SummerOfCode/2013/SecurityReport/WeeklyUpdates/2013-07-01
From MozillaWiki
Contents
This Week
Monday, 01 July
- Added various Tabs in the Security Report Tool UI such as SSL, Mixed-Content, CORS, CSP.
Tuesday, 02 July
Security Report Tool Toolbox UI is shown in the following Figure:
After opening "https://csptest.computerist.org" website, CSP warnings generated by the website are captured in the Security Report Tool as shown in the following UI.
Wednesday, 03 July
- After discussing with mgoodwin, Freddyb and grobinson, I came to know that not all security related errors and warnings have observer notifications. Only CSP errors has observer notifications. To benefit both security report tool and security Panel its worth to add security related observer notifications.
- I used "http://mxr.mozilla.org/mozilla-central/" to get an overview of Firefox codebase. Its really a very useful service for developers that not only allows users to examine code without installing it but also makes searching of code a lot easier.
Thursday, 04 July
- To examine Firefox codebase (mozilla-central) I downloaded it from "hg.mozilla.org" using mercurial.
- To compile Firefox I installed all pre-requisites on my Linux Mint according to Build instruction on MDN.
- Using "./mach build" I compiled Firefox codebase and it took more that an hour to successfully compile code on my i5 2.5 GHz processor with 4 GB RAM.
- Reported a bug on Bugzilla "https://bugzilla.mozilla.org/show_bug.cgi?id=890224" to provide observer notifications for security related errors. This will help both Security Panel as well as Security Report Tool.
Friday, 05 July
- I did some trial and error on Firefox codebase such as add some code and recompile Firefox. Each recompilation of Firefox also took more than 45 mins on my laptop using "./mach build" command.
- "mxr.mozilla.org" was relly helped me to understand how to handle string variables in Firefox such as nsAString, nsACString, nsISupportsCString, etc.
