Per bug 475653, version 8.0 of AVG's SafeSearch extension, which is installed/registered with the AVG software, breaks the location bar in Fx3.1. Specifics are in the bug, but the long and the short of it is that the Enter key will no longer submit the text entered in the location bar, the "go" arrow must be clicked on.
Because this version of the extension breaks a core navigation method in 3.1, I'd like to recommend we blocklist it. AVG has prepared a fix and will be deploying it soon, but I'd still like to add version 8.0 and lower to the blocklist for Firefox 3.1 and higher.
Identifying information for the extension is as follows:
<em:name>AVG Safe Search</em:name>
<em:type>2</em:type><!-- extension -->
<em:description>Guard against clicking malicious links.</em:description>
Blocklist XML to add would be:
<versionRange minVersion=" " maxVersion="8.0">
<versionRange minVersion="3.1a1" maxVersion="*"/>
E-mail sent to Petr at AVG outlining intent to BL version 8.0, and asking AVG to review that the MaxVersion is set correctly, and that the version of the extension is incremented to avoid being caught by the BL entry. Waiting to hear back to see if there are any questions.
Until this happens, I would recommend release noting it since I see many reports of this problem being mentioned in the Hendrix feedback.
This blocks 3.5, IMO, since we have known compatibility problems.
Yeah, this is breaking the beta currently if AVG is installed.
Dumb question: why do we allow <maxVersion>3.*</maxVersion>? I know AMO doesn't, but it seems like you should need to do something extra in Fx itself (like disabling version compat checking) to allow that..
Filed bug 485833 to talk about a potential way of restricting maxVersions.
What's holding up the blocklisting here?
(In reply to comment #7)
> What's holding up the blocklisting here?
doo dee doo
Morgamic, Rey: where's the holdup on this?
There's no hold-up from our end AFAIK.
OK, so, why hasn't it been blocklisted yet?
Let me ask it this way: who adds it to the blocklist, in our process?
WebDev adds once all of the conditions have been met (e.g. acceptance as a blocklist item, vendor notification/confirmation, etc.).
To re-confirm, to the best of my knowledge all conditions have been met for this blocklist addition and it's good to go.
If everything is "good to go", what's with the 3 months of nothingness here?
I dropped the ball on this, we'll get it taken care of today. Sorry guys.
No worries; good to know who to ping. I'd thought that it was Rey or Nick that handled it. Would it help to move these bugs over to some webdev component for you to track once all requirements are met?
Maybe a set of whiteboard statuses could be used to indicate what phase of the process these bugs are in?
I'll draft something up, and fwd it to rey and nick for review and inclusion in the policy. I'll also push a little more efficiently, something that I should be doing.
thanks for getting it in, morgamic!
IT bug for database change: bug 498471
I will update mozilla.com shortly.
mozilla.com updated: http://www.mozilla.com/en-US/blocklist/
waiting for IT to push bug 498471.
"AVG SafeSearch, versions older than 8.0".
Shouldn't that be "version 8.0 and older" ?
Sometimes I have the reported problem as well. - But I have never installed AVG!
ew_h: if you have not installed AVG then you've got some other bug and you should check with http://support.mozilla.com for help figuring out how to file the symptoms you're seeing.
The only way it might be this bug if you never installed AVG is if you installed the older "XPL LinkScanner" that AVG bought and included. If that's the case then we should blocklist that one, too, although we'll still want a new bug because it will get lost buried at the bottom of this "fixed" one.
Created attachment 401068 [details]
Comment on attachment 401068 [details]
Pham Manh, you're in the wrong place and very confused. Why you felt the need to upload a Firefox 3.5.3 Windows executable here is beyond me. (can someone delete this thing?) Please go to support.mozilla.com if you need help with something, or at far least file a new bug report.
This is still marked as push-needed, though it looks like this is live and has been for a while. Is there anything lingering here or can this be verified?
The content of attachment 401068 [details] has been deleted by
Dave Miller [:justdave] <email@example.com>
who provided the following reason:
don't need executables on here
The token used to delete this attachment was generated at 2009-09-16 17:45:19 PDT.