MozillaWiki

AMO:Editors/EditorGuide/AddonReviews: Difference between revisions

Page Discussion

AMO:Editors/EditorGuide/AddonReviews (view source)

Revision as of 02:44, 20 January 2011

5,945 bytes added ,  20 January 2011
Make tables somewhat less 1999.
(Make tables somewhat less 1999.)
Line 1: Line 1:
= Add-on Reviews<br> =
= Add-on Reviews  =


== The Queues<br> ==
== The Queues  ==


The add-on queues are sorted by waiting time, with the longest waiting add-on at the top. They show the same information for every pending review:<br>
The add-on queues are sorted by waiting time, with the longest waiting add-on at the top. They show the same information for every pending review:  


*Add-on name and version. This is a link to the add-on version review page.<br>
*Add-on name and version. This is a link to the add-on version review page.  
*Add-on type.<br>
*Add-on type.  
*Waiting time.<br>
*Waiting time.  
*Flags. At the moment the only possible flag is the Admin Review flag; it's the green add-on icon with a yellow warning sign on top. Only admin editors can review add-ons with this flag.<br>
*Flags. At the moment the only possible flag is the Admin Review flag; it's the green add-on icon with a yellow warning sign on top. Only admin editors can review add-ons with this flag.  
*Applications. Application icons of the applications this add-on supports.<br>
*Applications. Application icons of the applications this add-on supports.  
*Additional information. This can indicate if the add-on is platform-specific, site-specific, or requires external software.<br>
*Additional information. This can indicate if the add-on is platform-specific, site-specific, or requires external software.


If an add-on version is supported on more than one platform, but not all of them, an entry will appear in the queue for each platform. All entries link to the same review page.'''<br>'''
<br>  


'''You should always try to review the add-ons near the top of queue.''' Always favor the add-ons that have been waiting for the longest time. Having said that, the few add-ons that are at the very top and have been waiting for a much longer time than the rest (sometimes multiple days more than the next one) are likely to be add-ons that require special review from an admin editor, or are awaiting a response from the developer. Try to focus on the first 10 or 15 add-ons in the queues. There should be a couple there that you can review.<br>
'''You should always try to review the add-ons near the top of queue.''' Always favor the add-ons that have been waiting for the longest time. Having said that, the few add-ons that are at the very top and have been waiting for a much longer time than the rest (sometimes multiple days more than the next one) are likely to be add-ons that require special review from an admin editor, or are awaiting a response from the developer. Try to focus on the first 10 or 15 add-ons in the queues. There should be a couple there that you can review.  


== Performing a Review<br> ==
== Performing a Review  ==


Before getting started, here's an important legal note: reviews should not include checking for possible copyright or trademark violations and you should not take any action on an add-on because you suspect it copies code from others without permission or may otherwise infringe someone else's copyright or trademark. The DMCA is a law that gives us legal protection from being held responsible for copyright infringement by users who post content to our site, but only if our conduct qualifies us for such protection and we follow exactly the procedures laid out in the DMCA. Determining copyright or trademark infringement is complicated and you will not have enough information to make those determinations. We have a robust DMCA process where copyright or trademark holders can contact Mozilla legal to address any potential problems. More about this in a section below.
Before getting started, here's an important legal note: reviews should not include checking for possible copyright or trademark violations and you should not take any action on an add-on because you suspect it copies code from others without permission or may otherwise infringe someone else's copyright or trademark. The DMCA is a law that gives us legal protection from being held responsible for copyright infringement by users who post content to our site, but only if our conduct qualifies us for such protection and we follow exactly the procedures laid out in the DMCA. Determining copyright or trademark infringement is complicated and you will not have enough information to make those determinations. We have a robust DMCA process where copyright or trademark holders can contact Mozilla legal to address any potential problems. More about this in a section below.  


'''Editor Tour:''' Select a review in the queue and click on its link. This will take you to the add-on review page.<br>
'''Editor Tour:''' Select a review in the queue and click on its link. This will take you to the add-on review page.  


=== Possible resolutions<br> ===
=== Possible resolutions  ===


The grey box near the top of the review page shows the possible resolutions for a review.<br>
The grey box near the top of the review page shows the possible resolutions for a review.  


[[Image:Resolutions.png|center|Possible review resolutions]]  
[[Image:Resolutions.png|center|Possible review resolutions]]  
Line 30: Line 30:
Clicking on any of them will open a form below it.  
Clicking on any of them will open a form below it.  


