Closed
Bug 972642
Opened 10 years ago
Closed 10 years ago
Allow access to a mini-manifest with a token
Categories
(Marketplace Graveyard :: Reviewer Tools, enhancement, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
2014-02-25
People
(Reporter: andy+bugzilla, Assigned: robhudson)
References
Details
(Whiteboard: [feature])
When a reviewer hits the reviewer pages on Android, they will need to get a link to a mini-manifest that contains a token somewhere in the URL The token will be time limited and single use. The token should be relatively unguessable and placed somewhere for later requests, eg: in memcache. We can't feature detect that a user will be hitting the APK Factory so for the moment we'll have to detect that the client is Android and > version 29.
Comment 1•10 years ago
|
||
Note: that should be greater than *or equal to* version 29, as Fx29 includes the Synthetic APKs feature.
Comment 2•10 years ago
|
||
(In reply to Andy McKay [:andym] from comment #0) > We can't feature detect that a user will be hitting the APK Factory so for > the moment we'll have to detect that the client is Android and > version 29. how are we doing it for the consumer pages?
Reporter | ||
Comment 3•10 years ago
|
||
Do reviewers install from consumer pages as well the reviewer pages?
Comment 4•10 years ago
|
||
(In reply to Andy McKay [:andym] from comment #3) > Do reviewers install from consumer pages as well the reviewer pages? No. I assumed the same issue would occur for consumer apps but you clarified that it doesn't on IRC.
Assignee | ||
Comment 5•10 years ago
|
||
https://github.com/mozilla/zamboni/commit/01d1cca
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → 2014-02-25
Comment 6•10 years ago
|
||
(In reply to Rob Hudson [:robhudson] from comment #5) > https://github.com/mozilla/zamboni/commit/01d1cca If a token would be ignored for 'normal' installations (i.e. non apk'd, pre fx29) - and indications are it would - then couldn't we remove the UA version detection and just generate a token for every Android download?
Assignee | ||
Comment 7•10 years ago
|
||
(In reply to Andrew Williamson [:eviljeff] from comment #6) > (In reply to Rob Hudson [:robhudson] from comment #5) > > https://github.com/mozilla/zamboni/commit/01d1cca > > If a token would be ignored for 'normal' installations (i.e. non apk'd, pre > fx29) - and indications are it would - then couldn't we remove the UA > version detection and just generate a token for every Android download? I suppose we could. But if it's there already why make it less correct? Or do you feel the UA version detection makes things worse?
Comment 8•10 years ago
|
||
(In reply to Rob Hudson [:robhudson] from comment #7) > I suppose we could. But if it's there already why make it less correct? Or > do you feel the UA version detection makes things worse? yeah just trying to avoid the version detection where its not unavoidable.
Comment 9•10 years ago
|
||
Can you please add some specific STRs to this bug or mark it as [qa-] ?
Updated•10 years ago
|
Severity: normal → enhancement
Whiteboard: [feature]
You need to log in
before you can comment on or make changes to this bug.
Description
•