Created attachment 649673 [details] 20120807_emotimania_firefox.zip User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.57 Safari/537.1 Steps to reproduce: Downloaded add-on from www.emotimania/plugin/memes/plugin_meme2.xpi Actual results: Loads memeplugin.js from the addon container memeplugin.js: defines a bunch of JS to do DOM/CSS manipulation injects http://www.emotimania.com/memes/plugin/memeplugin.js memeplugin.js (remote copy): packed JS inserts a whos.amung.us tag inserts a Google Analytics tag (acct: UA-17000707-8) injects http://www.emotimania.com/plugin/4dTgkd.js http://www.emotimania.com/plugin/h4dfaK.js 4dTgkd.js: Swaps out ads that are hosted via iframe with ads hosted on http://www.mimejoorfrase.com/ad.php h4dfaK.js: Injects an ad iframe pointing to http://ad.foxnetworks.com/st?ad_type=iframe&ad_size=728x90§ion=3129889&pub_url=mimejoorfrase.com It looks for a specific set of sites to inject on (incl. Facebook), most in the list are Spanish language sites. Expected results: It should not inject ads or replace ads on the sites a user visits, without their knowledge.
The id had already been blocked (https://addons.mozilla.org/en-US/firefox/blocked/i115), but the wrong block level was set, so that's probably the reason it wasn't working correctly. Fixed now.
Verified as fixed in https://addons.mozilla.org/ on FF21 (Win 7). The add-on has been blocked. Closing bug.