The comments textbox is where you should write all of your review notes. There's also a canned response list below it, that contains useful reusable snippets of text for your notes. Selecting any of them will just add the text to the textbox. You can use as many as you need. Take some time to familiarize yourself with the canned response list. It can give you a good idea of the issues we frequently encounter and what we have to say about it.<br>
The comments textbox is where you should write all of your review notes. There's also a canned response list below it, that contains useful reusable snippets of text for your notes. Selecting any of them will just add the text to the textbox. You can use as many as you need. Take some time to familiarize yourself with the canned response list. It can give you a good idea of the issues we frequently encounter and what we have to say about it.  


You should normally use one of the first three resolutions:  
You should normally use one of the first three resolutions:  
Line 43: Line 43:
*Request Super-Review: this is for very special cases where you think an admin editor should review this add-on. It can be because you think there's some malicious intent from the author; in this case you should notify the mailing list about it. It can also be because you are aware Mozilla has received a DMCA notice about this add-on. It is critical that you do '''not''' try to resolve this issue yourself. Copyright complaints should be escalated to admins and, at most, you can point the person making the complaint to the Digital Millennium Copyright Act Notice section of our [http://www.mozilla.com/en-US/about/legal.html legal notices page] for an explanation of the protocol to follow. The add-on will remain in the queue, and in this case the comments aren't sent to the author. They're only readable from the review page.
*Request Super-Review: this is for very special cases where you think an admin editor should review this add-on. It can be because you think there's some malicious intent from the author; in this case you should notify the mailing list about it. It can also be because you are aware Mozilla has received a DMCA notice about this add-on. It is critical that you do '''not''' try to resolve this issue yourself. Copyright complaints should be escalated to admins and, at most, you can point the person making the complaint to the Digital Millennium Copyright Act Notice section of our [http://www.mozilla.com/en-US/about/legal.html legal notices page] for an explanation of the protocol to follow. The add-on will remain in the queue, and in this case the comments aren't sent to the author. They're only readable from the review page.


While you perform your review, you should be keeping notes of everything you noticed about the add-on: validator flags, errors in the error console, bugs, areas for improvement, etc. You can either use a note-taking program, or just type your notes in the comments textbox of the review page. Changing the resolution won't clear your notes. Just make sure you selected the right one when you're ready to submit!<br>
While you perform your review, you should be keeping notes of everything you noticed about the add-on: validator flags, errors in the error console, bugs, areas for improvement, etc. You can either use a note-taking program, or just type your notes in the comments textbox of the review page. Changing the resolution won't clear your notes. Just make sure you selected the right one when you're ready to submit!  


The sections below include tables with the recommended resolution for the most common situations. If there are many policy problems in a review, you must take the strictest of all required actions.
The sections below include tables with the recommended resolution for the most common situations. If there are many policy problems in a review, you must take the strictest of all required actions.  


'''Editor Tour:''' an admin editor should have given you a specific add-on to review. Also, don't submit your first review without admin approval!<br>
'''Editor Tour:''' an admin editor should have given you a specific add-on to review. Also, don't submit your first review without admin approval!  


=== Step 1: Review Add-on Info<br> ===
=== Step 1: Review Add-on Info  ===


The review page has most of the add-on metadata needed to begin the review.<br>
The review page has most of the add-on metadata needed to begin the review.  


==== Metadata  ====
==== Metadata  ====


The top section displays the add-on name, version, authors, categories and compatibility information. <br>
The top section displays the add-on name, version, authors, categories and compatibility information.  


The middle section includes lots of information that you should always read:<br>
The middle section includes lots of information that you should always read:  


*Nomination message: this is the message written by the author when the add-on was first nominated. It can contain important information about testing or source code availability.<br>
*Nomination message: this is the message written by the author when the add-on was first nominated. It can contain important information about testing or source code availability.  
*Notes to reviewer: also a note from the author to AMO Editors, but it can change for each version. It often contains information about the changes in this version.<br>
*Notes to reviewer: also a note from the author to AMO Editors, but it can change for each version. It often contains information about the changes in this version.  
*Summary, description, developer notes: the same data that appears in the public add-on page.<br>
*Summary, description, developer notes: the same data that appears in the public add-on page.  
*Version notes: this is very important when reviewing updates. It'll help you understand what the code changes are supposed to do.  
*Version notes: this is very important when reviewing updates. It'll help you understand what the code changes are supposed to do.  
*Privacy Policy and EULA: they must clearly state what the add-on does with private user data or any usage restrictions it may have.
*Privacy Policy and EULA: they must clearly state what the add-on does with private user data or any usage restrictions it may have.
Line 67: Line 67:
This should all give you a good picture of what the add-on does.  
This should all give you a good picture of what the add-on does.  


