Running Linux in the browser · 2011-05-17 18:50 by Wladimir Palant
Signing Firefox extensions with Python and M2Crypto · 2011-05-15 00:07 by Wladimir Palant
Sadly, signing Firefox extensions isn’t easy. I’ve seen people give up not having mastered even the very first step (install NSS). And after that you have to use its cryptic command line tools to set up a database, import your certificate into it as well as any intermediate or root certificates required, and then actually use signtool to sign your files. Java’s signtool is easier to handle but incompatible (though, I think the only real difference is that it doesn’t put zigbert.rsa first in the archive). So while rewriting my build scripts in Python I took it as a chance and implemented signing in Python using M2Crypto module. One of the advantages for me was that my build script can now package up the extension entirely in memory, without having to write out intermediate results for signing.
window.open method to verify that any calls are “legit”. Unfortunately, no matter what I try the webpage is able to detect that it is dealing with a proxy and not the real function.
Why you do not want to use the LOAD_ANONYMOUS flag · 2011-01-30 15:49 by Wladimir Palant
When you are creating a Firefox extension you don’t need to use browser’s default settings when downloading something, you can choose from a number of load flags defined on the nsIRequest interface instead. Some of them are really useful, e.g. the flags controlling caching. And then there is
LOAD_ANONYMOUS flag that sounds like a good idea for downloads of public files — after all, why should you allow cookies and such? Making user tracking possible isn’t the point here.
How does one approach an "unusual" memory leak? · 2011-01-06 18:05 by Wladimir Palant
Firefox memory usage used to be very stable for me, it reached 200 MB and stayed there. However, some time ago this changed and now I see memory usage close to 1 GB after using Firefox for a few days. This only seems to affect my main Firefox profile which doesn’t see too many changes. So I can name the primary suspects: a minor Firefox release or Adblock Plus 1.3. And I clearly don’t like seeing my extension on the suspects list, so I did everything I could to ensure that it isn’t leaking memory. However, neither Leak Monitor, nor leak gauge, nor direct code inspection did bring up anything suspicious.
Adblock Plus and Element Hiding Helper issues in current Firefox nightlies · 2010-10-18 12:01 by Wladimir Palant
How many hacks does it take to make your extension install without a restart? · 2010-09-10 15:50 by Wladimir Palant
Dave Townsend did some really great work on the add-on manager recently, he managed to completely rewrite the old crappy backend code and replace it with something far more sane. Along the way a new feature was added: starting with Firefox 4 some add-ons should be able to opt-in and install/uninstall without requiring a browser restart. This feature was primarily meant for JetPack-built extensions but is generally open to all other extensions as well. I tried enabling this feature for Adblock Plus and found that there is an awful number of catches attached to it.
How do users end up with a misconfigured certificate store? · 2010-07-27 17:18 by Wladimir Palant
I am out of ideas so maybe somebody knows more than me here. I noticed that some Adblock Plus users cannot download https://easylist.adblockplus.org/easylist.txt. Data from a different filter list which switched to HTTPS recently indicates that most of these clients cannot establish an HTTPS connection — most likely the certificate is rejected. I did a very rough estimate, we are talking about something like 0.3% of all Adblock Plus users. Which doesn’t sound like a lot but turns into tens of thousands users in absolute numbers.
Yes, Adblock Plus is broken in the current Minefield · 2010-07-02 17:04 by Wladimir Palant
I expect lots of reports on this issue so I better publish an explanation before that happens. Yes, starting with Minefield build 20100702 Adblock Plus won’t work any more — neither the stable version nor the development builds. This is due to huge changes in the Gecko platform which were announced a few weeks ago.