Blocklisting/Admin

From MozillaWiki
Jump to: navigation, search

Blocklist entries are added through the Kinto Web Administration tool. Only authorized members of the Add-ons Team can manipulate the blocklist.

Contents

Login via the Kinto admin page (VPN connection is required)

Authentication method: Basic Auth

Username: jdoe@mozilla.com. This is your full LDAP email address.

Password: your_ldap_password

All blocks are first created in the staging bucket, are later moved to the blocklist-preview bucket for testing and review, and then deployed to the final blocklists bucket.

Extension blocks

Staging

Click on staging bucket :: addons

Click on "Create" (or edit/delete icons if you need to change an existing record)

Enter in the appropriate fields. Example below (see the current list1 for more examples)

* Keep the Enabled checkbox checked.

* You'll generally want to enter the Add-on ID, Version Range (0 to * to block all versions), and Severity of the block.

* The OS can be set to any of these, but OS-specific blocks are rarely needed.

* The Target Application is only necessary for blocks that only target specific applications, which should also be very rare.

* The Preferences fields are used in case the add-on changed important Firefox preferences that need to be reset.

* The name, why, who, and bug fields are shown to end users, so they need to be clear as to why the block was put in place and what options are available. If the extension being blocked is malware, add " (malware)" at the end of the name. bug should be a Bugzilla URL.

When done, click on Create Record. This saves the block in the staging bucket.

If you don't need to make more changes to the block, click on Request review back in the main bucket view. The block should be moved to the blocklists-preview bucket.

Notify your reviewer/QA that the block is ready for testing.

1 Data for the blocklist can be found in the public JSON endpoint.

Testing

To test a staged block:

You must first enable chrome debugging: in about:config, set devtools.chrome.enabled to true.

Go to about:config, find the extensions.blocklist.url pref and change its value to https://firefox.settings.services.mozilla.com/v1/preview/3/%APP_ID%/%APP_VERSION%/%PRODUCT%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/%PING_COUNT%/%TOTAL_PING_COUNT%/%DAYS_SINCE_LAST_PING%/

Open Browser Console (Tools > Web Developer > Browser Console)

Paste and run this snippet:

Components.classes["@mozilla.org/extensions/blocklist;1"].getService(Components.interfaces.nsITimerCallback).notify(null);

JSON Example

{
   "guid":"{de71f09a-3342-48c5-95c1-4b0f17567554}",
   "blockID":"i1493",
   "enabled":true,
   "last_modified":1484867614757,
   "details":{
      "who":"All users who have this add-on installed.",
      "created":"2017-01-12T22:17:59Z",
      "bug":"https://bugzilla.mozilla.org/show_bug.cgi?id=1329654",
      "name":"Search for Firefox Convertor (malware)",
      "why":"This is a malicious add-on that is installed using a fake name. It changes search and homepage settings."
   },
   "versionRange":[
      {
         "targetApplication":[

         ],
         "minVersion":"0",
         "maxVersion":"1.3.9",
         "severity":3
      }
   ],
   "prefs":[

   ],
   "id":"d6ec9f54-9945-088e-ba68-40117eaba24e",
   "schema":1484335370642
}

Deploying

Click on staging bucket :: addons

The staged blocks should be shown with an option to Approve.

Approve :)

Plugin blocks

Staging

Click on staging bucket :: plugins

Click on "Create" (or edit/delete icons if you need to change an existing record)

Enter in the appropriate fields. Example below (see the current list1 for more examples)

* Keep the Enabled checkbox checked.

* Plugins are usually identified by their Filename. Name and Description regular expression matches are used when the Filename doesn't work. Regexp Pal is a good tool for testing regular expression blocks.

* The OS can be set to any of these. It's generally only needed for Linux blocks, since Linux and Android distributions use the same filename and plugins are never blocked on Android.

* The Version Range should always be set (0 to * to block all versions).

* The Severity should always be set to 0 (click to activate).

* The Vulnerability status should be set depending on whether the latest version is being blocked or not.

* The OS can be set to any of these, but OS-specific blocks are rarely needed.

* The Target Application is only necessary for blocks that only target specific applications, which should be very rare.

* The name, why, who, and bug fields are shown to end users, so they need to be clear as to why the block was put in place and what options are available. bug should be a Bugzilla URL.

When done, click on Create Record. This saves the block in the staging bucket.

If you don't need to make more changes to the block, click on Request review back in the main bucket view. The block should be moved to the blocklists-preview bucket.

Notify your reviewer/QA that the block is ready for testing.

1 Data for the blocklist can be found in the public JSON endpoint.

Testing

To test a staged block:

You must first enable chrome debugging: in about:config, set devtools.chrome.enabled to true.

Go to about:config, find the extensions.blocklist.url pref and change its value to https://firefox.settings.services.mozilla.com/v1/preview/3/%APP_ID%/%APP_VERSION%/%PRODUCT%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/%PING_COUNT%/%TOTAL_PING_COUNT%/%DAYS_SINCE_LAST_PING%/

Open Browser Console (Tools > Web Developer > Browser Console)

Paste and run this snippet:

Components.classes["@mozilla.org/extensions/blocklist;1"].getService(Components.interfaces.nsITimerCallback).notify(null);

Deploying

Click on staging bucket :: plugins

The staged blocks should be shown with an option to Approve.

Approve :)

Graphics card blocks

Go to the blocklist detail page and click on Add blocklist detail.

Enter a name and descriptions for the block. These detail pages aren't exposed to users, so these descriptions aren't very important.

Set the Bug field to the blocklist bug.

In the Blocklist Gfx #1 section, set the data that should have been detailed on the blocklist bug.

Staging

Click on staging bucket :: gfx

Click on "Create" (or edit/delete icons if you need to change an existing record)

Enter in the appropriate fields, which should be detailed in the bug report. Example below (see the current list1 for more examples)

* Keep the Enabled checkbox checked.

* The name and bug fields are used for internal record keeping and won't be shown to users. bug should be a Bugzilla URL.

When done, click on Create Record. This saves the block in the staging bucket.

If you don't need to make more changes to the block, click on Request review back in the main bucket view. The block should be moved to the blocklists-preview bucket.

Notify your reviewer/QA that the block is ready for testing.

1 Data for the blocklist can be found in the public JSON endpoint.

Testing

To test a staged block:

You must first enable chrome debugging: in about:config, set devtools.chrome.enabled to true.

Go to about:config, find the extensions.blocklist.url pref and change its value to https://firefox.settings.services.mozilla.com/v1/preview/3/%APP_ID%/%APP_VERSION%/%PRODUCT%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/%PING_COUNT%/%TOTAL_PING_COUNT%/%DAYS_SINCE_LAST_PING%/

Open Browser Console (Tools > Web Developer > Browser Console)

Paste and run this snippet:

Components.classes["@mozilla.org/extensions/blocklist;1"].getService(Components.interfaces.nsITimerCallback).notify(null);

Deploying

Click on staging bucket :: gfx

The staged blocks should be shown with an option to Approve.

Approve :)