Firefox/RemoteSettings: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(Mention https://remote-settings.readthedocs.io)
(Update and add contact info)
Line 47: Line 47:
! Collection
! Collection
! Description
! Description
! Contact
|-
|Contextual Feature Recommendation
|<code>cfr</code>
|
|:nanj
|-
|Onboarding
|<code>onboarding</code>
|
|:nanj
|-
|-
|Activity Stream Tippytop
|Activity Stream Tippytop
|<code>tippytop</code>
|<code>tippytop</code>
|Hi-res icons for Topsites in Activity Stream
|Hi-res icons for Topsites in Activity Stream
|:nanj
|-
|-
|Focus experiments
|Focus experiments
|<code>focus-experiments</code>
|<code>focus-experiments</code>
|A/B testing of Focus features
|A/B testing of Focus features
|:sebastian
|-
|-
|Rocket releases
|Rocket releases
|<code>rocket-releases</code>
|<code>rocket-releases</code>
|Allows clients to track releases
|Allows clients to track releases
|:wesley_huang
|-
|-
|Rocket preferences
|Rocket preferences
|<code>rocket-prefs</code>
|<code>rocket-prefs</code>
|Preferences that can be remotely changed
|Preferences that can be remotely changed
|:wesley_huang
|}
|}


Line 72: Line 87:
! Collection
! Collection
! Description
! Description
! Contact
|-
|-
|Assets catalog
|Assets catalog
Line 77: Line 93:
|<code>catalog</code>
|<code>catalog</code>
|The goal is to remove the static assets (fonts, hyphenation dicts, etc.) from the distribution package and download them asynchronously using a remote catalog
|The goal is to remove the static assets (fonts, hyphenation dicts, etc.) from the distribution package and download them asynchronously using a remote catalog
|:sebastian
|-
|-
|Experiments
|Experiments
Line 82: Line 99:
|<code>experiments</code>
|<code>experiments</code>
|A/B testing of Fennec features
|A/B testing of Fennec features
|:sebastian
|}
|}


Line 93: Line 111:
! Collection
! Collection
! Description
! Description
! Contact
|-
|-
|Cert intermediates constraints
|Cert intermediates constraints
Line 98: Line 117:
|<code>intermediates</code>
|<code>intermediates</code>
|https://bugzilla.mozilla.org/show_bug.cgi?id=1361118
|https://bugzilla.mozilla.org/show_bug.cgi?id=1361118
|:mgoodwin
|}
|}


Line 107: Line 127:
! Collection
! Collection
! Description
! Description
! Contact
|-
|-
|Certificates pinning (HPKP)
|Certificates pinning (HPKP)
Line 112: Line 133:
|<code>pins</code>
|<code>pins</code>
|https://bugzilla.mozilla.org/show_bug.cgi?id=787133
|https://bugzilla.mozilla.org/show_bug.cgi?id=787133
|:mgoodwin
|}
|}


Line 124: Line 146:
! Collection
! Collection
! Description
! Description
! Contact
|-
|-
|OneCRL
|OneCRL
Line 129: Line 152:
|<code>certificates</code>
|<code>certificates</code>
|SSL certificates blocking / invalidation
|SSL certificates blocking / invalidation
|:mgoodwin
|-
|-
|Add-ons
|Add-ons
Line 134: Line 158:
|<code>addons</code>
|<code>addons</code>
|Malicious blocked extensions
|Malicious blocked extensions
|:jorgev
|-
|-
|Plugins
|Plugins
Line 139: Line 164:
|<code>plugins</code>
|<code>plugins</code>
|Unstable/malicious plugins
|Unstable/malicious plugins
|:jorgev
|-
|-
|Gfx
|Gfx
Line 144: Line 170:
|<code>gfx</code>
|<code>gfx</code>
|Unstable graphical drivers
|Unstable graphical drivers
|:bas.schouten
|}
|}


Revision as of 10:04, 6 September 2018

Firefox Remote Settings

Remote Settings is a Mozilla service that makes it easy to manage evergreen settings data in Firefox. Firefox/Kinto is used for syncing of data. A simple API is available in Firefox for accessing the synchronized data.

Key Features

  • Admin UI (generated from data schema)
  • Data history
  • Preview data (QA)
  • Sign-off (review)
  • File attachments
  • Email notifications
  • Content signature (Autograph integration)
  • Single endpoint for polling for changes
  • Client synchronization (diff based, local db)
  • Client Telemetry
  • Robust protocol (retry, precondition headers, backoff, …)
const { RemoteSettings } = ChromeUtils.import("resource://services-settings/remote-settings.js", {});

RemoteSettings("my-collection")
  .on("sync", (e) => {
    // e.data.current = [ Record, Record, ... ]
  });

Resources

about:remotesettings

A tool is available to diagnose remote settings synchronization and state. See https://github.com/leplatrem/aboutremotesettings

Use Cases

Main bucket

List Collection Description Contact
Contextual Feature Recommendation cfr :nanj
Onboarding onboarding :nanj
Activity Stream Tippytop tippytop Hi-res icons for Topsites in Activity Stream :nanj
Focus experiments focus-experiments A/B testing of Focus features :sebastian
Rocket releases rocket-releases Allows clients to track releases :wesley_huang
Rocket preferences rocket-prefs Preferences that can be remotely changed :wesley_huang

Fennec

List Bucket Collection Description Contact
Assets catalog fennec catalog The goal is to remove the static assets (fonts, hyphenation dicts, etc.) from the distribution package and download them asynchronously using a remote catalog :sebastian
Experiments fennec experiments A/B testing of Fennec features :sebastian

See https://bugzilla.mozilla.org/show_bug.cgi?id=1201059

Security state

List Bucket Collection Description Contact
Cert intermediates constraints security-state intermediates https://bugzilla.mozilla.org/show_bug.cgi?id=1361118 :mgoodwin

Certificates Pinning

List Bucket Collection Description Contact
Certificates pinning (HPKP) pinning pins https://bugzilla.mozilla.org/show_bug.cgi?id=787133 :mgoodwin


Blocklists

The goal is to replace the current system — based on a single XML file downloaded everyday — by several collections.

List Bucket Collection Description Contact
OneCRL blocklists certificates SSL certificates blocking / invalidation :mgoodwin
Add-ons blocklists addons Malicious blocked extensions :jorgev
Plugins blocklists plugins Unstable/malicious plugins :jorgev
Gfx blocklists gfx Unstable graphical drivers :bas.schouten

From AMO to Kinto

Blocklists used to be managed via the addons server.

Now, the blocklist XML is generated on the Kinto server and a lambda pulls the JSON and generates the Web pages shown at https://blocked.cdn.mozilla.net

Source code: https://github.com/mozilla-services/amo2kinto/

Transition from XML to RemoteSettings

Currently the blocklist system relies on a big XML file that is downloaded every day. It contains block entries for certificates to be revoked, addons and plugins to be disabled, and gfx environments that cause problems or crashes.

Firefox (and derivatives like Thunderbird, Seamonkey, ...) downloads it on an URL that contains client information (eg. https://blocklist.addons.mozilla.org/blocklist/3/%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D/44.0a1/)

  • phase 1: DONE: Both mechanisms run in parallel but only the legacy one will be used.
  • phase 2: DONE: The source of truth for blocklist is Kinto but produces the same XML as the legacy one.
  • phase 3: DONE: The nsBlocklistService should become asynchronous in order to be able to fetch info from remote settings local database
  • phase 4: Eventually, blocking mechanism will rely on RemoteSettings entirely and the old XML client will be decommissioned.
Retrieved from "https://wiki.mozilla.org/index.php?title=Firefox/RemoteSettings&oldid=1200648"