SummerOfCode/2012/UserCSP/WeeklyUpdates/2012-04-30

From MozillaWiki

< SummerOfCode‎ | 2012‎ | UserCSP

Revision as of 13:06, 4 May 2012 by Patilkr (talk | contribs) (→‎Friday, {{#time:d F|{{SUBPAGENAME}} +4 days}})

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

« previous week | index | next week »

This Week

Monday, 30 April

Reading Jetpack extension development APIs.

Tuesday, 01 May

Updated UserCSP extension GUI as per the suggestions from Tanvi. (In GUI of UserCSP extension: All input fields on the left and written rules on the right)

Wednesday, 02 May

Examine the code of third party sqlite module: "https://bitbucket.org/julianceballos/sqlite-jetpack/". This code helped me to understand, how Sqlite can be used in add-on that developed using Jetpack extension development framework.

Thursday, 03 May

Reading source code of CSP (Content Security Policy) implementation in Firefox. I read following files:

- http://mxr.mozilla.org/mozilla-central/source/content/base/src/nsCSPService.cpp

- http://mxr.mozilla.org/mozilla-central/source/content/base/src/contentSecurityPolicy.js

- http://mxr.mozilla.org/mozilla-central/source/content/base/public/nsIContentSecurityPolicy.idl

- http://mxr.mozilla.org/mozilla-central/source/content/base/src/CSPUtils.jsm#45

Friday, 04 May

UI of UserCSP add-on:

Figure: UserCSP add-on UI

Tabpanel of CSP directives: Each directive will have its own tab. Currently there are only three directives supported. Users can change to another CSP directive by clicking on its tab button. For example, to write rules for "object-src" CSP directive, click on "object-src" tab on the tab panel and write rules for object-src CSP directives.

Text field of "Enter Rule", allows user to type rules for the selected CSP directive.
"Add" button adds rule written by user to "User Specified Rule" list.

"Website Specified Rules" shows rules specified by the website for selected tab's directive. If website didn't specify any rules then it is empty.

If website specified CSP policy, then "Add to User Rule" button is useful for users to use some of those rules into their rule sets. User need to select a rule they want to use from "Website Specified Rules" list and click on "Add to User Rule" button to add all selected rules to "User Specified Rules" list.

The "User Specified Rules" contains rules specified by user.

The "Apply User Rules" button applies the "User Secified Rules" for the currently active website.

UI of UserCSP add-on:

Figure: UserCSP UI with dynamic UI to allow users to refine rules.

If website has specified CSP rules then "Refine Rules" button, "Refined Rules" label and "Apply refined Rules" button are shown on the UI dynamically.

"Refine Rules" button allows users to combine Website Specified Rules and User Specified Rules, and use aggregate of them. Exactly how this button will behave is not yet fully decided.

"Apply Refine Rules" button allows user to apply the result of "Refine Rules" action on the website.

Retrieved from "https://wiki.mozilla.org/index.php?title=SummerOfCode/2012/UserCSP/WeeklyUpdates/2012-04-30&oldid=427326"