Speaking of Firefox Usability



  • On the left, Internet Explorer 9.  On the right, Firefox 21.

    With Firefox, I can post a message, but I cannot reply to or quote a specific message because the necessary widgets are missising.  Also, using Firefox, I cannot post a comment on any blog on Google's Blogspot.com.  After hitting submit, the comment just disappears, never to be seen again.  IE works just fine.

    The number of websites that do not work properly with Firefox seems to be growing.

    Community Server, WTF - had to play around with resizing the pictures.  The two pictures would be side by side in compose mode, but the Firefox picture would be under the IE picture in the preview.

     



  • You are zoomed in slightly in Firefox, which may affect layout, because page coders never take that feature into consideration.

    Or, you are slightly zoomed out in IE.

    Better have a look!

     




  • @dhromed said:

    You are zoomed in slightly in Firefox, which may affect layout, because page coders never take that feature into consideration.

    Or, you are slightly zoomed out in IE.

    Better have a look!

    IE is zoomed in to 115%.  Necessary due to a combination of bad eyes and a big monitor.  Firefox is zoomed in slightly as well, but it doesn't give me an exact number like IE does.

    No amount of zoomng in or out fixes Firefox.  But it was worth a try.

     



  • @dhromed said:

    You are zoomed in slightly in Firefox, which may affect layout, because page coders never take that feature into consideration.

    Or, you are slightly zoomed out in IE.

    Better have a look!

    I never understood why browsers let the page know when they are zoomed in. Faking a smaller window size and then transforming the coordinates would probably cause a lot fewer layout bugs.



  • As much as I've begun to hate Firefox as of late, this really just seems like a classic mundane example of a site testing only in IE. Is there a specific reason you think this is a Firefox fail and not a web developer fail?



  • @SamC said:

    As much as I've begun to hate Firefox as of late, this really just seems like a classic mundane example of a site testing only in IE. Is there a specific reason you think this is a Firefox fail and not a web developer fail?

    Well, it's Ars Technica, and they're not people I'd assume developed only for IE (or in IE at all..)


  • Trolleybus Mechanic

    Did you try disabling your adblocker?

    Okay, as much as troll with that one, serious question. So many sites seem to think it's a good idea to put their scripts that load their navigation shit in the same call that loads their pixel trackers and shit.  Or they put their navigation wireup code right after the call to LoadFifteenMillionTrackersOrCrashTheEntirePage();



  • @Lorne Kates said:

    Did you try disabling your adblocker?

    Okay, as much as troll with that one, serious question. So many sites seem to think it's a good idea to put their scripts that load their navigation shit in the same call that loads their pixel trackers and shit.  Or they put their navigation wireup code right after the call to LoadFifteenMillionTrackersOrCrashTheEntirePage();

    I think that's a perfectly reasonable tactic to make people turn off ad-blockers. I've seen a trend for copyright-ignoring streaming sites to cover functional sections of the page with banner ads that are unclosable if you're running an adblocker, which makes perfect sense to me.



  • @TDWTF123 said:

    I think that's a perfectly reasonable tactic to make people turn off ad-blockers.

    All people are going to see is a broken page and they won't realise that their adblocker is the cause.
    What they will do is tell all their friends not to use your website because it sucks balls.



  • @Salamander said:

    All people are going to see is a broken page and they won't realise that their adblocker is the cause.

    This is why I prefer a nice, big "Turn off your adblocker, cocksucker" goatse.

    @Salamander said:

    What they will do is tell all their friends not to use your website because it sucks balls.

    Meh, their friends are probably all crooks, too, so good riddance.



  • @dhromed said:

    You are zoomed in slightly in Firefox, which may affect layout, because page coders never take that feature into consideration.

    Or, you are slightly zoomed out in IE.

    Better have a look.

     Arstechnica is one of the few sites where it actually works properly.

     



  • @Ben L. said:

    I never understood why browsers let the page know when they are zoomed in. Faking a smaller window size and then transforming the coordinates would probably cause a lot fewer layout bugs.

