MozillaWiki

Firefox/RemoteSettings: Difference between revisions

Page Discussion

Firefox/RemoteSettings (view source)

Revision as of 15:16, 13 August 2020

3,063 bytes removed ,  13 August 2020
Remove info about AMO transition which is done
(Mention https://remote-settings.readthedocs.io)
(Remove info about AMO transition which is done)
 
(5 intermediate revisions by the same user not shown)
Line 14: Line 14:
* Single endpoint for polling for changes
* Single endpoint for polling for changes
* Client synchronization (diff based, local db)
* Client synchronization (diff based, local db)
* Client-side target filtering (JEXL a-la Normandy)
* Client Telemetry
* Client Telemetry
* Robust protocol (retry, precondition headers, backoff, …)
* Robust protocol (retry, precondition headers, backoff, …)
Line 31: Line 32:
* [https://firefox-source-docs.mozilla.org/main/latest/services/common/services/RemoteSettings.html API client docs] (How to use RemoteSettings in Gecko)
* [https://firefox-source-docs.mozilla.org/main/latest/services/common/services/RemoteSettings.html API client docs] (How to use RemoteSettings in Gecko)
* [https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=66655528 OPs and staff documentation]  (How to create new collections etc.)
* [https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=66655528 OPs and staff documentation]  (How to create new collections etc.)
* [https://docs.google.com/spreadsheets/d/1TogKspQnTPkYAKrZNZG3bf8MiETBm2lYHfl0wKd2BS4/edit List of Firefox features powered by RemoteSettings]
* [https://bugzilla.mozilla.org/buglist.cgi?product=Cloud%20Services&component=Server%3A%20Remote%20Settings&resolution=---&list_id=14124423 RemoteSettings server bugs list]
* [https://bugzilla.mozilla.org/buglist.cgi?product=Cloud%20Services&component=Server%3A%20Remote%20Settings&resolution=---&list_id=14124423 RemoteSettings server bugs list]
* [https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Remote%20Settings%20Client&resolution=---&list_id=14124425 RemoteSettings client bugs list]
* [https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Remote%20Settings%20Client&resolution=---&list_id=14124425 RemoteSettings client bugs list]
* [https://github.com/mozilla/remote-settings Project milestones]
* [https://github.com/mozilla/remote-settings Project milestones]


== about:remotesettings ==
== RemoteSettings DevTools ==


A tool is available to diagnose remote settings synchronization and state. See https://github.com/leplatrem/aboutremotesettings
An addon is available to diagnose remote settings synchronization and state. See https://github.com/mozilla/remote-settings-devtools
 
= Use Cases =
 
== Main bucket ==
 
{|class="wikitable"
! List
! Collection
! Description
|-
|Activity Stream Tippytop
|<code>tippytop</code>
|Hi-res icons for Topsites in Activity Stream
|-
|Focus experiments
|<code>focus-experiments</code>
|A/B testing of Focus features
|-
|Rocket releases
|<code>rocket-releases</code>
|Allows clients to track releases
|-
|Rocket preferences
|<code>rocket-prefs</code>
|Preferences that can be remotely changed
|}
 
== Fennec ==
 
{|class="wikitable"
! List
! Bucket
! Collection
! Description
|-
|Assets catalog
|<code>fennec</code>
|<code>catalog</code>
|The goal is to remove the static assets (fonts, hyphenation dicts, etc.) from the distribution package and download them asynchronously using a remote catalog
|-
|Experiments
|<code>fennec</code>
|<code>experiments</code>
|A/B testing of Fennec features
|}
 
See https://bugzilla.mozilla.org/show_bug.cgi?id=1201059
 
== Security state ==
 
{|class="wikitable"
! List
! Bucket
! Collection
! Description
|-
|Cert intermediates constraints
|<code>security-state</code>
|<code>intermediates</code>
|https://bugzilla.mozilla.org/show_bug.cgi?id=1361118
|}
 
== Certificates Pinning ==
 
{|class="wikitable"
! List
! Bucket
! Collection
! Description
|-
|Certificates pinning (HPKP)
|<code>pinning</code>
|<code>pins</code>
|https://bugzilla.mozilla.org/show_bug.cgi?id=787133
|}
 
 
== Blocklists ==
 
The goal is to replace the current system — based on a single XML file downloaded everyday — by several collections.
 
{|class="wikitable"
! List
! Bucket
! Collection
! Description
|-
|OneCRL
|<code>blocklists</code>
|<code>certificates</code>
|SSL certificates blocking / invalidation
|-
|Add-ons
|<code>blocklists</code>
|<code>addons</code>
|Malicious blocked extensions
|-
|Plugins
|<code>blocklists</code>
|<code>plugins</code>
|Unstable/malicious plugins
|-
|Gfx
|<code>blocklists</code>
|<code>gfx</code>
|Unstable graphical drivers
|}
 
=== From AMO to Kinto ===
 
Blocklists used to be managed via the addons server.
 
Now, the blocklist XML is generated on the Kinto server and a lambda pulls the JSON and generates the Web pages shown at https://blocked.cdn.mozilla.net
 
Source code: https://github.com/mozilla-services/amo2kinto/
 
=== Transition from XML to RemoteSettings ===
 
Currently the blocklist system relies on a big XML file that is downloaded every day. It contains block entries for certificates to be revoked, addons and plugins to be disabled, and gfx environments that cause problems or crashes.
 
Firefox (and derivatives like Thunderbird, Seamonkey, ...) downloads it on an URL that contains client information (eg. https://blocklist.addons.mozilla.org/blocklist/3/%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D/44.0a1/)
 
* '''phase 1: DONE''': Both mechanisms run in parallel but only the legacy one will be used.
* '''phase 2: DONE''': The source of truth for blocklist is Kinto but produces the same XML as the legacy one.
* '''phase 3: DONE''': The nsBlocklistService should become asynchronous in order to be able to fetch info from remote settings local database
* '''phase 4''': Eventually, [https://bugzilla.mozilla.org/show_bug.cgi?id=1257565 blocking mechanism will rely on RemoteSettings] entirely and the old XML client will be decommissioned.
Leplatrem
24

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1197638...1230046"