Blocklisting/Admin: Difference between revisions

Jump to navigation Jump to search

Blocklisting/Admin (view source)

Revision as of 22:23, 27 January 2017

2,137 bytes removed ,  27 January 2017
Doing some refactoring for the kinto instructions
(Doing some refactoring for the kinto instructions)
Line 1: Line 1:
Blocklist entries are added through the AMO Admin Tools. Only authorized members of the Add-ons Team can manipulate the blocklist.
Blocklist entries are added through the Kinto Web Administration tool. Only authorized members of the Add-ons Team can manipulate the blocklist.


== Extension blocks ==
# Login via the [https://settings-writer.prod.mozaws.net/v1/admin/ Kinto admin page] (VPN connection is required)
# '''Authentication method''': Basic Auth
# '''Username''': jdoe@mozilla.com. This is your full LDAP email address.
# '''Password''': your_ldap_password


# Go to the [https://addons.mozilla.org/admin/models/blocklist/blocklistdetail/ blocklist detail page] and click on Add blocklist detail.
All blocks are first created in the '''staging''' bucket, are later moved to the '''blocklist-preview''' bucket for testing and review, and then deployed to the final '''blocklists''' bucket.
# Enter a clear name and descriptions for the block. End users will read these, so they need to be clear as to why the block was put in place and what options are available. If the extension being blocked is malware, add " (malware)" at the end of the name.
#* See the [https://addons.mozilla.org/firefox/blocked/ Blocked Add-ons page] for examples.
# Set the Bug field to the blocklist bug. The bug should also have instructions for end users if the extension is heavily used.
# In the Blocklist Item #1 section, set the add-on GUID, version range (0 to * to cover all versions) OS and Severity.
#* The OS can be set to [https://developer.mozilla.org/en-US/docs/OS_TARGET any of these].
#* The Severity should be 1 for soft blocks and 3 for hard blocks. A severity set to 2 (reserved for a medium block), or no severity will also produce a hard block. To avoid ambiguity, these options shouldn't be used. Hard blocks should be limited to malware.
To limit a block to a specific application versions, the detail can be added with a Severity set to 0, or an invalid GUID, to keep it temporarily disabled. Then you can add a [https://addons.mozilla.org/admin/models/blocklist/blocklistapp/ blocklist app item] and link it to the detail item. Once that's done, the Severity or GUID can be set to their real values.


===XML Examples===
== Extension blocks ==
This is how the different block types look in blocklist.xml.
===Staging===
 
# Click on '''staging bucket''' :: '''addons'''
Soft block:
<pre><emItem  blockID="i20" id="{AB2CE124-6272-4b12-94A9-7303C7397BD1}">
  <versionRange  minVersion="0.1" maxVersion="5.2.0.7164" severity="1">
  </versionRange>
</emItem></pre>
 
Soft block with target application:
<pre><emItem  blockID="i23" id="firefox@bandoo.com">
  <versionRange  minVersion="5.0" maxVersion="5.0" severity="1">
    <targetApplication  id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
      <versionRange  minVersion="3.7a1pre" maxVersion="*" />
    </targetApplication>
  </versionRange>
</emItem></pre>
 
Hard block:
<pre><emItem  blockID="i73" id="a1g0a9g219d@a1.com">
  <versionRange  minVersion="0" maxVersion="*" severity="3">
  </versionRange>
</emItem></pre>
 
== Extension blocks (DRAFT KINTO VERSION) ==
 
# Login via the [https://settings-writer.prod.mozaws.net/v1/admin/ Kinto admin page] (VPN is required)
## '''Server''': https://settings-writer.prod.mozaws.net/v1/admin/
## '''Authentication method''': Basic Auth
## '''Username''': jdoe@mozilla.com ''//this is your full LDAP email address''
## '''Password''': your_ldap_password
# Click on '''blocklist bucket''' :: '''addons'''
# Click on "Create" (or edit/delete icons if you need to change an existing record)
# Click on "Create" (or edit/delete icons if you need to change an existing record)
# Enter in the appropriate fields. Example below (see the current list<sup>1</sup> for more examples)
# Enter in the appropriate fields. Example below (see the current list<sup>1</sup> for more examples)
## '''guid''':
#* Keep the Enabled checkbox checked.
## '''id''':
#* You'll generally want to enter the add-on ID, version range (0 to * to block all versions), and severity of the block.
## '''versionRange''': The Firefox version range this should hit (0 to * to cover all versions)
#* The OS can be set to [https://developer.mozilla.org/en-US/docs/OS_TARGET any of these], but OS-specific blocks are rarely needed.
## '''who''': All users who have Savogram version 1.3.2 installed[...]
#* The Target Application is only necessary for blocks that only target specific applications, which should also be very rare.
## '''bug''': "https://bugzilla.mozilla.org/show_bug.cgi?id=1328594"
#* The Preferences fields are used in case the add-on changed important Firefox preferences that need to be reset.
## '''name''': Savogram 1.3.2
#* The '''name''', '''why''', '''who''', and '''bug''' fields are shown to end users, so they need to be clear as to why the block was put in place and what options are available. If the extension being blocked is malware, add " (malware)" at the end of the name. '''bug''' should be a Bugzilla URL.
## '''why''': Version 1.3.2 of this add-on loads remote code and performs DOM injection in an unsafe manner.
# Information on the workflow funnel goes here
# Information on publishing goes here


<sup>1</sup> Data for the blocklist can be found in the [https://firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons/records public JSON endpoint], or on [https://addons.mozilla.org/en-US/firefox/blocked/ addons.mozilla.org].
<sup>1</sup> Data for the blocklist can be found in the [https://firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons/records public JSON endpoint], or on [https://addons.mozilla.org/en-US/firefox/blocked/ addons.mozilla.org].
===Testing===


<sup>2</sup> '''[Still valid?]''' To limit a block to a specific application versions, the detail can be added with a Severity set to 0, or an invalid GUID, to keep it temporarily disabled. Then you can add a [https://addons.mozilla.org/admin/models/blocklist/blocklistapp/ blocklist app item] and link it to the detail item. Once that's done, the Severity or GUID can be set to their real values.
====JSON Example====
 
===JSON Example===


<pre>
<pre>
Line 92: Line 55:
}
}
</pre>
</pre>
===Deploying===


== Plugin blocks ==
== Plugin blocks ==
Jorge.villalobos
canmove, Confirmed users
1,448

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1161264"

Navigation menu