More than month ago we announced on our Addons blog that we wanted to increase security of extension installation for average users.

Extensions hosted from addons.opera.com are carefully moderated and as such they can be installed in Opera with a minimum of effort. However, since we have no way of knowing the moderation practices of third-party repositories, we need to be more careful with them.

Having studied how people install and use extensions we came to the conclusion that current security dialog is somewhat deficient, in that many users will simply click-through it and add new repositories to the trusted list, without fully understanding the consequences of such an action.

For that reason, we decided to "raise the security bar" and make installation of third-party extensions require a little more thought. Starting with this build we block installation of extensions from all repositories that are not already in the trusted list. Those who understand the risks can click on the help button in the new dialog to find how how to add further repositories to their trusted list. With this change we hope to eliminate accidental additions.

This build also includes a small but nice collection of bug fixes. Enjoy and thanks in advance for the feedback.

Known Issues (see also issues from previous snapshots):

• The Extensions help page is subject to further changes

WARNING: This is a development snapshot: It contains the latest changes, but may also have severe known issues, including crashes and data loss situations. In fact, it may not work at all.

Download

• Windows 32-bit / Windows 64-bit
• Mac (Universal Binary 32/64-bit)
• Linux/FreeBSD

Thanks! Testing.

DSK-366218, I guess this is nice for extensions like SnapLinks. Will test when I get home.

I can't find and hints about how to change the repository list in the help and there is no path\trusted_repositories.ini as indicated in opera:config where to look up in my clean install

edit:
For all who have the same problem:
Menu -> Settings -> Preferences -> Advanced -> Security -> Trusted Web sites
add the repository, done.

Originally posted by QuHno:

I can't find and hints about how to change the repository list in the help...

Yep, the help page will be updated later, read the known issues:

Originally posted by Remigiusz Bondarowicz:

The Extensions help page is subject to further changes

That said "Preferences > Advanced > Security > Trusted Websites..." is what you are after.

Originally posted by QuHno:

there is no path\trusted_repositories.ini where to look up in my clean install

This file is only written (in your profile directory by default) after you start adding sites. So in a clean profile with no sites yet added, it will be empty.

Like the latest 4-5 snapshots (i already reported this), gmail or google+ random brings the cpu to 50%, only closing the tab stops this. Opera:cpu show an usage like 2-3%.

(windows 8 rp x64, x64 build, hwa and other stuff off)

open M2 or bookmarks library
press F2
drop down arrow is missing!

Ubuntu 12.04 amd64, Opera x64, hwa off

Has the Linux plugin crasher been fixed?

I just tried to add the website to the trusted ( ctrl+F12-->advanced-->security) and it worked, I could install the RES extension without any problem !

Originally posted by zombie:

Has the Linux plugin crasher been fixed?

No.

Let's hope it will not make installing nice extensions too difficult.

Originally posted by zombie:

Has the Linux plugin crasher been fixed?

Since it is not in the changelog, no!

The fix is done internally but may or may not be in the next snapshot, it is reliant on some other changes that are still being tested. It will come with a bunch of other updates when they are all ready.

Rest assured when it is fixed it will be mentioned in the Changelog.

In my opinion, this makes it more complicated to install an extension from other sources. It would be better to make a more specific warning-message that user wouldn't ignore.

Originally posted by hurug:

Let's hope it will not make installing nice extensions too difficult.

Unless you are forever using new, different repositories (and let's be honest who does that) it is unlikely to make a big difference to you.

If you use the main repository only, it will have no effect. If you use a few alternative repositories, you add them once and you are done. It shouldn't really be a major inconvenience to anyone.

Originally posted by ruario:

Yep, the help page will be updated later, read the known issues:

Thanks, I did, I thought that was something different.
You caught me during editing my post btw.

Originally posted by ruario:

Originally posted by zombie:

Has the Linux plugin crasher been fixed?

Since it is not in the changelog, no!

The fix is done internally but may or may not be in the next snapshot, it is reliant on some other changes that are still being tested. It will come with a bunch of other updates when they are all ready.

