MozillaWiki

Blocklisting/Admin: Difference between revisions

Page Discussion

Blocklisting/Admin (view source)

Revision as of 22:57, 27 January 2017

799 bytes removed ,  27 January 2017
Plugin blocks on kinto
(More kinto stuff)
(Plugin blocks on kinto)
Line 13: Line 13:
# Click on "Create" (or edit/delete icons if you need to change an existing record)
# Click on "Create" (or edit/delete icons if you need to change an existing record)
# Enter in the appropriate fields. Example below (see the current list<sup>1</sup> for more examples)
# Enter in the appropriate fields. Example below (see the current list<sup>1</sup> for more examples)
#* Keep the Enabled checkbox checked.
#* Keep the '''Enabled''' checkbox checked.
#* You'll generally want to enter the add-on ID, version range (0 to * to block all versions), and severity of the block.
#* You'll generally want to enter the '''Add-on ID''', '''Version Range''' (0 to * to block all versions), and '''Severity''' of the block.
#* The OS can be set to [https://developer.mozilla.org/en-US/docs/OS_TARGET any of these], but OS-specific blocks are rarely needed.
#* The '''OS''' can be set to [https://developer.mozilla.org/en-US/docs/OS_TARGET any of these], but OS-specific blocks are rarely needed.
#* The Target Application is only necessary for blocks that only target specific applications, which should also be very rare.
#* The '''Target Application''' is only necessary for blocks that only target specific applications, which should also be very rare.
#* The Preferences fields are used in case the add-on changed important Firefox preferences that need to be reset.
#* The '''Preferences''' fields are used in case the add-on changed important Firefox preferences that need to be reset.
#* The '''name''', '''why''', '''who''', and '''bug''' fields are shown to end users, so they need to be clear as to why the block was put in place and what options are available. If the extension being blocked is malware, add " (malware)" at the end of the name. '''bug''' should be a Bugzilla URL.
#* The '''name''', '''why''', '''who''', and '''bug''' fields are shown to end users, so they need to be clear as to why the block was put in place and what options are available. If the extension being blocked is malware, add " (malware)" at the end of the name. '''bug''' should be a Bugzilla URL.
# When done, click on '''Create Record'''. This saves the block in the '''staging''' bucket.
# When done, click on '''Create Record'''. This saves the block in the '''staging''' bucket.
# If you don't need to make more changes to the block, click on '''Request review''' back in the main bucket view. The block should be moved to the '''blocklists-preview''' bucket
# If you don't need to make more changes to the block, click on '''Request review''' back in the main bucket view. The block should be moved to the '''blocklists-preview''' bucket.
# Notify your reviewer/QA that the block is ready for testing.


<sup>1</sup> Data for the blocklist can be found in the [https://firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons/records public JSON endpoint], or on [https://addons.mozilla.org/en-US/firefox/blocked/ addons.mozilla.org].
<sup>1</sup> Data for the blocklist can be found in the [https://firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons/records public JSON endpoint], or on [https://addons.mozilla.org/en-US/firefox/blocked/ addons.mozilla.org].
Line 57: Line 58:
}
}
</pre>
</pre>
===Deploying===
===Deploying===
# Click on '''blocklist-preview bucket''' :: '''addons'''
# Click on '''blocklist-preview bucket''' :: '''addons'''


