I want nothing more now from Firefox than iterative performance improvements across all platforms and adherence to web standards. That’s it. Let extensions handle all the other crap.
Tbh I disagree, the official vertical tab support is so nice and less janky than any of the extensions I used that had this functionality
After opening FF while previously using Arc for a while I was super happy with the usability improvements (that don’t seem to have impacted older workflows fortunately… big fan of how FF makes it easy to customize the toolbar etc)
I tried Tree-style tabs and Sidebery, and I bounced off of both. The new native vertical tabs feature works for me, and it is the most impactful feature they've shipped in years for my particular firefox experience.
Back when I tried sidebery, there was some weird issue where either shift-click or right clicking didn't work on mac, and that turned me off. I just tried it again, and both work fine now.
One other feature that is nice for me is the ability to collapse the sidebar to just the tab icons. It's a nice middle ground between being able to see what I have open and getting a full screen experience.
TST and Sidebery are both fantastic extensions, I don't think they do anything wrong. For whatever reason though, the FF native implementation worked for me where they didn't
The biggest benefit I've seen is that it automatically hides the old tab bar at the top. Before that, you had to dig into some hidden profile directory and modify some userchrome CSS file and modify the CSS directly hoping it would work.
I use this method personally and it works great on GNOME and KDE. First set `toolkit.legacyUserProfileCustomizations.stylesheets` to true in `about:config` then find your profile directory in `about:profiles`.
cd $FIREFOX_PROFILE_DIR
cd chrome
git clone https://github.com/MrOtherGuy/firefox-csshacks
touch userChrome.css
I'll wager most users are happy with primitive over advanced.
For example, I sometimes run with hundreds of tabs and my wife has many thousands, at all times. My needs and hers are very different from typical users who have single digits numbers of tabs open, heavily biased toward the low end.
Of course I would prefer TST or Sideberry, but I'm not like most users. For most users, the Firefox experience is superior to Sideberry for its ease of use and fewer failure modes.
Yes, Firefox should focus on being a lean mean machine, with the caveat that it returns to exposing its API and making it easily accessible for anyone who wants to go beyond that principle of leanness at the expense of speed or memory.
I’d even go so far as to say that extensions should have full control over Firefox again. They shouldn’t have to wait 20 years for a tray icon on minimize feature to be added or require external apps to add that feature on certain operating systems. Min2Tray existed. They should have the ability to completely alter the UI to make it function however you want. For example, the old search was great for keyboard users. A couple of strokes and you could switch search engines to site specific ones. Now it takes dozens. And when they all have the same icon, it is a painful experience. There was even at one point an add-on to restore that functionality. All this should be exposed.
The extension and plugin infrastructure didn’t die. It was killed! If security is a concern, just add more warning cones and blood red messages.
In my personal opinion, while the flexibility of the old XUL addons was amazing, the two big issues are compatibility and performance.
Compatibility: these addons could be broken very easily because they could depend on almost anything, and with the monthly release cycle, it is very difficult for mod authors to keep up. For instance, some addons would work by taking a core browser function written in JS, convert it to a string, run a regular expression to edit the string, then use eval to create a new function to replace the old one. In some release, the syntax of the "convert a function to a string" output changed slightly and it broke these addons, because it broke the regexp they were using.
Performance: XUL addons could do all sorts of things that are horrible for performance, and there was no real way for a user to tell what was causing it, because the addon wasn't isolated in any way. I ran into somebody who was having severe performance issues because the browser was generating colossal amounts of garbage for no reason. It eventually turned out that on a whim they'd installed a "LaTeX the World" addon, which would look for LaTeX typesetting instructions on pages and replace it with the nice looking output. The problem was, the way it worked was that every 10 seconds or so it would convert the entire contents of every single tab you had open into a zillion strings, search those strings, then throw them out.