    Well, you have it perfectly backwards. Browsers do not notify the page when they are zoomed in, but only notify the page that the window has been resized, and try to redo all the layout themselves. It's actually worse than that : browsers do not even allow the page to know what is the current zoom level, apparently because this is a user setting that belongs outside of the sandbox in which the page is allowed to play.

    In most cases it works just fine. However, when zoomed in our out, they need to play with floating point pixels and coordinates internally. And of course they all have a few floating point derived rounding errors. And none of them makes the same rounding errors, which typically lead to off-by-one errors in one or another browser, which in turn leads to what you can see there.

    This is especially common when you start using float:left in your css and that due to one of these off-by-one errors your floating content is pushed to below is sibling and then cropped out by it parents overflow:hidden attribute.



  • @LordOfThePigs said:


    In most cases it works just fine. However, when zoomed in our out, they need to play with floating point pixels and coordinates internally. And of course they all have a few floating point derived rounding errors. And none of them makes the same rounding errors, which typically lead to off-by-one errors in one or another browser, which in turn leads to what you can see there.

    This is especially common when you start using float:left in your css and that due to one of these off-by-one errors your floating content is pushed to below is sibling and then cropped out by it parents overflow:hidden attribute.

    That doesn't make sense. All the layout should be done with integers, and then scaled up (or down) for the actual drawing. No need for floats. In a perfect world, zooming would be a feature of the window system, so that even the browser wouldn't know about it and couldn't get it wrong.


  • Discourse touched me in a no-no place

    @Planar said:

    In a perfect world, zooming would be a feature of the window system, so that even the browser wouldn't know about it and couldn't get it wrong.
    That's actually one of the features of OSX. I hold down Ctrl and use the scrolling mouse action (which depends on whether I'm using a touchpad or a physical mouse with a scrollwheel) and everything scales. I find it's only really useful when you're looking at off-by-one errors in pixel layouts, but YMMV.

    Of course, browsers decide that it is necessary to implement their own scaling scheme as well…



  • @Ben L. said:

    Faking a smaller window size and then transforming the coordinates would probably cause a lot fewer layout bugs.
     

    No, because I hate fullpage zoom, since it also enlarges sidebars, titlebars, images etc, which distorts the layout significantly, and I only want text to zoom because that's what I can't read comfortably.

    Also, with full page zoom, images are upsampled and will always look worse than at 100%.

    Full page zoom bad. Text zoom good.



  • @TDWTF123 said:

    @Lorne Kates said:

    Did you try disabling your adblocker?

    Okay, as much as troll with that one, serious question. So many sites seem to think it's a good idea to put their scripts that load their navigation shit in the same call that loads their pixel trackers and shit.  Or they put their navigation wireup code right after the call to LoadFifteenMillionTrackersOrCrashTheEntirePage();

    I think that's a perfectly reasonable tactic to make people turn off ad-blockers. I've seen a trend for copyright-ignoring streaming sites to cover functional sections of the page with banner ads that are unclosable if you're running an adblocker, which makes perfect sense to me.
     

    I'm surprised that that tactic works, given that the purpose of an adblocker is to get rid of unwanted elements from the page. If someone's running an adblocker and comes across one of those banners, their most obvious response is going to be to tell the adblocker to block it.

    (A similar hate of mine: I browse with JavaScript off by default because it makes sites so much less annoying, and come across the occasional site that covers the entire page with an element that says that the page doesn't work with JavaScript off. My usual approach is to remove the element in question with Firebug, upon which the page normally works fine. An adblocker would typically work too; they're not just for blocking ads, people! I likewise use them to block interface elements of sites I disilke, such as avatars on forums. Or various people's signatures.)

     



  • I agree with the hate for thoses sites that require javascript. I can understand that for a tiny subsection of the web who actually do something useful on the page (say, they are hames, or google doc, or jukebox), but 99% of the time it's for shitty visual effects since I actually go on site to read information and not to do a shittier version of applications already installed on my computer. I find especially jarring the fact that they often don't explain why they need javascript. Unknown program that want special right in my computer without explanation are suspiciously like malware.



  • If I ever designed a video streaming site, the ads would come from a URI like http://data2.example.com/0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33.flv.

    The videos would come from a URI like http://data2.example.com/bb928ca332f5f4fa2cdaef238672e0fbcf5e7a0f.flv.