Below the descriptions you should see the add-on version review history. The review history contains all previous reviews peformed to the add-on, including the editor notes for each one of them. This is very valuable information, and you should always read at least the most recent reviews. <br>
Below the descriptions you should see the add-on version review history. The review history contains all previous reviews peformed to the add-on, including the editor notes for each one of them. This is very valuable information, and you should always read at least the most recent reviews.  


Editor comments are rarely used, but if there are any, you should read them. They are only used for internal communication between editors.<br>
Editor comments are rarely used, but if there are any, you should read them. They are only used for internal communication between editors.  


==== Policies and Actions<br> ====
==== Policies and Actions  ====


{| cellspacing="0" cellpadding="1" border="1" style="width: 650px; height: 393px;"
{| cellspacing="0" cellpadding="1" border="0" style="width: 650px; height: 393px;"
|+ <br>
|+  
|-
|-
! scope="col" | Policy<br>
! style="border-bottom: 2px solid black" scope="col" | Policy  
! scope="col" | Action<br>
! style="border-bottom: 2px solid black" scope="col" | Action  
! scope="col" | Notes<br>
! style="border-bottom: 2px solid black" scope="col" | Notes
|-
|- style="vertical-align: top;"
| Missing name in default locale<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Missing name in default locale  
| Request More Information<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Request More Information  
| Reject if the name is not updated after 3 days.<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject if the name is not updated after 3 days.
|-
|- style="vertical-align: top;"
| Missing information in descriptions, missing testing information<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Missing information in descriptions, missing testing information  
| Request More Information<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Request More Information  
| <br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |
|-
|- style="vertical-align: top;"
| Add-on name and code copied from very popular add-on (like Firebug or AdBlock Plus)<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Add-on name and code copied from very popular add-on (like Firebug or AdBlock Plus)  
| Admin Review / Notify mailing list<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review / Notify mailing list  
| These add-ons usually include some form of malicious code.<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | These add-ons usually include some form of malicious code.
|-
|- style="vertical-align: top;"
| Other copyright suspicions<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Other copyright suspicions  
| Ignore<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Ignore  
| We have a legal obligation *not* to take action unless the author of the original code files a DMCA complaint. If you see any malicious intent in the copied add-on, follow the same Action as the previous policy.<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | We have a legal obligation *not* to take action unless the author of the original code files a DMCA complaint. If you see any malicious intent in the copied add-on, follow the same Action as the previous policy.
|-
|- style="vertical-align: top;"
| Not compatible with the latest version of the application<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Not compatible with the latest version of the application  
| Add note<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Add note  
| <br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |
|-
|- style="vertical-align: top;"
| Missing Privacy Policy or EULA<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Missing Privacy Policy or EULA  
| Preliminary Review<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| These descriptions are necessary if the add-on handles user information remotely, or the user needs to agree to any terms in order to use the add-on.<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | These descriptions are necessary if the add-on handles user information remotely, or the user needs to agree to any terms in order to use the add-on.
|-
|- style="vertical-align: top;"
| Questionable add-on relevance<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Questionable add-on relevance  
| Preliminary Review<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| Carefully read the [[#Add-on_Relevance|Add-on Relevance]] section below.<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Carefully read the [[#Add-on_Relevance|Add-on Relevance]] section below.
|-
|- style="vertical-align: top;"
| Not following previous editor requests<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Not following previous editor requests  
| Preliminary Review<br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| <br>
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |
|}
|}


Line 132: Line 132:
=== Step 2: Automatic validation  ===
=== Step 2: Automatic validation  ===


We have a extensive set of static tests that identify common bad practices and possible security problems with add-on code. You must always run the code validator and inspect the results when performing a review.<br>
We have a extensive set of static tests that identify common bad practices and possible security problems with add-on code. You must always run the code validator and inspect the results when performing a review.  


The code validation link is located near the bottom of the review page, between the add-on descriptions and the review history.<br>
The code validation link is located near the bottom of the review page, between the add-on descriptions and the review history.  