The problem isn't security per se, it's compatibility. Exposing all the browser internals to extensions means that all the internals are part of the platform's public API and it's almost impossible to change anything. A lot of HN users will be like "that's fine, software should be finished, I don't want any more features", but things like performance and especially security require ongoing maintenance. The particular thing that killed off Firefox's old extension model was that it blocked migration to a multi-process architecture, which was clearly necessary even at the time and became even moreso when Spectre showed up a couple years later. "Warning cones and blood red messages" do not solve this because a vulnerable architecture exposes all users to exploitation, not just those who choose to use sketchy extensions.
(Also we know from long experience that "warning cones and blood red messages" don't in practice suffice to prevent end users from being exploited, but that's a separate issue.)
It should also be pointed out that the Firefox devs spent years and countless dev hours trying to keep the old extension system and solve the problems wrt. multi-process, security, performance, and compatibility. They removed the extension system only after they tried everything else, and mostly failed.
They also spent tons of effort explaining the background of these choices and why they felt they had no choice and this was the only path forward. It's disappointing people are still coming up with this "oh, why don't they just [..]?!" type stuff.
For me after they started limiting what extensions can do, firefox became a lot more stable. Before that I was using chrome because of firefox instability with extensions I wanted to use. After they got in isolated process for tabs and limiting extension permissions it actually improved quite a lot and became stable.
The concept of "web standards" is odd because new "standards" keep getting added. And what's more, they're being added rather promiscuously by an entity with almost unlimited resources, who is also the primary competitor. ;)
I abandoned Firefox because it was dragging its feet on some vital web standards such as WebGPU and import maps. The former is obvious. The latter is such a massive quality of life improvement for devs (makes build systems obsolete) that I simply could no longer care for Firefox which ignored it for the longest time.
That's literally the process. TC39 in particular requires two real world implementations to exist before some new feature becomes a formalized part of the standards.
Several proposals backed by "the primary competitor" failed to get through the process, or were radically changed to make other implementors happy.
You don't want that though. Nobody wants that. Browsers have been nothing but edge-case handlers since servers figured out they could segment by user-agent, and users realized they could lie about their agent.
Agreed! I stuck with Firefox for a long time, but within the last year moved to Brave because too many sites were breaking. To your list I'd add "adblock," though, because it seems like extension standards are converging on a point where that's more effectively scaffolded inside the browser.
I really have to emphasize that browser extensions are a terrible security nightmare and generally speaking, should be avoided at all costs. I understand they're fun and convenient, but it's one of those things that really doesn't age well into our modern cybersecurity issues.
Running a browser without an adblock extension is an even worse cybersecurity issue, since tracking online is so extensive. I live in a country where the government routinely buys surveillance data from data collection companies to spy on us. But even if you don’t live in the US, it’s still a good thing to protect your privacy.
This sort of used to be true and mostly isn't today. Firefox and Edge both have reasonably good tracking prevention features. They rival Privacy Badger in effectiveness (it's largely moot these days), and the only thing between tracking prevention and ad blocking is that the latter also focuses on protecting your poor innocent eyes from advertising, which I mostly couldn't care less about if the tracking is being defeated.
I think if you are extremely narrowly scoping well-trusted ad blockers, you may be okay, as long as you understand you are trusting the ad blocker with your banking info. But it would be far better for a browser to include capabilities in first-party and eradicate extensions altogether.
A Pihole is also far safer than an adblock extension, because it can't see your decrypted your web traffic the way a browser extension can.
No strong opinion on it specifically, but you are trusting the author of that extension to never abuse access to your banking info, so as long as you trust them with all your money, you're golden!
Any extension with post-decryption ability to read and modify everything on all websites could, if they choose, see any sensitive info you do, and subtly even change it without your knowledge.
And I'm not saying uBlock would, or that as a super popular extension it likely wouldn't be discovered quickly, but arguably they can because you've given the extension the ability to see and rewrite your entire reality.
Then they should improve the ground for addons too. Add more API, more abilities. I'm still waiting for Firefox improving the shortcut-handling, gaining back the level we once had with extensions like vimperator. How long is this now? 8 years of broken promises?