== Plugin blocks ==
== Plugin blocks ==
# Go to the [https://addons.mozilla.org/admin/models/blocklist/blocklistdetail/ blocklist detail page] and click on Add blocklist detail.
===Staging===
# Enter a clear name and descriptions for the block. End users will read these, so they need to be clear as to why the block was put in place and what options are available. If the extension being blocked is malware, add " (malware)" at the end of the name.
# Click on '''staging bucket''' :: '''plugins'''
#* See the [https://addons.mozilla.org/firefox/blocked/ Blocked Add-ons page] for examples.
# Click on "Create" (or edit/delete icons if you need to change an existing record)
# Set the Bug field to the blocklist bug. The bug should also have instructions for end users if the plugin is heavily used.
# Enter in the appropriate fields. Example below (see the current list<sup>1</sup> for more examples)
# In the Blocklist Plugin #1 section, set the identification criteria and Severity.
#* Keep the '''Enabled checkbox''' checked.
#* Plugins rarely have a GUID, so we use the filename field to identify plugins. Since filenames are OS-specific, the OS field is usually redundant.
#* Plugins are usually identified by their '''Filename'''. '''Name''' and '''Description''' regular expression matches are used when the '''Filename''' doesn't work. [http://mzl.la/SemegK Regexp Pal] is a good tool for testing regular expression blocks.
#* The OS can be set to [https://developer.mozilla.org/en-US/docs/OS_TARGET any of these].
#* The '''OS''' can be set to [https://developer.mozilla.org/en-US/docs/OS_TARGET any of these]. It's generally only needed for Linux blocks, since Linux and Android distributions use the same filename and plugins are never blocked on Android.
#* Plugin version numbers can also be tricky and inconsistent, specially on Linux, where the version number isn't properly detected. We generally use regular expressions in the Name or Descriptions to identify the versions to block.
#* The '''Version Range''' should always be set (0 to * to block all versions).
#* Regular expressions in plugins should be meticulously tested. [http://mzl.la/SemegK Regexp Pal] is a good tool for this.
#* The '''Severity''' should always be set to 0 (click to activate).
#* The Severity should be 1 for soft blocks and 3 for hard blocks. A severity set to 2 (reserved for a medium block), or no severity will also produce a hard block. To avoid ambiguity, these options shouldn't be used. Hard blocks should be limited to malware.
#* The '''Vulnerability status''' should be set depending on whether the latest version is being blocked or not.
#* A Severity set to 0 has different meanings depending on the vulnerability status value. If not set, it is an update prompt block. If set to 1 or 2, it means it's a click-to-play block (1 when there's a known fixed update, 2 when there isn't).
#* The '''OS''' can be set to [https://developer.mozilla.org/en-US/docs/OS_TARGET any of these], but OS-specific blocks are rarely needed.
To limit a block to a specific application versions, the detail can be added with an invalid filename, to keep it temporarily disabled. Then you can add a [https://addons.mozilla.org/admin/models/blocklist/blocklistapp/ blocklist app item] and link it to the detail item. Once that's done, the Severity or GUID can be set to their real values.
#* The '''Target Application''' is only necessary for blocks that only target specific applications, which should be very rare.
#* The '''name''', '''why''', '''who''', and '''bug''' fields are shown to end users, so they need to be clear as to why the block was put in place and what options are available. '''bug''' should be a Bugzilla URL.
# When done, click on '''Create Record'''. This saves the block in the '''staging''' bucket.
# If you don't need to make more changes to the block, click on '''Request review''' back in the main bucket view. The block should be moved to the '''blocklists-preview''' bucket.
# Notify your reviewer/QA that the block is ready for testing.


===XML Examples===
<sup>1</sup> Data for the blocklist can be found in the [https://firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/plugins/records public JSON endpoint], or on [https://addons.mozilla.org/en-US/firefox/blocked/ addons.mozilla.org].
This is how the different block types look in blocklist.xml.
===Testing===


Soft block on Mac OS (where version numbers work correctly):
===Deploying===
<pre><pluginItem  blockID="p85">
# Click on '''blocklist-preview bucket''' :: '''addons'''
  <match name="filename" exp="JavaPlugin2_NPAPI\.plugin" />
  <versionRange  minVersion="0" maxVersion="13.6.0" severity="1">
  </versionRange>
</pluginItem></pre>
 
Update prompt block:
<pre><pluginItem  blockID="p134">
  <match name="name" exp="Java\(TM\) Platform SE 7 U[5-6](\s[^\d\._U]|$)" />
  <match name="filename" exp="npjp2\.dll" />
  <versionRange  severity="0">
  </versionRange>
</pluginItem></pre>
 
Hard block with target application:
<pre><pluginItem  blockID="p27">
  <match name="name" exp="QuickTime Plug-in 7[.]1[.]" />
  <match name="filename" exp="npqtplugin.?[.]dll" />
  <versionRange >
    <targetApplication id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
      <versionRange  minVersion="3.0a1" maxVersion="3.*" />
    </targetApplication>
  </versionRange>
</pluginItem></pre>


== Graphics card blocks ==
== Graphics card blocks ==
Jorge.villalobos
canmove, Confirmed users
1,448

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1161270"