User:Manuel Bucher

From MozillaWiki
Jump to: navigation, search

I am a mozillian in the Privacy-Team. I'm a former Necko-Team member. I like improving docs when reading through them.

Quick links for Firefox: Security triage

Accumulated personal notes

My personal TODO-List for my outstanding documentation changes (where I don't have the time to do them immediately)/My non-trivially learned lessons about Firefox development:

ac_add_options --enable-debug
ac_add_options --enable-clang-plugin
#ac_add_options --disable-unified-build
ac_add_options --with-ccache=sccache
ac_add_options CCACHE=/home/user/.mozbuild/sccache/sccache
alias --save mb="mach build"
alias --save mbf="mach build faster"
alias --save mc="mach clobber"
alias --save mcb="mach clobber && mach build"
alias --save mr="mach run"
alias --save mrr='mach run --debugger=rr --debugger-args="record --disable-avx-512 --disable-cpuid-features-ext 0xfc230000,0x2c42,0xc"'
alias --save mt="mach test"
alias --save mtr='mach test --debugger=rr --debugger-args="record --disable-avx-512 --disable-cpuid-features-ext 0xfc230000,0x2c42,0xc"'
alias --save mp="moz-phab"
  • my bookmarks for address bar shortcuts:
Name URL Keyword
Searchfox https://searchfox.org/mozilla-central/search?path=&q=%s s
Bugzilla https://bugzilla.mozilla.org/buglist.cgi?quicksearch=%s b
Bugzilla bug https://bugzilla.mozilla.org/show_bug.cgi?id=%s bug
Phabricator patch https://phabricator.services.mozilla.com/%s p
RFCs datatracker https://datatracker.ietf.org/doc/html/rfc%s rfc
Tor Bug https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/%s tor

Fun code

  • Interesting workaround to have a public constructor, but not really [1]
class WorkerThread {
  // Using this struct we restrict access to the constructor while still being
  // able to use MakeSafeRefPtr.
  struct ConstructorKey {};

public:
  explicit WorkerThread(ConstructorKey);
}
  • A long function name indicating that this function must not be called in non-test code[2]
/**
 *  NOTE: This function is used only for testing!
 *
 *  @param aDisable If true, disable all security check and make
 *                  hasMatchingOverride always return true.
 */
void setDisableAllSecurityChecksAndLetAttackersInterceptMyData(in boolean aDisable);
  • backwards possible binary detection fun to read comment[3]
// Make sure to do a case-sensitive exact match comparison here.  Apache
// 1.x just sends text/plain for "unknown", while Apache 2.x sends
// text/plain with a ISO-8859-1 charset.  Debian's Apache version, just to
// be different, sends text/plain with iso-8859-1 charset.  For extra fun,
// FC7, RHEL4, and Ubuntu Feisty send charset=UTF-8.  Don't do general
// case-insensitive comparison, since we really want to apply this crap as
// rarely as we can.
  • Reason for socks proxy not being supported via system proxy settings on linux[4]
// Is there a way to specify "socks://" or something in these environment
// variables? I can't find any documentation.
if (!proxyURI->SchemeIs("http")) {
  return NS_ERROR_UNKNOWN_PROTOCOL;
}
def brrrrr(hosts, args)

Good documentation comments

https://searchfox.org/mozilla-central/rev/3840d8109501fbebdf22212165ea15a391280dcb/netwerk/ipc/DocumentChannel.h#32-39

DocumentChannel is a protocol agnostic placeholder nsIChannel implementation
that we use so that nsDocShell knows about a connecting load. It transfers
all data into a DocumentLoadListener (running in the parent process), which
will create the real channel for the connection, and decide which process to
load the resulting document in. If the document is to be loaded in the
current process, then we'll synthesize a redirect replacing this placeholder
channel with the real one, otherwise the originating docshell will be removed
during the process switch.

https://searchfox.org/mozilla-central/rev/3840d8109501fbebdf22212165ea15a391280dcb/netwerk/ipc/DocumentChannel.h#62-65

Will create the appropriate document channel:
Either a DocumentChannelChild if called from the content process or
a ParentProcessDocumentChannel if called from the parent process.
This operation is infallible.

Firefox Setting

AddOns:

Preferences:

Config:

  • toolkit.legacyUserProfileCustomizations.stylesheets true: to load userChrome/userContent
  • browser.compactmode.show true: to enable compact mode

Further customization:

  • chrome/userChrome.css
/* Hide horizontal tabs at the top of the window */
#tabbrowser-tabs { visibility: collapse !important; }
/* Hide the "Tree Style Tab" header at the top of the sidebar */
#sidebar-header { display: none; }
  • chrome/userContent.css
/* https://gist.github.com/boppreh/64f98fa499c946d3e38b2b852f9517fb */
/* Give a grey title to visited Youtube links */
@-moz-document domain(www.youtube.com)
{
    a:visited {
        color: grey !important;
    }
    
    a:visited > h3.ytd-compact-video-renderer {
        color: grey !important;
    }
    
    a:visited > yt-formatted-string {
        color: grey !important;
    }
}
  • Advanced css settings in TreeStyleTab:
/* Show title of unread tabs with red and italic font */
:root.sidebar tab-item.unread .label-content {
  color: red !important;
  font-style: italic !important;
}

/* Change tab height */
tab-item {
  --tab-size: 22px !important;
  height: var(--tab-size);
}

/* Add private browsing indicator per tab */
:root.sidebar tab-item.private-browsing tab-label:before {
  content: "🕶";
}

Networking component size

(roughly on 118.0a1 2023-08-03 https://hg.mozilla.org/mozilla-central/rev/1eb2f6905e74)

netwerk/$ fd {} | xargs cat | wc -l
  • Http2: 11276
  • Http3: 5219
  • HttpChannel: 24753
  • Channel: 61179
  • Transaction: 7973
  • Connection: 13077
  • ConnectionMgr: 5190
  • WebSocket: 9375