Firefox/RemoteSettings: Difference between revisions
(fix import) |
(Link to latest dev docs) |
||
| Line 28: | Line 28: | ||
= Resources = | = Resources = | ||
* [https://firefox-source-docs.mozilla.org/services/common/services/RemoteSettings.html API client docs] (How to use RemoteSettings in Gecko) | * [https://firefox-source-docs.mozilla.org/main/latest/services/common/docs/services/RemoteSettings.html API client docs] (How to use RemoteSettings in Gecko) | ||
* [https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=66655528 OPs and staff documentation] (How to create new collections etc.) | * [https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=66655528 OPs and staff documentation] (How to create new collections etc.) | ||
* [https://bugzilla.mozilla.org/buglist.cgi?product=Cloud%20Services&component=Server%3A%20Remote%20Settings&resolution=---&list_id=14124423 RemoteSettings server bugs list] | * [https://bugzilla.mozilla.org/buglist.cgi?product=Cloud%20Services&component=Server%3A%20Remote%20Settings&resolution=---&list_id=14124423 RemoteSettings server bugs list] | ||
Revision as of 20:51, 2 July 2018
Firefox Remote Settings
Remote Settings is a Mozilla service that makes it easy to manage evergreen settings data in Firefox. Firefox/Kinto is used for syncing of data. A simple API is available in Firefox for accessing the synchronized data.
Key Features
- Admin UI (generated from data schema)
- Data history
- Preview data (QA)
- Sign-off (review)
- File attachments
- Email notifications
- Content signature (Autograph integration)
- Single endpoint for polling for changes
- Client synchronization (diff based, local db)
- Client Telemetry
- Robust protocol (retry, precondition headers, backoff, …)
const { RemoteSettings } = ChromeUtils.import("resource://services-settings/remote-settings.js", {});
RemoteSettings("my-collection")
.on("sync", (e) => {
// e.data.current = [ Record, Record, ... ]
});
Resources
- API client docs (How to use RemoteSettings in Gecko)
- OPs and staff documentation (How to create new collections etc.)
- RemoteSettings server bugs list
- RemoteSettings client bugs list
- Project milestones
about:remotesettings
A tool is available to diagnose remote settings synchronization and state. See https://github.com/leplatrem/aboutremotesettings
Use Cases
Main bucket
| List | Collection | Description |
|---|---|---|
| Activity Stream Tippytop | tippytop
|
Hi-res icons for Topsites in Activity Stream |
| Focus experiments | focus-experiments
|
A/B testing of Focus features |
Fennec
| List | Bucket | Collection | Description |
|---|---|---|---|
| Assets catalog | fennec
|
catalog
|
The goal is to remove the static assets (fonts, hyphenation dicts, etc.) from the distribution package and download them asynchronously using a remote catalog |
| Experiments | fennec
|
experiments
|
A/B testing of Fennec features |
See https://bugzilla.mozilla.org/show_bug.cgi?id=1201059
Security state
| List | Bucket | Collection | Description |
|---|---|---|---|
| Cert intermediates constraints | security-state
|
intermediates
|
https://bugzilla.mozilla.org/show_bug.cgi?id=1361118 |
Certificates Pinning
| List | Bucket | Collection | Description |
|---|---|---|---|
| Certificates pinning (HPKP) | pinning
|
pins
|
https://bugzilla.mozilla.org/show_bug.cgi?id=787133 |
Blocklists
The goal is to replace the current system — based on a single XML file downloaded everyday — by several collections.
| List | Bucket | Collection | Description |
|---|---|---|---|
| OneCRL | blocklists
|
certificates
|
SSL certificates blocking / invalidation |
| Add-ons | blocklists
|
addons
|
Malicious blocked extensions |
| Plugins | blocklists
|
plugins
|
Unstable/malicious plugins |
| Gfx | blocklists
|
gfx
|
Unstable graphical drivers |
From AMO to Kinto
Blocklists used to be managed via the addons server.
Now, the blocklist XML is generated on the Kinto server and a lambda pulls the JSON and generates the Web pages shown at https://blocked.cdn.mozilla.net
Source code: https://github.com/mozilla-services/amo2kinto/
Transition from XML to RemoteSettings
Currently the blocklist system relies on a big XML file that is downloaded every day. It contains block entries for certificates to be revoked, addons and plugins to be disabled, and gfx environments that cause problems or crashes.
Firefox (and derivatives like Thunderbird, Seamonkey, ...) downloads it on an URL that contains client information (eg. https://blocklist.addons.mozilla.org/blocklist/3/%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D/44.0a1/)
- phase 1: DONE: Both mechanisms run in parallel but only the legacy one will be used.
- phase 2: DONE: The source of truth for blocklist is Kinto but produces the same XML as the legacy one.
- phase 3: DONE: The nsBlocklistService should become asynchronous in order to be able to fetch info from remote settings local database
- phase 4: Eventually, blocking mechanism will rely on RemoteSettings entirely and the old XML client will be decommissioned.