    Seriously, all it takes it to have first party ads that don't look like ads.


  • Trolleybus Mechanic

    @TDWTF123 said:

    I think that's a perfectly reasonable tactic to make people turn off ad-blockers.
     

    Sure, because hosting critical scripts that your site absolutely 100% requires on unrelated, unreliable 3rd party servers is a great idea.

    No, wait, even ignoring the whole ads thing, that's a goddamn fucking stupid idea.  Have fun spending hours troubleshooting why a large swath of customers can't access the site, only to find out there's the occasional network outage in some part of your ad network's CDN.

    ESPECIALLY given that it's not just <script src='adnetwork.com/nav.js' />.  It's usually src='cdn.com/loader.js', which loads three different 'cdn.partners.com/tracker.js', which each in turn load three different 'a.cdn.inedo.com/tools.js', which in turn load 'api.google.com/jquery-latest.js'.

    I would never even use a direct include of api.google.com/jquery if my site was critically dependent on jquery. I'd suck it up and stick the 10k of minified js on a nicely cached first party server.


  • Trolleybus Mechanic

    @MiffTheFox said:

    If I ever designed a video streaming site, the ads would come from a URI like http://data2.example.com/0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33.flv.

    The videos would come from a URI like http://data2.example.com/bb928ca332f5f4fa2cdaef238672e0fbcf5e7a0f.flv.

    Seriously, all it takes it to have first party ads that don't look like ads.

     

    People have been saying they should do this for years. And given the saturation of the market with 3rd party advertisers, they never will. They needs their tracking and marketing data to keep their business afloat. Why are you trying to steal money from the mouths of the ad networks with your shitty suggestion, you fucking leech?

    Also, video streaming sites can't afford the bandwidth to host first party ads. What do you think they are, video streaming sites or something?

     



  • @Lorne Kates said:

    ESPECIALLY given that it's not just <script src='adnetwork.com/nav.js' />.  It's usually src='cdn.com/loader.js', which loads three different 'cdn.partners.com/tracker.js', which each in turn load three different 'a.cdn.inedo.com/tools.js', which in turn load 'api.google.com/jquery-latest.js'.
     

    There's an option in Firefox under Prefs/Advanced that says "Warn me when sites try to redirect". I checked it just for kicks, and maybe it's placebo, but it appears to me that ad-heavy sites like wikia (a prime offender!) load and respond more quickly, because... FFX is blocking banner redirects and/or some remote script loading? I don't know. It's kind of a black box option.

    @Lorne Kates said:

    I would never even use a direct include of api.google.com/jquery if my site was critically dependent on jquery.

    Yeah, I never really got that.

    It's essentially the same thing as that remote including thing in Go. So the question is, why is it okay for jquery but stupid for Go?

     



  •  I have solved the adblock thing by

    1. using a custom hosts file that points every ad host to 127.0.0.1
    2. running a webserver that serves empty files for any request



  • You are logged in, right?

     Ars Technica's site doesn't show you the quote buttons if you're not logged in.

    These are both taken with Firefox 21, the first while not logged in, the second while logged in:

    [img]http://www.rbemrose.com/images/arstechnica-not-logged-in.png[/img][img]http://www.rbemrose.com/images/arstechnica-logged%20in.png[/img]



  • Status: CLOSED Reason: WORKSFORME

    Like powerlord said, you’re not logged in.



  • @powerlord said:

    You are logged in, right?
     

    Looks closely. In one screenshot, the usernames and ranks aren't showing. That's the same line as the buttons.



  •  Then he has something blocking it. In any case, it’s not a Firefox problem, it’s a PEBKAC problem.



  • @TheLazyHase said:

    I find especially jarring the fact that they often don't explain why they need javascript. Unknown program that want special right in my computer without explanation are suspiciously like malware.

    OMG TIN FOIL HAT

    Seriously, you people are fucking pathetic. I would expect this retarded shit out of non-tech people, but you should know better. Jesus Fuck.