Rest assured when it is fixed it will be mentioned in the Changelog.

Thanks for the update Ruari, I was starting to get quite frustrated that the issue (which is pretty big for Linux users) hasn't even been acknowledged in the updates that had been released since it first broke. Perhaps it could be added to the post above as a known issue so others don't have to go digging through these comments.

Has problem when save Extension setting fixed yet
edit: i 'll try in tomorrow, have to sleep now
edit 2: I think no

The Help button should definitely be called differently. The title should provide some hint that it gives a way to let the extension be installed somehow. Probably "Trusted sources..." or "Manage sources" but more informative than "Help", because the Help button is usually the most useless button.

For a few builds (since the first spdy one?) I've been having problems with twitter not loading properly. The timeline appears but there's no compose tweet box, who to follow, trends, infinite scrolling etc...

It looks like there's a Javascript error causing this,

Uncaught exception: SyntaxError: JSON.parse: Property name (in double quotes) expected: ebar_bo

But interestingly everything works fine if I open twitter in a private tab (and the 12.0 series of builds are fine too)

I have high cpu usage on many sites yet.
Example: http://www.banca-de-revista.com/ (xxx content)
opera:cpu report 98% and Opera becomes very slow.

Ubuntu 12.04 amd, Opera x64, hwa and webgl off, E2140 cpu

Originally posted by DD64:

In my opinion, this makes it more complicated to install an extension from other sources.

Slightly yes, but you only have to do it once.

Originally posted by DD64:

It would be better to make a more specific warning-message that user wouldn't ignore.

Wouldn't ignore? That is pretty hard to do. A lot of people don't read the big red warning in this blog post and get pretty annoyed when a Next build doesn't start or plugins fail.

Originally posted by paddy2k:

Thanks for the update Ruari, I was starting to get quite frustrated that the issue (which is pretty big for Linux users) hasn't even been acknowledged in the updates that had been released since it first broke.
Perhaps it could be added to the post above as a known issue so others don't have to go digging through these comments.

The known issues say to read the previous known issues and it is in the known issues for an earlier snapshot. I also acknowledged the issue in the comments of that snapshot.

As it happens we knew the issue before before we released the first snapshot that demonstrated the problem. One of my colleagues noticed it on internal builds following the last big Core update. The fact it wasn't in the known issues immediately was an oversight on my part. I am usually asked about Linux/FreeBSD issues that should be highlighted in the snapshots, however my focus was on the 12.02 release at the time and I forgot to get this added initially.

What about fixes to themes and tab bar on linux?

Originally posted by minho:

What about fixes to themes and tab bar on linux?

We plan to have more yes, but not in the short term

What time to fix this problem:
Extended settings can not be saved, turn off and on opera, has returned to the default settings

xpsp3 32/ win7 32 opera12.5

high cpu usage becomes Opera unresponsive for some seconds.
http://www.nfl.com/

Ubuntu 12.04 amd, Opera x64, hwa and webgl off, E2140 cpu

opera:gpu page

http://files.myopera.com/celeborn1/files/Operagpu.jpg

DirectX acceleration is blocked due to Catalyst is older than 10.2.

But, I'm using Catalyst 10.9 for my HP dv6-3100et. It has switchable graphics. HD5650+Intel HD Graphics. The latest driver from HP. I guess Opera is confused by hybrid graphic cards.

Rendering errors on
http://tunein.com/

Firefox 15: http://files.myopera.com/minho/albums/3631672/ff.png
This build: http://files.myopera.com/minho/albums/3631672/opera.png

Ubuntu 12.04 amd, Opera x64, hwa and webgl off, E2140 cpu

The new dialog box message is VERY misleading. You're targeting the average user, right? They'll read that and think "crap, I guess I can't install this then" because the addon is not on addons.opera.com. The message should be more direct about what you actually mean. For instance:


==============
For your safety, you can only install extensions from trusted sources.

To find out how to add the current website to the trusted sources list, click the "Learn about trusted sources" button below.
==============

Product selection pane at the top, shows no content.
(OSX v10.7.4)

http://css3test.com - 50% only Why?
Opera 12.02 - 53%
FF 16 beta - 55%
Chromium 23 - 62%

Are you going to do something with DSK-373503 aka "Illegal instruction"?

