news aggregator

Firefox 23 moved from Nightly to Aurora this week, bundled with a new browser security feature. The Mixed Content Blocker is enabled by default in Firefox 23 and protects our users from man-in-the-middle attacks and eavesdroppers on HTTPS pages.

When an HTTPS page contains HTTP resources, the HTTP resources are called Mixed Content. With the latest Aurora, Firefox will block certain types of Mixed Content by default, providing a per-page option for users to “Disable Protection” and override the blocking.

In this post, I’ll be talking about how to create a basic note-taking app that syncs local and remote content if you are online and defaults to saving locally if offline.

Microsoft Security Bulletin MS13-037 - Critical

This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

A push to device feature was added in the 3.0 release of the Firefox OS Simulator. This feature allows web apps to be pushed to a connected device by clicking one button in the Simulator Dashboard. Read more

In the last few years we’ve witnessed an evolution in what ‘app’ means to both developers and consumers. The word app evokes the idea of a rich, task-oriented user experience with highly optimized user interface that responds to its environment and can be used on an array of common devices. In order to make development of rich app experiences easier, native platforms have generated many of their own controls and components that Just Work™.

Last week, everyone became crazy about refactoring. Some have taken “spring cleaning” very literally and many patches landed to make WebKit simpler and cleaner.

A nice change ties to the way Objective-C objects are adopted by RetainPtr. Previously, there were 3 ways to adopt a pointer:

RetainPtr<id> foo = adoptNS([...]);
RetainPtr<id> bar(AdoptNS, [...]);
RetainPtr<id> baz;
baz.adoptNS([...]);

Today, the W3C published Pointer Events as a Candidate Recommendation, an important step towards a standard and interoperable way to handle input from touch, pen, mouse, and more. This fast 5-month progression from First Public Working Draft to Candidate Recommendation is a mark of the effective collaboration between Microsoft, Google, Mozilla, Opera, Nokia, jQuery, and others to help sites take advantage of new interactive hardware on the Web.

Update: Today, Monday, May 13 at 11:00am PDT, we closed the submission form for the Phones for Apps program. Thanks so much to all of you for your interest and enthusiasm. Your response has been overwhelming! We’ve received thousands of applications, more than we’re equipped to review in a timely fashion.