup)

~~~
threedaymonk
Its absence has been a persistent irritation to me. I'm glad that I can now
retire this:

[https://github.com/threedaymonk/furigana-
shim](https://github.com/threedaymonk/furigana-shim)

------
y0ghur7_xxx
What happened to opportunistic encryption? I loved that feature but it was
disabled because of a bug. I hoped it would be enabled again in the next major
release, but no mention of it. Can someone from Mozilla tell me more?

~~~
lmandel
Opportunistic encryption is being tested again in Firefox 39, which is
scheduled to release on June 30, 2015.

------
etimberg
The broadcast channel support looks promising. Does anyone know if Chrome
plans to support it in the future?

~~~
McGlockenshire
CanIUse pointed at a proposal for Chrome support which eventually points at
this bug:

[http://code.google.com/p/chromium/issues/detail?id=161070](http://code.google.com/p/chromium/issues/detail?id=161070)

There are some work-in-progress patches posted there.

------
justinph
srcset! Finally, responsive images are gaining ground.

------
dubcanada
Anyone have any insight on why they removed autocomplete from username &
password fields?

~~~
phireal
Presumably this:
[https://bugzilla.mozilla.org/show_bug.cgi?id=956906](https://bugzilla.mozilla.org/show_bug.cgi?id=956906)

I think it means that sites can't overrule the browser's inclination to store
passwords. The argument seems to be the browser makers will store passwords
safely.

~~~
dao-
> The argument seems to be the browser makers will store passwords safely.

Not quite. Unless you set a master password, whoever owns your computer will
own the passwords stored by your browser.

The argument is that disabling autocomplete makes users choose poor passwords
that are easy to remember, or write passwords down somewhere, which is at
least as bad as having passwords stored in your browser profile.

~~~
quadrangle
writing passwords down somewhere, such as on PAPER, is not a particularly bad
idea unless you keep the paper by your computer.

------
Lost1337
Uninstalled. I have enough of you guys copying Chrome and turning Firefox into
a DRM and social media browser. Get lost!

At least the Seamonkey guys know that advanced users also have the right to
have their Options inside of the browser's code, something what you Mozilla
guys are unable to understand these days!

What is good for Chrome is not equal as good for Mozilla Firefox!

------
dd9990
The Readinglist feature seems to have disappeared from the Desktop build. I
really liked using it in Nightly and on Android.

I briefly looked at Bugzilla and can't figure out its future. Is it really
being replaced with a tie-in to a closed source US based startup company,
Pocket? Can any devs comment?

~~~
soganess
This worked, so I imagine its being silently developed

[http://www.ghacks.net/2015/02/07/mozilla-starts-to-push-
read...](http://www.ghacks.net/2015/02/07/mozilla-starts-to-push-reader-mode-
to-desktop-firefox/)

~~~
dd9990
Worked for me too. Thanks for the pointer.

------
acquacow
Anyone else having issues with the bookmarks toolbar in 38? Mine draws blank
when you open a window. I have to hide/show it before it draws correctly.

This occurs each time a window is opened.

~~~
acquacow
My menu button on the right of the address/search bar doesn't work anymore
either. (OSX 10.10.2)

Gonna uninstall/reinstall

~~~
acquacow
Was still doing it on a clean install, it didn't like something in my
profile... renamed it, and re-installed my addons in a new profile and it's
fine now.

Unamused.

~~~
acquacow
Aah, it's an add-on for work for some single-sign-on stuff... luckily I don't
need that system anymore.

------
quadrangle
Looks like (haven't tested yet), this will finally support meet.jit.si for
true free/open group video chat!

------
AdmiralAsshat
> _CRITICAL_ Vulnerability can be used to run attacker code and install
> software, requiring no user interaction beyond normal browsing.

Uh, glad they fixed this one, but it sounds pretty bad. I'd kinda like to see
the actual CVE/bug report.

~~~
joshmoz
You're looking at the key which defines what CRITICAL means. Look further down
the page for info about actual vulns. I believe they're running a bit late
posting the vulns for 38 today.

