Closed
Bug 1274995
Opened 8 years ago
Closed 8 years ago
Block Add-on GUID {A34CAF42-A3E3-11E5-945F-18C31D5D46B0}
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
FIXED
| Tracking | Status | |
|---|---|---|
| firefox49 | --- | affected |
People
(Reporter: TheOne, Unassigned)
Details
Block {A34CAF42-A3E3-11E5-945F-18C31D5D46B0} 3.2.0 and earlier. For details, see:
https://addons.mozilla.org/en-US/editors/review/mococheck-wap-browser
|
Reporter | |
Comment 1•8 years ago
|
||
Yes, the developer has been contacted. The reasons for blocking this add-on: * Modifying important security preferences weakening the security of users. * Downgrading all iframes from https to http.
|
||
Comment 2•8 years ago
|
||
Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i1227 - the following preferences are reset also: * security.csp.enable * security.fileuri.strict_origin_policy * security.mixed_content.block_active_content
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
|
||
Comment 3•8 years ago
|
||
Is there a possibility to unblock the add-on by fixing the listed issues? I would like to upload a fix as a new version of the same add-on. Can I do that?
|
||
Comment 4•8 years ago
|
||
I have enabled your add-on page again. Please upload a new version and let us know when it's up so it can be looked at and the block adjusted.
|
|
||
Comment 5•8 years ago
|
||
Thanks a lot. I've uploaded a new version. Please, take a look.
|
|
Reporter | |
Comment 7•8 years ago
|
||
The questions raised in the review note have not been answered yet. Especially proxying almost all requests through http is concerning.
Flags: needinfo?(awagner)
|
|
||
Comment 8•8 years ago
|
||
Due to negative reviews, we've adjusted our product so we can send unchanged requests to a new proxy server. Requests originated in our product are still opened in a special window. Using the add-on, we're intercepting such requests and sending them to the proxy which handles them further. We are using proxyFilterService, but we've stumbled upon unresolveable issue, as far as we can see it at the moment. In applyFilter function, we do not have enough information about request origin so we can distinguish our requests from the others. We would like to know if there a possibility to get window object inside of proxyFilterService, or if we can get it on any layer below or above, so we can properly differentiate between the requests and send only ours to the proxy. Or, alternatively, if it is possible to change request somewhere in proxyFilterService or after, specifically GET parameters, without redirection and repeating the whole request cycle again. Or if we can access the headers... Or anything that can help us mark our request, or recognize it in some way inside proxyFilterService, without affecting its validity. Thanks a lot for your time, we're looking forward to hearing from you. Best regards!
|
|
||
Updated•8 years ago
|
Flags: needinfo?(awagner)
|
|
Reporter | |
Comment 9•8 years ago
|
||
Please direct development related questions to our forums http://discourse.mozilla-community.org/c/add-ons/ Thank you.
Flags: needinfo?(awagner)
|
|
||
Comment 10•8 years ago
|
||
OK, no problem, thank you a lot.
You need to log in
before you can comment on or make changes to this bug.
Description
•