mratcliffe at mozilla.com
Fri Aug 9 09:24:05 UTC 2013
I can feel your frustration here and completely understand it. There are
proxies, noscript fallbacks, disable animations etc. Because "Disable
Developer Tools option panel. Once it is set then all sites loaded into
On 09/08/13 07:29, klasse at partyheld.de wrote:
> Hi Gavin,
> Actually, my arguments rest on the premise that the entire preference
> pane is not relevant to the vast majority of your users. But I don't
> want to give you any ideas here - please don't remove it. :)
> Anyway, thank you very much for your professional response to my
> grumbling. I appreciate it.
> Am 08.08.2013 22:46, schrieb Gavin Sharp:
>> Hi klasse,
>> Thanks for the feedback. I think most of your arguments rest on a
>> false premise: that the motivation behind this change was to
>> accommodate lazy or malicious web developers. As I mentioned in the
>> bug, the primary motivation was to simplify our preference pane to
>> remove options that are not relevant to the vast majority of our
>> users, and that produce a negative experience for the vast majority of
>> Web use cases.
>> It's great that you've been able to make use of NoScript and live
>> reflective of our user base in general.
>> Thankfully, given Firefox's strong add-on ecosystem and built-in
>> configurability (including about:config), the small set of users who
>> need to address these use cases can continue to do so.
>> On Thu, Aug 8, 2013 at 1:19 PM, <klasse at partyheld.de> wrote:
>>> Folks, I have to express my strong objection to the removal of the
>>> easily accessible "Configuration" dialog in Firefox 23. (And yes, I
>>> do know
>>> that they are still present in "about:config".)
>>> https://bugzilla.mozilla.org/show_bug.cgi?id=873709 ) point of view at
>>> http://limi.net/checkboxes-that-kill/ is a point of view of a web
>>> not a consumer. And not a very good web developer either - the good
>>> will place a warning inside tag <noscript>, letting the visitor know
>>> need to enable JS for the site to work properly, instead of letting
>>> website fail silently/disgracefully.
>>> The given reason to remove that setting has been to not let
>>> users disable JS based on an uninformed decision. In my experience,
>>> the "nontechnical" users don't ever open the "Configuration" dialog,
>>> alone change anything there - they are rightfully afraid of changes
>>> something for the "techie" users using a quick way to disable JS,
>>> the need to go to about:config and having to remember the name of the
>>> affected parameter. (And possibly having to search the web to make
>>> sure that
>>> one is it in the current version of Firefox, or the version I'm
>>> using at a PC which is not mine?)
>>> I do agree that the NoScript add-on is a better way for disabling
>>> JS, and I
>>> am, in fact, its long-term happy user. (Including forcing HTTPS for
>>> sites, its "Application Boundary Enforcer", etc.) But I only use
>>> NoScript on
>>> my main Firefox profile, on my main non-administrator Windows
>>> account. On
>>> the other hand, I keep the number of installed Firefox add-ons on my
>>> administrator account at zero, for security reasons. And, for the same
>>> reasons, I also have JS disabled on it most of the time, using the
>>> "Configuration" window.
>>> Also, I sometimes use a Linux LiveCD which does not have the
>>> NoScript add-on
>>> installed. And the Firefox "Configuration" window offers a quick way to
>>> disable JS there, for security and privacy reasons. Instead of
>>> having to
>>> waste time and RAM (that's where a LiveCD runs) for NoScript.
>>> most of
>>> the sites I visit. I don't need it for most of my web activities,
>>> such as
>>> reading news and forums, looking up words in online dictionaries (their
>>> forms work without JS), etc. And I don't even need JS for my banking
>>> ( https://banking.dkb.de/portal/portal/ ) - only their auto-log-out
>>> countdown won't show - that's what I call "good" developers. And if
>>> very rarely, I come across a web site failing entirely without JS, it
>>> usually warns me about it using the <noscript> tag. (And they
>>> sometimes show
>>> the warning while still working good enough for just reading them.)
>>> And a
>>> growing number of sites use HTML5 and CSS animation for many things
>>> as it
>>> limits their ability to track and advertise, but I am the browser
>>> user, not
>>> them. And forcing their point of view down "technical" users'
>>> throats is not
>>> the way to go - it will just annoy them. And there are quite a few
>>> of those
>>> with Firefox. While the "non-technical" ones are not affected - they
>>> know what JS is or how it can be disabled in the FF "Configuration"
>>> in the first place.
>>> 2) "Load images automatically": There are remarkably few voices against
>>> removing of this one from the "Configuration" window. I found its easy
>>> disabling an advantage, too. I travel a lot, to different countries.
>>> don't always have WiFi nearby and then use the GSM tethering
>>> instead, which
>>> often has speeds comparable to the good old modem dial-up. Having
>>> been able
>>> to quickly disable image loading when on such connections (sometimes
>>> with JS), and then re-enable it again when on WiFi, has been a great
>>> advantage. (Even my mobile browser offers that, also great when on
>>> GSM.) It
>>> greatly limits load times and money spent on data download. While,
>>> again, I
>>> don't need images to browse news, forums, dictionaries, etc. They
>>> are "nice
>>> to have", but one can easily do without for a while. (Although
>>> would disagree, I am sure.)
>>> That, again, is a setting a "technical" user would use, while others
>>> know it exists.
>>> Now, with the setting only present in "about:config", I face the
>>> same issues
>>> version I
>>> use)? Do I have to remember that? For all browsers I use?
>>> Oh wait, I just accidentally changed another "about:config"
>>> parameter, which
>>> sounded similar, and forgot to re-set it back - so why does my browser
>>> behave differently now while "syncing"? Is it a Firefox bug? I think
>>> I need
>>> to report it in Bugzilla. (Just an example.)
>>> -> There is a reason for that big fat warning when opening
>>> "about:config" -
>>> it is not meant to be changed frequently. No matter how "technical"
>>> one is.
>>> So, please, bring both those settings back to the "Configuration"
>>> UI. Their
>>> easy and safe access has been one of the advantages of Firefox.
>>> Code/UI clean-ups are a generally a good thing, but this one went
>>> too far.
>>> Configurability is a big advantage of Firefox. Also, it's a bit
>>> hypocritical: the "technical" users are advised to use the
>>> "NoScript" add-on
>>> (again, others don't know it exists), but each new version brings
>>> "Developer Tools" (I'm not complaining, I like it, actually),
>>> despite the
>>> also existing "Firebug" add-on.
>>> And to close with an anecdote, referring to the "Google broken with
>>> images" argument in http://limi.net/checkboxes-that-kill/:
>>> My completely "non-technical" sister asked me recently why I had
>>> Google search as her home page, shown on browser start-up. Her
>>> argument to
>>> change it (to her mail/news provider's page) was: "Why do I need
>>> that Google
>>> search page - isn't that what that search bar in the top right
>>> corner is
>>> So much to the "we just broke the internet" claim. And Firefox
>>> better be
>>> fixed if disabled images prevent displaying of forms on it. Unless it's
>>> Googles intention, as advertiser. (Unfortunately, I can't test that
>>> now with FF 23, as don't know which "about:config" parameter
>>> disables images
>>> loading :), but on Opera Mobile 12 the Google search field is
>>> present with
>>> images disabled. And no need to go to "opera:config" to do it there,
>>> by the
>>> Thank you!
>>> P.S.: I sincerely hope that the other "killing" configurations
>>> mentioned in
>>> http://limi.net/checkboxes-that-kill/ (concerning SSL/TLS, etc.)
>>> won't be
>>> removed in future Firefox versions, or it would, indeed, have
>>> effects" on its users.
>>> If someone is looking for meaningful improvements affecting all
>>> users: How
>>> about the long overdue implementation TLS 1.1 and 1.2 (hopefully
>>> configurable as now with TLS 1.0), and also "certificate pinning" as
>>> done by
>>> the "Certificate Patrol" extension (
>>> )? (Or
>>> "key pinning" as Chrome does it?) The latter would require some UI
>>> too, but would be a major improvement. As "techie", I like the
>>> configurability of "Certificate Patrol" in its UI, not
>>> "about:config". It
>>> can easily be made as unobtrusive or "panicy" as one likes, even if
>>> just a once-and-for-ever configuration step.
>>> For "non-techies", it seems that the Firefox "reset to default"
>>> button is
>>> all they'll ever need. Maybe it should be moved out of its current
>>> somewhere easier findable by them, e.g. an own menu item under
>>> "Help" (with
>>> an appropriate big fat warning)? (I personally have never used it so
>>> but I might need to in future, if I manage to mess up "about:config"
>>> parameters, deejaying the JS and image settings above in future. So
>>> far, I
>>> have used "about:config" for some "once-and-for-ever" configuration
>>> e.g. some security and privacy related hardening.)
>>> Please don't take this as critic of any future UI changes. Normally, I
>>> consider Firefox changes to be improvements - e.g. the new "selected
>>> engine applies to the whole browser" (i.e. also the address bar), new
>>> development tools, etc. Neither will I complain about the missing
>>> "blinking". (It's not in specs, with FF the only one having
>>> supported it,
>>> and there are other specified ways to make things blink. But UI is not
>>> covered by specs.) This is the first time I consider the change a
>>> change for
>>> the worse. So much as to send my first e-mail to "firefox-dev".
>>> firefox-dev mailing list
>>> firefox-dev at mozilla.org
> firefox-dev mailing list
> firefox-dev at mozilla.org
More information about the firefox-dev