Closed
Bug 273550
Opened 20 years ago
Closed 18 years ago
[Submission] GUID from applications should not be allowed as extension GUID
Categories
(addons.mozilla.org Graveyard :: Developer Pages, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
3.0
People
(Reporter: Bugzilla-alanjstrBugs, Assigned: fligtar)
References
Details
Attachments
(1 file)
|
1.72 KB,
patch
|
wolf
:
first-review-
|
Details | Diff | Splinter Review |
It is possible for someone to use the GUID from Firefox, Seamonkey, etc, in
their extension or theme. The bug to limit incoming GUIDs to be unique has
already been fixed. However, it probably does not prevent someone from using
the Firefox GUID. This was discovered in bug 267026 comment 3.
Assignee: nobody → Bugzilla-alanjstrBugs
Status: UNCONFIRMED → NEW
Ever confirmed: true
Attachment #168578 -
Flags: first-review?(psychoticwolf)
|
||
Comment 2•20 years ago
|
||
Comment on attachment 168578 [details] [diff] [review]
Checks the applications table for GUID
At a glance, this patch contains a section that appears to be a result of a CVS
merge, which doesn't belong here.
Otherwise, the patch looks ok.
Though the concept is a bit foggy, as the Apps GUIDs are actually perfectly
valid for 1 extension or theme, as they're not internally confused.
Attachment #168578 -
Flags: first-review?(psychoticwolf) → first-review-
|
|
||
Updated•20 years ago
|
Target Milestone: 1.0 → 1.1
We should also not let people submit extensions with the GUID of the default
theme(s).
Summary: GUID from applications should not be allowed as extension GUID → [Submission] GUID from applications should not be allowed as extension GUID
|
||
Comment 4•19 years ago
|
||
Yeah, we should create some dummy entries for all the registered UUIDs, or otherwise block them, and reject any that end in @applications.mozilla.org or whatever the canonical form is.
I wonder if there's a list of these UUIDs anywhere...
Assignee: Bugzilla-alanjstrBugs → nobody
Status: ASSIGNED → NEW
OS: Windows XP → All
QA Contact: mozilla.update → developers
Hardware: PC → All
Target Milestone: --- → 2.1
> I wonder if there's a list of these UUIDs anywhere...
http://kb.mozillazine.org/Install.rdf#Target_applications.27_GUIDs
|
Assignee | |
Updated•18 years ago
|
Depends on: remora-dev
|
|
Assignee | |
Updated•18 years ago
|
Status: NEW → ASSIGNED
Target Milestone: 2.1 → 3.0
|
|
Assignee | |
Updated•18 years ago
|
Assignee: nobody → fligtar
Status: ASSIGNED → NEW
|
|
Assignee | |
Comment 6•18 years ago
|
||
This has been fixed in Remora (AMO v3). The additem script will not allow any GUIDs found in the applications table to be used as an add-on id.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
|
||
Updated•9 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•