SummerOfCode/2012/UserCSP/WeeklyUpdates/2012-07-23

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

This Week

Monday, 23 July

  • Fix bug in combine loose feature in add-on.
 Combine loose feature in the add-on takes CSP rules for each directive and applies UNION of them. 
However, if website specifies 'none' for a CSP directive and user specifies 'self' for a directive then combine loose was showing both 'none' and 'self'. Whereas it should show only 'self'. 
Similarly between '*' and 'none' it should take '*'. 

Between '*' and 'self' it should take '*'. 

And between '*' and 'self' it should take '*'.

Tuesday, 24 July

  • User input filtering is performed.

If user enters self then it is converted to 'self'. Similarly, if user enters none it is converted to 'none'

Wednesday, 25 July

  • Created GitHub account
** userCSP code uploaded on GitHub. URL: https://github.com/patilkr/userCSP

Thursday, 26 July

  • According to the suggestion from mentor, for better usability add-on UI is changed.
 In old UI of add-on, combine Loose and combine Strict were shown only one at a time. They were sharing the space in the UI. Therefore, users can see only combine Strict or Combine Loose rule at a time. 
 Now, in new version of UI, we gave a space for both strict and loose. So users can see both (Combine Strict and Combine Loose) rules. 
  Furthermore, old UI of add-on had enable of disable policy for user rules. In New UI we gave option to all types of rules, such as Website CSP rules, User specified CSP rules, Combine Strict Rules and Combine Loose Rules.  However, only one of them will be active at a time. When user selects any one of the rule from above four rules, others automatically toggle their states to off.

Friday, 27 July

  • Added "scheme" information to domain name list.
In domain drop down box, only host name was shown. For example, for the website "http://www.google.co.in"  only "www.google.co.in" was shown in the domain drop down list in the add-on UI. 
Now, I added scheme information as well. Therefore, now in domain drop down list in the add-on UI shows "http://www.google.co.in" rather than only showing "www.google.co.in".