[[Image:Validation-link.png|center|Add-on validation link]]<br>
[[Image:Validation-link.png|center|Add-on validation link]]  


Clicking on the link will take you to the validation page, where the automatic code validator will run for that version of the add-on and then the results will be displayed.<br>
Clicking on the link will take you to the validation page, where the automatic code validator will run for that version of the add-on and then the results will be displayed.  


The [https://addons.mozilla.org/en-US/firefox/pages/validation Validator Help Page] explains in detail what every possible warning means and how serious each is. Remember that for preliminary review, only security-sensitive warnings matter, like using eval for remote JS or any other form of privilege escalation.
The [https://addons.mozilla.org/en-US/firefox/pages/validation Validator Help Page] explains in detail what every possible warning means and how serious each is. Remember that for preliminary review, only security-sensitive warnings matter, like using eval for remote JS or any other form of privilege escalation.  


==== Policies and actions  ====
==== Policies and actions  ====
Line 150: Line 150:
! style="border-bottom: 2px solid black" scope="col" | Notes
! style="border-bottom: 2px solid black" scope="col" | Notes
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Missing file / Parse error / Validation error  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Missing file / Parse error / Validation error  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Obfuscated, minified or binary code  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Obfuscated, minified or binary code  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Obfuscated, minified or binary code, with original sources included in XPI or provided link  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Obfuscated, minified or binary code, with original sources included in XPI or provided link  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Add-ons with this type of code are not eligible for preliminary review.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Add-ons with this type of code are not eligible for preliminary review.
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using eval, Function() or setTimeout on remote code  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using eval, Function() or setTimeout on remote code  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Remote script insertion  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Remote script insertion  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Unprotected browser or iframe elements  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Unprotected browser or iframe elements  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Conduit add-on without [https://addons.mozilla.org/en-US/firefox/user/4959120 CONDUIT-AMO] as author  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Conduit add-on without [https://addons.mozilla.org/en-US/firefox/user/4959120 CONDUIT-AMO] as author  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Conduit add-on with [https://addons.mozilla.org/en-US/firefox/user/4959120 CONDUIT-AMO] as author  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Conduit add-on with [https://addons.mozilla.org/en-US/firefox/user/4959120 CONDUIT-AMO] as author  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | JS Library (like jQuery) included, but not in its original file / JS Library doesn't pass checksum validation  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | JS Library (like jQuery) included, but not in its original file / JS Library doesn't pass checksum validation  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Unicode characters (e.g. \u0060) in JS code  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Unicode characters (e.g. \u0060) in JS code  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Keep in mind these can be used inside strings. They're just not allowed to replace JS code characters, since they're usually meant to bypass the validator.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Keep in mind these can be used inside strings. They're just not allowed to replace JS code characters, since they're usually meant to bypass the validator.
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using eval, Function() or setTimeout on local code  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using eval, Function() or setTimeout on local code  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | One case that we accept is when eval is used to replace existing Firefox functions. This is very common for add-ons that change bookmarking or tabbing behavior. It is also allowed in known libraries like jQuery.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | One case that we accept is when eval is used to replace existing Firefox functions. This is very common for add-ons that change bookmarking or tabbing behavior. It is also allowed in known libraries like jQuery.
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using the codebase_principal_support preference or enablePrivilege function  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using the codebase_principal_support preference or enablePrivilege function  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Native object prototype extension / Using Prototype library  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Native object prototype extension / Using Prototype library  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Storing passwords or other sensitive user data in the preferences  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Storing passwords or other sensitive user data in the preferences  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Changing Firefox preferences without user consent  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Changing Firefox preferences without user consent  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | These include: network preferences, update system preferences, homepage, User Agent string.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | These include: network preferences, update system preferences, homepage, User Agent string.
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Changing security preferences, permissions, certificates (nsIX509CertDB)  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Changing security preferences, permissions, certificates (nsIX509CertDB)  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using nsIProcess  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using nsIProcess  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using JS c-types  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using JS c-types  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Theme includes JS code  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Theme includes JS code  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using Geolocation  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Using Geolocation  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Test  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Test  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Give Preliminary Review if the add-on doesn't ask the user before getting geolocation data. Approve if it does.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Give Preliminary Review if the add-on doesn't ask the user before getting geolocation data. Approve if it does.
|- style="vertical-align: top;"
|- style="vertical-align: top;"
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Localization errors  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Localization errors  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" | Ignore  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Ignore  
| style="padding: 1ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|}
|}


Most of the other validator flags are not that important, but they should still be fully read and understood. When in doubt, check the help page or ask in the mailing list.
Most of the other validator flags are not that important, but they should still be fully read and understood. When in doubt, check the help page or ask in the mailing list.  


