IE8 PASS ACID2 – ACID2 FAILED W3C

Update: This article is more or less misleading. According to Asa Dotzler (mozilla.org) ↓. The CSS Error is intentionally added by the “Web Standards Group” for Error handling test.

I read this news at kakkoi recently, following up on announcements at IEblog about their recent glorified claimed with IE8 ACID2 Milestone .

Acid 2

For those who doesn’t know much bout CSS specifications. ACID2 is a standard CSS Test page maintained by The Web Standards groups. This is where Browser Vendor test their Browser CSS rendering capability. The first batch to pass this test is opera 9.1, icab (osx) & Firefox 3a.

The most popular browser vendor (Microsoft Internet Explorer) just pass this test for IE8 (a) Browser. I’m quite happy as Internet Explorer is a big liability to support by most web developer. Unfortunately The ACID2 Test pages FAILED W3C CSS2.1 Validations.

43 	 Parse Error - second two]
88 	.parser-container div 	Value Error : color orange is not a color value : orange
94 	.parser 	Property error doesn't exist : }
97 	.parser 	Property m rgin doesn't exist : 2em
97 	Parse error - Unrecognized };
99 	.parser 	Value Error : width only 0 can be a length. You must put an unit after your number : 200
100 	.parser 	Value Error : border Lexical error at line 96, column 38. Encountered: "e" (101), after : "! "error;
100 	.parser 	Value Error : border Parse error - Unrecognized }
101 	.parser 	Value Error : background Too many values or values are not recognized : red pink

Related Links

• The Web Standards ACID2 page
• W3c CSS validation for ACID2 Page
• Screenshot at Kakkoi

Firefox 2.0.0.7 Update – Quicktime Pwns Firefox

A serious vulnerability in Mozilla Firefox has been addressed in release 2.0.0.7 which is now posted to the Firefox web site. The exploit involved an issue in Apple QuickTime that could reportedly lead to a full compromise of the browser and possibly the underlying operating system.

The vulnerability reported by Petko D. Petkov at gnucitizen.org , who also reported on two other QuickTime vulnerabilities last year.

Workaround: Disabling JavaScript in the browser does not protect against this attack; in vulnerable versions scripts passed through the -chrome option would be executed regardless of the JavaScript setting for web content, much as interpreters for languages such as Perl and Python execute scripts passed on the command line. The NoScript add-on, however, has provided protection against this class of attack since the cross-browser vulnerabilities described by MFSA 2007-23 were discovered. ~ Mozilla Foundation Security Advisory 2007-28

Download

Firefox 2.0.0.7 is now available for Windows, Mac, and Linux for free download from http://getfirefox.com.

Continue reading →