Unusable on Fedora 17 x32 yet.
Many random NSLs...

DSK-372444 and DSK-372445 still not fixed

It could be useful to allow per extension control of auto updating.

For instance, if you install a 3rd party extension it would be prudent to self review the updates to that extension

Originally posted by MaxVL:

http://css3test.com - 50% only Why?
Opera 12.02 - 53%
FF 16 beta - 55%
Chromium 23 - 62%

Opera 12.5 removes the old CSS Speech properties, which is why there is a drop.

Originally posted by ll3mo:

Like the latest 4-5 snapshots (i already reported this), gmail or google+ random brings the cpu to 50%, only closing the tab stops this. Opera:cpu show an usage like 2-3%.

(windows 8 rp x64, x64 build, hwa and other stuff off)

Also confirmed on XP when initiating chat - sometime after build 1546.

Checked boxes in the Web pages and in Opera UI are displaying as an orange button. If I hover the checked box, then it displays as usual.
--
Ubuntu 12.04, 64 bit, Opera Standard theme, Unity DE, Ambiance, HWA Off, WebGL Off.

Until you correct the settings saving extensions, these snapshots are useless ((

I copied wand.dat from Opera 11.64 to Opera Next, but was still unable to log in here. I had to re-enter my username and password.

DSK-372504 WAV files don't play is a deal-breaker for me in Opera 12.xx

Test Page.

audio/wav is set to Open in Opera. Works in 11.64 on Win XP Home SP3.

Is there any extension to replace Opera Unite yet?

Originally posted by christoph142:

Not sure if it's only me, but since I updated to this snapshot, Facebook's photo-popups close immediately after opening without loading the comments section on the right side of it.

Win8 x64

no problems here with FB photos and comments (popups and old stile album)
Win 7 x64

Originally posted by ll3mo:

Like the latest 4-5 snapshots (i already reported this), gmail or google+ random brings the cpu to 50%, only closing the tab stops this. Opera:cpu show an usage like 2-3%.

I've seen multiple people mention the opera:cpu reporting issue now. Is there a known issue with this page misrepresenting actual usage?

Originally posted by andrew walker:

For a few builds (since the first spdy one?) I've been having problems with twitter not loading properly. The timeline appears but there's no compose tweet box, who to follow, trends, infinite scrolling etc...

I don't see this here. Could userJS/extension/content blocker be running interference for you?

Thumbs up for the Ubuntu screenshots

Adblock extension not saving preferences, loads extension ok but doesn't do anything until I restore settings...

Flash plugin still crashing, nothing plays at all...

Can we get more info, ANY info, about Illegal instruction error. This is forth build in a row which some other user and me cannot run. Any info will be sufficient. "We didn't knew", "we don't care", "sun is shining on the west"... anything, just please respond.

Just to remind you:[dare@arch opera-next-12.50-1583.i386.linux]$ ./opera-next
Illegal instruction
[dare@arch opera-next-12.50-1583.i386.linux]$

Thanks for (not)caring about users who use and love Opera.

Originally posted by Opera Desktop Team:

DSK-366218 Address bar focused instead of page when using extensions that open new tabs

Actually, for me, all new tabs were incorrectly not focused on the page (I don't use extensions), which is annoying when navigating with the keyboard a lot (like on a laptop).

It seems okay so far, but I still have those randomly ignored keyboard shortcuts. Must file ticket...

Originally posted by minho:

Unusable on Fedora 17 x32 yet.
Many random NSLs...

Indeed, in the last three or four builds. Win 7 x32 build.

Yahoo Pipes is totally unusable in all 12.50 builds using the new Presto core.

Originally posted by pdarko:

Can we get more info, ANY info, about Illegal instruction error.

What processor do you run?

An annoying thing: tabs in speed dial can be moved with right clock now. Like many others I use gestures to close pages - including the speed dial if I don't need it. Now it happens quite often that I move my tabs around while doing that gesture