=== Step 3: Code Review  ===
=== Step 3: Code Review  ===
Line 241: Line 241:
Every line of add-on code must be reviewed. The code validator can't detect all possible security or code quality issues, so we must always be in the lookout for bad code. For versions in the Preliminary Review queue, the code review should be shallow and just ensure the add-on's safety.  
Every line of add-on code must be reviewed. The code validator can't detect all possible security or code quality issues, so we must always be in the lookout for bad code. For versions in the Preliminary Review queue, the code review should be shallow and just ensure the add-on's safety.  


All review pages have a View Contents link that take you to the code browser page. Pending updates also have a Compare with Public Version link next to it, which will show you the code with the changed sections highlighted. These links appear near the top of the review page.<br>
All review pages have a View Contents link that take you to the code browser page. Pending updates also have a Compare with Public Version link next to it, which will show you the code with the changed sections highlighted. These links appear near the top of the review page.  


[[Image:View-contents-links.png|center|View contents links]]For updates, the compare link should be used. It can sometimes fail to work for very large add-ons. In that case, you can either review the full source code, or download the new and public files to your system and compare them using tools like [http://code.google.com/p/amo-editor-tools/source/browse/trunk/sh/xpidiff.sh xpidiff.sh] or [https://wiki.mozilla.org/AMO:Editors/WinMerge WinMerge].<br>
[[Image:View-contents-links.png|center|View contents links]]For updates, the compare link should be used. It can sometimes fail to work for very large add-ons. In that case, you can either review the full source code, or download the new and public files to your system and compare them using tools like [http://code.google.com/p/amo-editor-tools/source/browse/trunk/sh/xpidiff.sh xpidiff.sh] or [https://wiki.mozilla.org/AMO:Editors/WinMerge WinMerge].  


[[Image:Code-browser.png|center|Add-on code browser]]The box on the top left allows you to browse through the add-on code. You can drag this box from the title bar to any part of the page. Folders and JAR&nbsp;files appear highlighted in bold, and can be expanded by clicking on them. If a JAR file fails to expand, please notify it on the mailing list.<br>
[[Image:Code-browser.png|center|Add-on code browser]]The box on the top left allows you to browse through the add-on code. You can drag this box from the title bar to any part of the page. Folders and JAR&nbsp;files appear highlighted in bold, and can be expanded by clicking on them. If a JAR file fails to expand, please notify it on the mailing list.  


In the case of comparing updates, the files and folders that have had any changes will have their names in italics. The image above shows changes in all files and folders.<br>
In the case of comparing updates, the files and folders that have had any changes will have their names in italics. The image above shows changes in all files and folders.  