  • @Lorne Kates said:

    People have been saying they should do this for years. And given the saturation of the market with 3rd party advertisers, they never will. They needs their tracking and marketing data to keep their business afloat. Why are you trying to steal money from the mouths of the ad networks with your shitty suggestion, you fucking leech?

    I know you're being retarded, as usual, but 3rd party ads require tracking and what-not because they have no other way of verifying the numbers you're giving them. You can run 1st party ads, but they consume an insane quantity of your time (since you have to maintain contacts with every company you are running ads for) and the companies have to trust you, which most sites simply don't get. So 3rd party ads are the solution.



  • @Mo6eB said:

     I have solved the adblock thing by

    1. using a custom hosts file that points every ad host to 127.0.0.1
    2. running a webserver that serves empty files for any request

    There are still ways to block pieces of shit like you. Meanwhile, I'm going to break into your house and "help myself" to some of your valuables. Hey, you can't get mad because you've already said theft is A-OK!



  • @morbiuswilters said:

    @TheLazyHase said:
    I find especially jarring the fact that they often don't explain why they need javascript. Unknown program that want special right in my computer without explanation are suspiciously like malware.

    OMG TIN FOIL HAT

    Seriously, you people are fucking pathetic. I would expect this retarded shit out of non-tech people, but you should know better. Jesus Fuck.

    Get off your high horse. Most companies use javascript to stealth upload kiddie porn to people who use ad blockers, then blackmail them to compensate for the lost revenue.


  • Considered Harmful

    @Lorne Kates said:

    I would never even use a direct include of api.google.com/jquery if my site was critically dependent on jquery. I'd suck it up and stick the 10k of minified js on a nicely cached first party server

    One strong reason to use a CDN for jQuery is that there's a fairly high probability it's already cached on the user's machine - even the very first time they load your site. This matters more to mobile and/or rural users; even at small sizes, an extra HTTP request can be slow, and with JS the page doesn't even try to render until it's loaded*.

    *Obviously you can opt-in to async behavior, but then there's a good chance your JS that depends on jQuery will load before jQuery.



  • @joe.edwards said:

    One strong reason to use a CDN for jQuery is that there's a fairly high probability it's already cached on the user's machine - even the very first time they load your site.

    Also, Google's CDN is certainly a lot more reliable than your own. It probably does make your entire site a little less reliable overall to rely on Google, but it's marginal at best.



  • @morbiuswilters said:

    @joe.edwards said:
    One strong reason to use a CDN for jQuery is that there's a fairly high probability it's already cached on the user's machine - even the very first time they load your site.

    Also, Google's CDN is certainly a lot more reliable than your own. It probably does make your entire site a little less reliable overall to rely on Google, but it's marginal at best.

    I can think of ONE reason to not use Google's CDN. But only ONE REASON.

    If you're making something that isn't a website, you probably want to include jQuery in it directly. For example, an offline app, or a browser extension.



  • @Ben L. said:

    I can think of ONE reason to not use Google's CDN. But only ONE REASON.

    If you're making something that isn't a website, you probably want to include jQuery in it directly. For example, an offline app, or a browser extension.

    I can think of another, much more likely one: you're building any kind of site that needs strong security. For one, I don't know if Google provides HTTPS endpoints for all the libraries they host, but you'd definitely want to use HTTPS and never plain HTTP. For two, even if they do offer HTTPS, I wouldn't trust third party code hosted on tens of thousands of third party servers worldwide (even if they are run by Google).



  • @morbiuswilters said:

    I would expect this retarded shit out of non-tech people, but you should know better.

    LOL are you kidding? non-tech people wouldn't know or even care about shit that runs on their computers. They just want stuff to work.

    It takes a tech person to be a true paranoid and luddite when it comes to computers.



  • @Quinnum said:

    @morbiuswilters said:
    I would expect this retarded shit out of non-tech people, but you should know better.

    LOL are you kidding? non-tech people wouldn't know or even care about shit that runs on their computers. They just want stuff to work.

    It takes a tech person to be a true paranoid and luddite when it comes to computers.

    Yeah, I know, but I wanted to leave my comment open for a rebuttal like yours.


  • Discourse touched me in a no-no place

    @TDWTF123 said:

    I've seen a trend for copyright-ignoring streaming sites to cover functional sections of the page with banner ads that are unclosable if you're running an adblocker

    No such thing with a modern browser with dev tools. Select element, hit delete. If you can't do that (IE) then you can set the z-index to -1 or the size to 0x0px.



  • @morbiuswilters said:

    @Ben L. said:
    I can think of ONE reason to not use Google's CDN. But only ONE REASON.

    If you're making something that isn't a website, you probably want to include jQuery in it directly. For example, an offline app, or a browser extension.

    I can think of another, much more likely one: you're building any kind of site that needs strong security. For one, I don't know if Google provides HTTPS endpoints for all the libraries they host, but you'd definitely want to use HTTPS and never plain HTTP. For two, even if they do offer HTTPS, I wouldn't trust third party code hosted on tens of thousands of third party servers worldwide (even if they are run by Google).

    yeah, they do. if Google's SSL cert gets compromised, there are bigger problems than your layout not working.



  • @FrostCat said:

    @TDWTF123 said:
    I've seen a trend for copyright-ignoring streaming sites to cover functional sections of the page with banner ads that are unclosable if you're running an adblocker

    No such thing with a modern browser with dev tools. Select element, hit delete. If you can't do that (IE) then you can set the z-index to -1 or the size to 0x0px.

    Or just block the element with your ad blocker.



  • @Ben L. said:

    yeah, they do.

    Good.

    @Ben L. said:

    if Google's SSL cert gets compromised, there are bigger problems than your layout not working.

    1. I didn't say anything about their cert being compromised. It could also be shit like "Hey, one of our hundreds of thousands of servers was compromised!"

    2. I don't know what planet you live on, but Google having their SSL cert compromised would impact me very little. I'd be much more concerned about a site that has my actual financial information being compromised. Google's just where I search for furry porn or check to see if I have any new emails from my the fur-ums I frequent. It's not an actual business that has much relevance to me.

    So my point still stands. If you're doing anything high-security, using code loaded from Google's CDNs is a bad idea, and a good way to fail a security audit.


  • Considered Harmful

    @morbiuswilters said:

    @Ben L. said:
    yeah, they do.

    Good.

    @Ben L. said:

    if Google's SSL cert gets compromised, there are bigger problems than your layout not working.

    1. I didn't say anything about their cert being compromised. It could also be shit like "Hey, one of our hundreds of thousands of servers was compromised!"

    2. I don't know what planet you live on, but Google having their SSL cert compromised would impact me very little. I'd be much more concerned about a site that has my actual financial information being compromised. Google's just where I search for furry porn or check to see if I have any new emails from my the fur-ums I frequent. It's not an actual business that has much relevance to me.

    So my point still stands. If you're doing anything high-security, using code loaded from Google's CDNs is a bad idea, and a good way to fail a security audit.


    Pretty much the point of SSL (more so than just encryption) is that you can't impersonate the server without compromising the certificate (which can be revoked if that occurs).

    Edit: Oh I guess you mean an authentic Google server running rogue code? ...Fat chance.



  • @joe.edwards said:

    Pretty much the point of SSL (more so than just encryption) is that you can't impersonate the server without compromising the certificate (which can be revoked if that occurs).

    Right, which is why I responded to the point about Google having a compromised cert. (Also, most clients don't actually implement proper revocation. So good luck with that.)

    @joe.edwards said:

    Edit: Oh I guess you mean an authentic Google server running rogue code? ...Fat chance.

    Really? Why? Google has tens of thousands of employees and hundreds of thousands of servers running from thousands of locations. You're saying compromising one of those is impossible?

    I don't get how so many software engineers can be so security-illiterate. Sure, using Google's copy of jquery doesn't really matter for your blog Bread-Loaf-Snout-Yiffs-It.com, but it's a security liability for any serious, high-security software. One that would fail a lot of audits.


  • Discourse touched me in a no-no place

    @Ben L. said:

    @FrostCat said:
    @TDWTF123 said:
    I've seen a trend for copyright-ignoring streaming sites to cover functional sections of the page with banner ads that are unclosable if you're running an adblocker

    No such thing with a modern browser with dev tools. Select element, hit delete. If you can't do that (IE) then you can set the z-index to -1 or the size to 0x0px.

    Or just block the element with your ad blocker.

    Depends on whether I'm likely to go visit that site again. If not, adding a rule is more work than I want to do.

    I've started to really like the dev tools. Assholes running forums with the font too small to read? Not any more! Stupid unreadable font? Bye!


  • Discourse touched me in a no-no place

    @morbiuswilters said:

    So my point still stands. If you're doing anything high-security, using code loaded from Google's CDNs is a bad idea, and a good way to fail a security audit.

    Also, if you're writing something that's likely to wind up on an intranet, where the Google CDN may just not be available.



  • @FrostCat said:

    @morbiuswilters said:
    So my point still stands. If you're doing anything high-security, using code loaded from Google's CDNs is a bad idea, and a good way to fail a security audit.

    Also, if you're writing something that's likely to wind up on an intranet, where the Google CDN may just not be available.

    Or maybe you're writing software for a wacko, Christian doomsday cult who block Google because they think indexed search goes against God's wishes. The possible reasons are endless!



  • @morbiuswilters said:

    @FrostCat said:
    @morbiuswilters said:
    So my point still stands. If you're doing anything high-security, using code loaded from Google's CDNs is a bad idea, and a good way to fail a security audit.

    Also, if you're writing something that's likely to wind up on an intranet, where the Google CDN may just not be available.

    Or maybe you're writing software for a wacko, Christian doomsday cult who block Google because they think indexed search goes against God's wishes. The possible reasons are endless!

    Maybe you're writing the server that serves the Google CDN content. "Now Ben," you say, "why the fuck would a server use jQuery?" Well, crazier things have happened.



  • @Ben L. said:

    Maybe you're writing the server that serves the Google CDN content. "Now Ben," you say, "why the fuck would a server use jQuery?" Well, crazier things have happened.

    But once you had a version of jQuery being served up, you could bootstrap future servers so they would only run versions from the Google CDN!



  • And yet I still don't have a rational explanation as to why Microsoft Facebook buys ads from Google that just have more ads in them.

    You're not a real ad network, you're funding your "arch-rival" Google. They're probably making more then you!



  • @TheLazyHase said:
    I find especially jarring the fact that they often don't explain why they need javascript. Unknown program that want special right in my computer without explanation are suspiciously like malware.
    OMG TIN FOIL HAT

    Seriously, you people are fucking pathetic. I would expect this retarded shit out of non-tech people, but you should know better. Jesus Fuck.

    WHY DO YOU LOCK YOUR DOOR ? PEOPLE ARE TRUSTWORTHY I SAID YOU ! EVEN IF THERE IS NO DOWNSIDE TO LOCKING YOUR DOOR YOU ARE PATHETIC TO LOCK IT !!!

    (also, I do work for a firm that do facebook games. I wouldn't autorize the javascript of our own site for privacy reasons, since we gather way too much information in order to sell it. Why would other company not do that too ?)



  • @TheLazyHase said:

    @TheLazyHase said:
    I find especially jarring the fact that they often don't explain why they need javascript. Unknown program that want special right in my computer without explanation are suspiciously like malware.
    OMG TIN FOIL HAT

    Seriously, you people are fucking pathetic. I would expect this retarded shit out of non-tech people, but you should know better. Jesus Fuck.

    WHY DO YOU LOCK YOUR DOOR ? PEOPLE ARE TRUSTWORTHY I SAID YOU ! EVEN IF THERE IS NO DOWNSIDE TO LOCKING YOUR DOOR YOU ARE PATHETIC TO LOCK IT !!!

    (also, I do work for a firm that do facebook games. I wouldn't autorize the javascript of our own site for privacy reasons, since we gather way too much information in order to sell it. Why would other company not do that too ?)

    There is a big difference between locking your door to prevent theft or physical harm, and surfing with JS off because you're some kind of luddite nitwit. At the very least, if you're going to hobble your computer, don't fucking bitch about it on the Internet.

    "HAY GUISE, WHEN I HAVE THE PARKING BRAKE ON MY CAR DON'T DRIVE GOOD! WTF, AMIRITE?"


Log in to reply