Closed Bug 395243 Opened 18 years ago Closed 18 years ago

Reject add-ons with em:updateKey

Categories

(addons.mozilla.org Graveyard :: Developer Pages, defect)

Product:
addons.mozilla.org Graveyard
Component:
Developer Pages
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: mossop, Assigned: reed)

Details

Attachments

(1 file, 1 obsolete file)

trimmed patch
3.59 KB, patch
fligtar
: review+
Details | Diff | Splinter Review
Bug 378216 enforces certain security restrictions on the add-on update process. In particular add-ons can include an updateKey property in the install.rdf which if present requires that the update.rdf includes a signature signed by a matching key. Since AMO delivers update.rdf over SSL it does not need to use signatures, and indeed cannot deliver signatures. So you should reject any add-ons developers upload with an updateKey specified since they will be unable to receive updates through AMO.
Assignee: nobody → reed
Status: NEW → ASSIGNED
Version: unspecified → 3.0
Attached patch patch - v1 (obsolete) — Splinter Review
Attachment #279940 - Flags: review?
Can I get this reviewed? Pretty please? :)
Attached patch trimmed patchSplinter Review
Original patch not working for me, probably because of all the gettext files. We don't include those in patches - the English strings are merged to the other locales before or after commit and .mo files updated before a push. Manually patched the relevant files and am reviewing now.
Attachment #279940 - Attachment is obsolete: true
Attachment #279940 - Flags: review?
Comment on attachment 283511 [details] [diff] [review] trimmed patch r=fligtar Thanks for the patch, tested and works as it should.
Attachment #283511 - Flags: review+
Checked in with gettext updates.
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: