Closed Bug 1393980 Opened 7 years ago Closed 7 years ago

Create a bootstrap add-on to switch a user to SBv4

Categories

(Toolkit :: Safe Browsing, enhancement, P1)

enhancement

Tracking

()

RESOLVED FIXED

People

(Reporter: francois, Assigned: francois)

References

()

Details

(Whiteboard: #sbv4-m9)

Attachments

(1 file, 2 obsolete files)

We can based our addon on https://hg.mozilla.org/releases/mozilla-release/file/10a244c0f835/browser/extensions/clicktoplay-rollout/bootstrap.js#l84 (added in bug 1365714).

Note: the above code is using Preferences.jsm, but we should use Services.prefs directly as Preferences.jsm is deprecated.

Ideally, we should be using default prefs (as opposed to user prefs) so that no explicit cleanup is needed. However we need to test whether or not a reboot is necessary after switching from V2 to V4. If a reboot is necessary, we can't use default prefs.
:felipe has offered to review the add-on once it's ready.

Once the add-on is signed, we should NEEDINFO :rehan to move this forward.
See Also: → 1390698
Summary: Create a bootstrap system add-on to switch a user to SBv4 → Create a bootstrap add-on to switch a user to SBv4
Assignee: nobody → kardekani
Status: NEW → ASSIGNED
Here are the prefs for V4:

pref("urlclassifier.malwareTable", "goog-malware-proto,goog-unwanted-proto,test-malware-simple,test-unwanted-simple");
pref("urlclassifier.phishTable", "goog-phish-proto,test-phish-simple");
pref("urlclassifier.downloadAllowTable", "goog-downloadwhite-proto");
pref("urlclassifier.downloadBlockTable", "goog-badbinurl-proto");
Assignee: kardekani → francois
Attached file sbv4-gradual-rollout.xpi (obsolete) —
Here's the add-on I've tested in beta with the patch from bug 1393954.
Attached image sbv4-gradual-rollout-copy.png (obsolete) —
Michelle, we're going to use an add-on to roll out an internal Firefox feature in release 56. The only thing that will be visible to users will be the following screen if users actually go into the add-on preferences.

Here's the copy in text form:

      Safe Browsing Version 4 (temporary add-on)
      By Firefox Team    

      This temporary add-on enables the new version of the Safe Browsing API
      which automatically protects against dangerous and deceptive sites.
      It will be automatically removed once the gradual roll-out of this
      feature is complete.

Would you like me to make any changes?
Flags: needinfo?(mheubusch)
Here is the test plan I followed in comment 3:

1. build Firefox 56 beta with the patch from bug 1393954
2. start that Firefox build in a fresh profile
3. open about:url-classifier
4. verify that you can successfully trigger an update for google, but not for google4
5. go into about:debugging and tick "enable add-on debugging"
6. load the attached add-on
7. go back into about:url-classifier
8. verify that you can successfully trigger an update for google4, but not for google (opposite of Step 4)
9. go into about:addons and remove the Safe Browsing Version 4 add-on
10. go back into about:url-classifier
11. verify that you can successfully trigger an update for google, but not for google4 (same as Step 4)
Flags: needinfo?(mkelly)
Flags: needinfo?(mcooper)
Flags: needinfo?(mkelly)
Flags: needinfo?(mcooper)
(In reply to François Marier [:francois] from comment #4)
>       Safe Browsing Version 4 (temporary add-on)
>       By Firefox Team    
> 
>       This temporary add-on enables the new version of the Safe Browsing API
>       which automatically protects against dangerous and deceptive sites.
>       It will be automatically removed once the gradual roll-out of this
>       feature is complete.

Michelle's comments on the add-on description:

- add a comma between "API" and "which"
- remove the word "automatically" between "which" and "protects"
- remove the "gradual" between "the" and "roll-out"
Flags: needinfo?(mheubusch)
New version of the add-on:

- copy changes requested by Michelle
- marked as multiprocessCompatible so that it runs on 57
- auto-uninstalls itself if it runs on Firefox 57+
Attachment #8906194 - Attachment is obsolete: true
Attachment #8906196 - Attachment is obsolete: true
Sign-off from Cristian Comorasu of Soft Vision:

"I tested using STR from https://bugzilla.mozilla.org/show_bug.cgi?id=1393980#c5 and the XPI from the same bug, with the builds from https://bugzilla.mozilla.org/show_bug.cgi?id=1393980#c8.

I am happy to say that the browser behaved accordingly and no issues were found, below you have a list of platforms I tested on.

Windows 10 x64
Windows 7 x32
Ubuntu 16.04 LTS x64
Ubuntu 16.04 LTS x32
mac OS X 10.12.6"

Michael, I believe that's all you needed before signing the XPI and uploading it to Normandy?
Flags: needinfo?(mkelly)
The add-on from comment 7 has been signed and uploaded to Normandy. It should be ready for use in a recipe.
Flags: needinfo?(mkelly)
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
For the record, the addon in comment 7 was uploaded to Sheild as "Safe Browsing v4 (Gradual Rollout)".
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: