Extension Blocklisting:Code Design

From MozillaWiki
Jump to: navigation, search

Please comment in the Talk page (use the Discussion tab above)

Update model

  • Download a blocklist file on a timer (86400 default)
  • If items are newly blocklisted or unblocklisted, adjust the datasource appropriately and prompt to restart.
  • The blocklist file will be placed in the profile-dir.
  • Blocklist is _replaced_ on each update, not merged or otherwise combined.

Blocklist syntax

  • The blocklist file has a flexible xml syntax that will use default values for values that are not specified. All Extension Manager items must be children of emItems in order to ease the use of this file for additional blocklist items such as plugins that are not managed by the Extension Manager.

Examples: 

<blocklist xmlns="http://www.mozilla.org/2006/addons-blocklist">
  <emItems>
    <emItem id="item_1@domain">
      <prefs>
        <pref>test.pref1</pref>
        <pref>test.pref2</pref>
      </prefs>
      <versionRange minVersion="1.0" maxVersion="2.0.*" severity="3">
        <targetApplication id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
          <versionRange minVersion="1.5" maxVersion="1.5.*"/>
          <versionRange minVersion="1.7" maxVersion="1.7.*"/>
        </targetApplication>
        <targetApplication id="toolkit@mozilla.org">
          <versionRange minVersion="1.8" maxVersion="1.8.*"/>
        </targetApplication>
      </versionRange>
      <versionRange minVersion="3.0" maxVersion="3.0.*">
        <targetApplication id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
          <versionRange minVersion="1.5" maxVersion="1.5.*"/>
        </targetApplication>
        <targetApplication id="toolkit@mozilla.org">
          <versionRange minVersion="1.8" maxVersion="1.8.*"/>
        </targetApplication>
      </versionRange>
    </emItem>
    <emItem id="item_2@domain">
      <versionRange minVersion="3.1" maxVersion="4.*"/>
    </emItem>
    <emItem id="item_3@domain">
      <versionRange>
        <targetApplication id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
          <versionRange minVersion="1.5" maxVersion="1.5.*"/>
        </targetApplication>
      </versionRange>
    </emItem>
    <emItem id="item_4@domain">
      <versionRange>
        <targetApplication>
          <versionRange minVersion="1.5" maxVersion="1.5.*"/>
        </targetApplication>
      </versionRange>
    </emItem>
    <emItem id="item_5@domain"/>
    <emItem id="item_6@domain" os="WINNT,Darwin"/>
  </emItems>
  <pluginItems>
    <pluginItem>
      <!-- All match tags must match a plugin to blocklist a plugin -->
      <match name="name" exp="some plugin"/>
      <match name="description" exp="1[.]2[.]3"/>
      <match name="filename" exp=".*\.exe"/>
    </pluginItem>
    <pluginItem os="Linux" xpcomabi="x86_64-gcc3">
      <!-- All match tags must match a plugin to blocklist a plugin -->
      <match name="name" exp="some other plugin"/>
      <match name="description" exp="5[.]6[.]7"/>
      <match name="filename" exp="npplugin\.dll"/>
    </pluginItem>  
    <pluginItem>
      <match name="name" exp="some bad plugin"/>
      <versionRange severity="2">
        <targetApplication id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
          <versionRange minVersion="3.0" maxVersion="3.0.*"/>
        </targetApplication>
      </versionRange>
    </pluginItem>  
  </pluginItems>
</blocklist>

Examples Explained:

  • The item_1@domain Extension Manager item will be blocklisted if a version between 1.0 and 2.0.* (e.g. less than 2.1) is installed and the Firefox (e.g. id equal to {ec8030f7-c20a-464f-9b0e-13a3a9e97384}) version is between 1.5 and 1.5.* (e.g. less than 1.6), the Firefox version is between 1.7 and 1.7.* (e.g. less than 1.8), or the Toolkit version is between 1.8 and 1.8.* (e.g. less than 1.9). Also, the item_1@domain Extension Manager item will be blocklisted if a version between 3.0 and 3.0.* (e.g. less than 3.1) is installed and the Firefox (e.g. id equal to {ec8030f7-c20a-464f-9b0e-13a3a9e97384}) version is between 1.5 and 1.5.* (e.g. less than 1.6) or the Toolkit version is between 1.8 and 1.8.* (e.g. less than 1.9). The preferences test.pref1 and test.pref2 will get reset to their default values if the extension is blocked (by falling into one of the version range elements) and disabled.
  • The item_2@domain Extension Manager item will be blocklisted if a version between 3.1 and 4.* (e.g. less than 5) is installed for all versions of the current application.
  • All version of the item_3@domain Extension Manager item will be blocklisted if the Firefox (e.g. id equal to {ec8030f7-c20a-464f-9b0e-13a3a9e97384}) version is between 1.5 and 1.5.* (e.g. less than 1.6).
  • All versions of the item_4@domain Extension Manager item will be blocklisted if the current application version is between 1.5 and 1.5.* (e.g. less than 1.6).
  • All versions of the item_5@domain Extension Manager item will be blocklisted for all versions of the current application.
  • All versions of the item_6@domain Extension Manager item will be blocklisted for all versions of the current application, but only on Windows and OSX operating systems. The os attribute is a comma separated list of operating systems that the emItem is blocked for.
  • pluginItem is a blocklist entry for plugins, that do not have UUIDs that can be blocklisted. Since they do not have unique identifiers, they must be blocklisted with regular expressions used to pinpoint combinations of name, description, and filename. It makes the entry much simpler but a greedy regexp could spell doom for totally valid plugins so be careful, careful, careful.
  • The second pluginItem is blocked on Linux with x86_64-gcc3 architecture. Like os, xpcomabi is a comma separated list and matches against the XPCOM ABI of the application.
  • The third pluginItem is blocked only on Firefox versions 3-3.0.*
  • In Firefox 3.1 and higher a severity for the block may be specified on the versionRange element. This should be a value 0 to 3. If the value is equal or higher than a threshold set in the client (2 in Firefox 3.1) then the item will be blocked as normal. If the value is lower then the user will only be warned about the item and may choose to continue to use it. If no severity value exists then the maximum severity is used (3)

As can be seen it is possible to blocklist all version of an extension for all versions of an application as well as any combination of application id's along with version ranges for both the extension id and application id. Also, by not specifying a value and instead using the default value it is possible to lessen the size of the blocklist xml file. This is possible by using the following defaults:

  • minVersion = 0
  • maxVersion = *
  • targetApplication id = current application id

At first glance it may seem more appropriate to use a plain text file and parse delimited values. The draw back of this method are that extension id's and application id's would have to be specified multiple times whereas with this format we are able to specify each extension id one time only and each application id for an extension id one time only.

If an extension's metadata matches all of the conditions it will be blocklisted and no further checking for that extension will be performed. This allows handling of overlapping ranges though there has been no use case for supporting overlapping ranges.

Support for a targetApplication id of toolkit@mozilla.org has been added since this will be necessary after Bug 299716 is fixed.

We will be using individual blocklist files for each application in order to not penalize one application that has few or no blocklist items with the blocklist for an application that contains numerous blocklisted items.

Retrieved from "https://wiki.mozilla.org/index.php?title=Extension_Blocklisting:Code_Design&oldid=714081"