In Firefox 3.5 with a blocklisted extension, in the Add-ons Manager you see either "Disabled for your protection" (hard) or "Known to cause security or stability issues" (soft). In latest Namoroka or Minefield, extensions (but not plugins) also have "A newer, safer version is available" shown for both. This shows even if there is not a newer version available. To reproduce, you can use the testcase noted in bug 523133 comment 0 (from bug 455906) with the addition of DOM Inspector and FireGestures installed. (the given blocks are absolute, so as long as you install the current version there won't be an update available for either) Extensions have an update system built in. It should only be saying this if it detects that in fact a "newer, safer version" that's not blocklisted is actually available. In the absence of that knowledge, it should at least say "may be available" because it doesn't actually know. (yes, we would like that we only blocklist when an update is available to migrate to, but that isn't guaranteed) Saying "is" instead of "may be" could easily mislead some users. If I got a dire sounding warning and a blocked extension labeled to have a safe update, I'd certainly be confused if pressing the "Find Updates" button right below it did nothing. Additionally, this should be applied to plugins as equally as possible. Using the same test it will block Flash and not show this added phrase even if an old Flash version is used. (I can file this bug separately, if needed)
That message should never show for extensions, only plugins. The wording is correct (and accurate) though - it should only display for plugins marked as outdated (known to have a newer version). For blocklisted plugins, there may or may not be a newer version. No such upgrade message currently displays for that case; but if it were to be added, it would indeed need to be phrased differently. Patch coming up.
Assignee: nobody → bmcbride
Status: NEW → ASSIGNED
For clarification: By "outdated", I mean the blocklist item for the plugin has a severity of "0". The testcase mentioned here only has items with other severity levels, therefore no plugins are marked as outdated and this message never shows.
Created attachment 408818 [details] [diff] [review] Patch v1
Attachment #408818 - Flags: review?(dtownsend)
Ah, simple enough. That makes perfect sense, thanks.
Created attachment 408842 [details] test blocklist I'm attaching a new testcase with a severity=0 plugin (Flash). With the patch, the progression once this blocklist is updated is to block the other two in the list normally without mentioning Flash, then on restart the Manager has the "newer, safer" note for Flash but not the others, and I'm now taken to the plugin check page automatically. This seems to be the full intended route working nicely now.
Attachment #408818 - Flags: review?(dtownsend) → review+
Flags: blocking1.9.2? → blocking1.9.2+
Priority: -- → P2
(In reply to comment #5) > Created an attachment (id=408842) [details] > test blocklist > > I'm attaching a new testcase with a severity=0 plugin (Flash). With the patch, > the progression once this blocklist is updated is to block the other two in the > list normally without mentioning Flash, then on restart the Manager has the > "newer, safer" note for Flash but not the others, and I'm now taken to the > plugin check page automatically. This seems to be the full intended route > working nicely now. Excellent - thanks :)
http://hg.mozilla.org/mozilla-central/rev/d369e1b4085a leaving checkin-needed for 1.9.2
Status: ASSIGNED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9.3a1
status1.9.2: --- → final-fixed
hi, to clarify, is the fix here to block the text for extensions that are on the blocklist.xml file? Trying to determine what needs testing here.
(In reply to comment #9) > hi, to clarify, is the fix here to block the text for extensions that are on > the blocklist.xml file? Trying to determine what needs testing here. Yes. The only time the phrase "A newer, safer version is available" should show is for plugins that are marked as outdated (severity=0 in blocklist.xml).
(In reply to comment #10) > Yes. The only time the phrase "A newer, safer version is available" should show > is for plugins that are marked as outdated (severity=0 in blocklist.xml). Okay great. it looks like the bug also happens when the plugin severity is set to 2 or 3 also. I'll verify this fix in trunk and branch on the next build.
Verified fix on Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2b3pre) Gecko/20091109 Namoroka/3.6b3pre and trunk also.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.