==== Policies and Actions  ====
==== Policies and Actions  ====


{| width="650" cellspacing="0" cellpadding="1" border="1"
{| width="650" cellspacing="0" cellpadding="1" border="0"
|-
|-
! scope="col" | Policy
! style="border-bottom: 2px solid black" scope="col" | Policy  
! scope="col" | Action
! style="border-bottom: 2px solid black" scope="col" | Action  
! scope="col" | Notes
! style="border-bottom: 2px solid black" scope="col" | Notes
|-
|- style="vertical-align: top;"
| Remote code download or execution, custom updates
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Remote code download or execution, custom updates  
| Reject  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| Add-ons should not download remote code in any way. They are free to interact with web APIs as long as all that is being transmitted is data, not code. Add-ons are allowed to insert local scripts into webpages (within reason), but are not allowed to insert remote scripts.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Add-ons should not download remote code in any way. They are free to interact with web APIs as long as all that is being transmitted is data, not code. Add-ons are allowed to insert local scripts into webpages (within reason), but are not allowed to insert remote scripts.
|-
|- style="vertical-align: top;"
| Security violations  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Security violations  
| Reject  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| Sending passwords in clear text or in GET requests. Using HTTP for logins or secure operations.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Sending passwords in clear text or in GET requests. Using HTTP for logins or secure operations.
|-
|- style="vertical-align: top;"
| Bad or no namespacing  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Bad or no namespacing  
| Preliminary Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| All scripts that are included in the main window overlay should have proper namespacing to avoid name conflicts with other add-ons. The name should normally correspond to the add-on name in order to guarantee its uniqueness.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | All scripts that are included in the main window overlay should have proper namespacing to avoid name conflicts with other add-ons. The name should normally correspond to the add-on name in order to guarantee its uniqueness.
|-
|- style="vertical-align: top;"
| Preference names without "extensions." prefix"  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preference names without "extensions." prefix"  
| Preliminary Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| Add-on preferences should use the "extensions." prefix, and should also have a reasonable namespace.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Add-on preferences should use the "extensions." prefix, and should also have a reasonable namespace.
|-
|- style="vertical-align: top;"
| Privacy issues
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Privacy issues  
| Preliminary Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| An add-on can claim to work with a popular website like Twitter, but then send the user data through some other site, most likely owned by the developer. There needs to be a justified reason to handle user data in this manner, and the privacy policy and add-on descriptions need to be very clear about this. Passwords should never be handled in this way, and they should only be transmitted directly to the original API provider.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | An add-on can claim to work with a popular website like Twitter, but then send the user data through some other site, most likely owned by the developer. There needs to be a justified reason to handle user data in this manner, and the privacy policy and add-on descriptions need to be very clear about this. Passwords should never be handled in this way, and they should only be transmitted directly to the original API provider.
|-
|- style="vertical-align: top;"
| Performance problems  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Performance problems  
| Preliminary Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| Synchronous requests, inefficient code, multiple overlay scripts with lots of code.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Synchronous requests, inefficient code, multiple overlay scripts with lots of code.
|-
|- style="vertical-align: top;"
| Not using prefwindow for preferences  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Not using prefwindow for preferences  
| Add Note  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Add Note  
| If an add-on has a preferences window, we recommend that authors do 2 things: 1) use the ''prefwindow'' element, 2) add the line in install.rdf that enables this window to be opened from the Add-ons Manager window.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | If an add-on has a preferences window, we recommend that authors do 2 things: 1) use the ''prefwindow'' element, 2) add the line in install.rdf that enables this window to be opened from the Add-ons Manager window.
|-
|- style="vertical-align: top;"
| Bootstrapped Add-on doesn't clean up after itself  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Bootstrapped Add-on doesn't clean up after itself  
| Preliminary Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
| See section on [[AMO:Editors/EditorGuide/SpecialAddonTypes#Bootstrapped_.28Restartless.29_Add-ons|Bootstrapped Add-on policies]].
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | See section on [[AMO:Editors/EditorGuide/SpecialAddonTypes#Bootstrapped_.28Restartless.29_Add-ons|Bootstrapped Add-on policies]].
|}
|}


In general you should apply your judgement and try to identify code that may appear suspicious or out of place. Try to understand what everything does and how it all fits together.<br>
In general you should apply your judgement and try to identify code that may appear suspicious or out of place. Try to understand what everything does and how it all fits together.  


By the end of the code review, you may have a series of notes that will require the add-on to be significantly rewritten. If you think that's the case, it's OK to resolve the review without proceeding with the next step. If the add-on needs work but is safe to use, it can be given a preliminary review approval without performing any testing.
By the end of the code review, you may have a series of notes that will require the add-on to be significantly rewritten. If you think that's the case, it's OK to resolve the review without proceeding with the next step. If the add-on needs work but is safe to use, it can be given a preliminary review approval without performing any testing.  


=== Step 4: Feature Review<br> ===
=== Step 4: Feature Review  ===


The last step in a review is to install and test the add-on.  
The last step in a review is to install and test the add-on.  
Line 311: Line 311:
**[https://addons.mozilla.org/en-US/firefox/addon/2490 Leak Monitor] to detect some types of memory leak. See [https://wiki.mozilla.org/MozillaQualityAssurance:Home_Page:Firefox_3.0_TestPlan:Leaks:LeakTesting-How-To#Leak_Gauge Leak Gauge] for a more general solution.  
**[https://addons.mozilla.org/en-US/firefox/addon/2490 Leak Monitor] to detect some types of memory leak. See [https://wiki.mozilla.org/MozillaQualityAssurance:Home_Page:Firefox_3.0_TestPlan:Leaks:LeakTesting-How-To#Leak_Gauge Leak Gauge] for a more general solution.  
*To test Fennec add-ons, you'll need to [https://wiki.mozilla.org/Fennec#Test_Builds install Fennec]. It is preferred that you test in a supported mobile device. If a Fennec nomination has been waiting for long, it's OK to test with the desktop XULRunner application.  
*To test Fennec add-ons, you'll need to [https://wiki.mozilla.org/Fennec#Test_Builds install Fennec]. It is preferred that you test in a supported mobile device. If a Fennec nomination has been waiting for long, it's OK to test with the desktop XULRunner application.  
*For online malware scanning, you can use [http://www.virustotal.com/ Virus Total], [http://www.kaspersky.com/scanforvirus Kaspersky online scan] and [http://virusscan.jotti.org Jotti online scan]. AMO performs virus checks, and binary add-ons should be admin-reviewed anyway, but if you suspect anything, those are good places to use.<br>
*For online malware scanning, you can use [http://www.virustotal.com/ Virus Total], [http://www.kaspersky.com/scanforvirus Kaspersky online scan] and [http://virusscan.jotti.org Jotti online scan]. AMO performs virus checks, and binary add-ons should be admin-reviewed anyway, but if you suspect anything, those are good places to use.


==== Installing and testing<br> ====
==== Installing and testing  ====


Add-ons are normally cross-platform, so there will only be a single file to review, linked with the name ''ALL'' (as in all platforms). If the add-on is offered for a limited number of platforms, there will be individual links for each one of them. In this case all supported platforms should be tested.<br>
Add-ons are normally cross-platform, so there will only be a single file to review, linked with the name ''ALL'' (as in all platforms). If the add-on is offered for a limited number of platforms, there will be individual links for each one of them. In this case all supported platforms should be tested.  


Regarding applications, you don't need to test the add-on for all applications it supports. If the add-on supports Firefox and others, it's OK to only test on Firefox. If, however, an add-on update introduces Fennec or other application support, the add-on should be tested on it. The applications we support for reviews are listed on [https://addons.mozilla.org/en-US/firefox/pages/appversions this page].  
Regarding applications, you don't need to test the add-on for all applications it supports. If the add-on supports Firefox and others, it's OK to only test on Firefox. If, however, an add-on update introduces Fennec or other application support, the add-on should be tested on it. The applications we support for reviews are listed on [https://addons.mozilla.org/en-US/firefox/pages/appversions this page].  


The link points directly to the add-on file.<br>
The link points directly to the add-on file.  


=== [[Image:Install-link.png|center|Install link]]Policies and actions <br> ===
=== [[Image:Install-link.png|center|Install link]]Policies and actions ===


{| width="650" cellspacing="0" cellpadding="1" border="1"
{| width="650" cellspacing="0" cellpadding="1" border="0"
|-
|-
! scope="col" | Policy
! style="border-bottom: 2px solid black" scope="col" | Policy  
! scope="col" | Action
! style="border-bottom: 2px solid black" scope="col" | Action  
! scope="col" | Notes
! style="border-bottom: 2px solid black" scope="col" | Notes
|-
|- style="vertical-align: top;"
| Security violations
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Security violations  
| Reject
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Reject  
| Adding HTTP content to secure pages. Visit HTTPS sites like addons.mozilla.org and make sure the identity button is unchanged. This is specially important for add-on that insert scripts into sites.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Adding HTTP content to secure pages. Visit HTTPS sites like addons.mozilla.org and make sure the identity button is unchanged. This is specially important for add-on that insert scripts into sites.  
[[Image:Identity-button.png|center|Identity button]]  
[[Image:Identity-button.png|center|Identity button]]  
|-
 
| [https://addons.mozilla.org/en-US/developers/docs/policies/reviews#section-defaults No Surprises] violation
|- style="vertical-align: top;"
| Preliminary Review
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | [https://addons.mozilla.org/en-US/developers/docs/policies/reviews#section-defaults No Surprises] violation  
| Changing homepage, default search provider, including unexpected ads or content changes without explicit user opt-in.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
|-
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Changing homepage, default search provider, including unexpected ads or content changes without explicit user opt-in.
| Privacy violations
|- style="vertical-align: top;"
| Preliminary Review
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Privacy violations  
| Incorrect or insufficient privacy policies, not respecting Private Mode.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
|-
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Incorrect or insufficient privacy policies, not respecting Private Mode.
| Showing a modal dialog at startup
|- style="vertical-align: top;"
| Preliminary Review
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Showing a modal dialog at startup  
| Many add-ons open dialogs or new tabs at startup, mostly offering information on getting started. This is useful, but it shouldn't block the user from using the browser. Opening modal (blocking) dialogs at startup is not allowed. Non-modal dialogs, separate windows or new tabs are allowed.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
|-
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Many add-ons open dialogs or new tabs at startup, mostly offering information on getting started. This is useful, but it shouldn't block the user from using the browser. Opening modal (blocking) dialogs at startup is not allowed. Non-modal dialogs, separate windows or new tabs are allowed.
| Errors in the Error Console
|- style="vertical-align: top;"
| Preliminary Review
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Errors in the Error Console  
|  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
|-
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| Add-on is very hard to use without instructions
|- style="vertical-align: top;"
| Preliminary Review
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Add-on is very hard to use without instructions  
| If the add-on is difficult to use, there should be instructions included in the add-on descriptions, or in a startup page or window.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
|-
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | If the add-on is difficult to use, there should be instructions included in the add-on descriptions, or in a startup page or window.
| Toolbar buttons are not customizable
|- style="vertical-align: top;"
| Preliminary Review
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Toolbar buttons are not customizable  
|  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
|-
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| Affiliate linking  
|- style="vertical-align: top;"
| Preliminary Review
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Affiliate linking  
| See details below.
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
|-
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | See details below.
| Uses Geolocation without asking the user  
|- style="vertical-align: top;"
| Preliminary Review
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Uses Geolocation without asking the user  
|  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Preliminary Review  
|-
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
| Requires third party software or paid registration  
|- style="vertical-align: top;"
| Admin Review
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Requires third party software or paid registration  
|  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" | Admin Review  
| style="padding: .5ex 1ex 1ex 0; border-bottom: 1px solid black;" |  
|}
|}


Other tests to perform:
Other tests to perform:  
*Visit a very simple website like example.org and inspect its DOM, looking for any changes. Again, this is particularly important for extensions that insert scripts or make DOM changes.<br>
 
*Open the add-on's preferences window, from the Add-ons Manager and elsewhere, and verify that preference changes apply properly. Make sure the window fits all of its contents (a common problem in Mac OS).<br>
*Visit a very simple website like example.org and inspect its DOM, looking for any changes. Again, this is particularly important for extensions that insert scripts or make DOM changes.  
*Test all add-on features, within reason. If there too many, focus on the main features.<br>
*Open the add-on's preferences window, from the Add-ons Manager and elsewhere, and verify that preference changes apply properly. Make sure the window fits all of its contents (a common problem in Mac OS).  
*Test all add-on features, within reason. If there too many, focus on the main features.  
*Affiliate linking. Some add-ons add affiliate codes to Amazon links (or similar) in order to make money. At the moment we allow this as long as (1) the add-on follows the No Surprises policy, (2) the feature doesn't replace or remove any existing affiliate codes, (3) the affiliate codes aren't inserted in the merchant website's links (inserting Amazon affiliate codes in Amazon.com pages).
*Affiliate linking. Some add-ons add affiliate codes to Amazon links (or similar) in order to make money. At the moment we allow this as long as (1) the add-on follows the No Surprises policy, (2) the feature doesn't replace or remove any existing affiliate codes, (3) the affiliate codes aren't inserted in the merchant website's links (inserting Amazon affiliate codes in Amazon.com pages).


=== Step 5: Resolution<br> ===
=== Step 5: Resolution  ===


Choose the appropriate resolution and include all of your notes. Make sure you use a corteous and professional tone, and be as helpful as you can when pointing out problems or areas for improvement. If you are pushing the add-on public, thank the author for the time and effort they have put in. Once you're ready, click the ''Process Action'' button.<br>
Choose the appropriate resolution and include all of your notes. Make sure you use a corteous and professional tone, and be as helpful as you can when pointing out problems or areas for improvement. If you are pushing the add-on public, thank the author for the time and effort they have put in. Once you're ready, click the ''Process Action'' button.  


The submission of the review form can fail for a number of reasons, so it is highly recommended that you copy of your notes to the clipboard before you click on the submit button. You can also use add-ons like [https://addons.mozilla.org/en-US/firefox/addon/5761 Textarea Cache] for this.  
The submission of the review form can fail for a number of reasons, so it is highly recommended that you copy of your notes to the clipboard before you click on the submit button. You can also use add-ons like [https://addons.mozilla.org/en-US/firefox/addon/5761 Textarea Cache] for this.  


'''Editor tour:''' remember to ask the admin editor to review your response before sending it.
'''Editor tour:''' remember to ask the admin editor to review your response before sending it.  


[[AMO:Editors/EditorGuide/MailingList|Next: The Mailing List]]
[[AMO:Editors/EditorGuide/MailingList|Next: The Mailing List]]
Kmaglione
Account confirmers, Confirmed users
126

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/278645"