Labs/Sigma: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(→‎Local State: preferences)
(unify type align center styling)
Line 17: Line 17:
|-
|-
! <tt>timestamp</tt>
! <tt>timestamp</tt>
| align="center" | <tt>Date (string)</tt>
| align=center | <tt>Date (string)</tt>
| Time when the manifest was created
| Time when the manifest was created
|-
|-
! <tt>uninstall</tt>
! <tt>uninstall</tt>
| align="center" | <tt>[strings]</tt>
| align=center | <tt>[strings]</tt>
| Array of add-on id strings to uninstall
| Array of add-on id strings to uninstall
|}
|}
Line 31: Line 31:
{| cellpadding=5
{| cellpadding=5
! <tt>hash</tt>
! <tt>hash</tt>
| <tt>string</tt>
| align=center | <tt>string</tt>
| Expected hash of the downloaded xpi structured as "<hash algorithm>:<hex hash value>" e.g., "sha256:a1b2c3..."
| Expected hash of the downloaded xpi structured as "<hash algorithm>:<hex hash value>" e.g., "sha256:a1b2c3..."
|-
|-
! <tt>id</tt>
! <tt>id</tt>
| <tt>string</tt>
| align=center | <tt>string</tt>
| Add-on id to check if it's already installed locally
| Add-on id to check if it's already installed locally
|-
|-
! <tt>url</tt>
! <tt>url</tt>
| <tt>string</tt>
| align=center | <tt>string</tt>
| URL to fetch the .xpi to install the add-on
| URL to fetch the .xpi to install the add-on
|-
|-
! <tt>version</tt>
! <tt>version</tt>
| <tt>string</tt>
| align=center | <tt>string</tt>
| Version of the add-on to check if the local version is already current
| Version of the add-on to check if the local version is already current
|}
|}

Revision as of 21:06, 12 October 2010

Sigma is a platform to automatically install Labs approved add-ons and keep them up-to-date. The user-facing name of this add-on is Labs Pack.

A manifest is hosted on https://sigma.mozillalabs.com/ that controls the add-on behavior such as installing/uninstalling add-ons and showing informational pages. The manifest is only followed if a number of security checks pass such as a signature check. Some state is stored locally on each client that affects the add-on behavior.

Manifest Structure

The manifest is a JSON file with file extension .json where the top level JS object has the following properties:

infoUrl string Information url to open in a tab if different from the previous infoUrl
install [objects] Array of add-on objects to install (see below)
timestamp Date (string) Time when the manifest was created
uninstall [strings] Array of add-on id strings to uninstall

Install Add-on Object

The install array contains add-on objects with the following structure:

hash string Expected hash of the downloaded xpi structured as "<hash algorithm>:<hex hash value>" e.g., "sha256:a1b2c3..."
id string Add-on id to check if it's already installed locally
url string URL to fetch the .xpi to install the add-on
version string Version of the add-on to check if the local version is already current

Manifest Signature

At the same level as the .json file, there must be a .sig file that contains the expected signature of the plain-text JSON manifest that is verified by the public key corresponding to the private key used to sign the manifest.

Local State

In addition to the state of installed add-ons managed by Firefox, Sigma tracks the following values as preferences under the pref-branch extensions.sigma.:

disabledIds [strings] Add-on ids of add-ons that were disabled when Sigma was disabled
infoUrl [strings] Information url from the last successful manifest (copied from the infoUrl property)
installIds [strings] Add-on ids from the last successful manifest (copied from the id property of the objects in the install property)
signature string Signature from the last successful manifest (copied from the .sig file)
test boolean User set preference to turn on testing against a test manifest/signature
timestamp Date (string) Timestamp from the last successful manifest (copied from the timestamp property)

Add-on Behavior

Retrieved from "https://wiki.mozilla.org/index.php?title=Labs/Sigma&oldid=260496"