Closed
Bug 781147
Opened 13 years ago
Closed 7 years ago
Experiment with a "Security Diagnostic" tool
Categories
(DevTools Graveyard :: Graphic Commandline and Toolbar, enhancement, P3)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: paul, Unassigned)
Details
Attachments
(1 file, 4 obsolete files)
|
17.00 KB,
patch
|
Details | Diff | Splinter Review |
No description provided.
|
Reporter | |
Comment 1•13 years ago
|
||
|
|
Reporter | |
Comment 2•13 years ago
|
||
First approach:
How to use:
1) start tracking a page by typing: "security-report-start" in the command line
2) type "security-report-show" to open the report (click on the update button update the page)
3) "security-report-stop" stops the tracking process
Right now, it only tracks the number of click on the page (useless, just for testing purpose).
The interesting parts are:
- browser/devtools/security-report/security-recorder.jsm
Where you build the "tracking" process.
- browser/devtools/security-report/security-renderer.jsm
Where you render the collected data.
|
||
Comment 3•13 years ago
|
||
Looks like there is a bug in the makefile. I did an hg pull and update, applied the patch, and tried to build. I get this error:
make -C security-report export
make[7]: Entering directory `/Users/tvyas/dev/mozilla-central/obj-ff-dbg/browser/devtools/security-report'
Makefile:18: *** missing separator. Stop.
make[7]: Leaving directory `/Users/tvyas/dev/mozilla-central/obj-ff-dbg/browser/devtools/security-report'
make[6]: *** [export] Error 2
make[6]: Leaving directory `/Users/tvyas/dev/mozilla-central/obj-ff-dbg/browser/devtools'
make[5]: *** [export] Error 2
make[5]: Leaving directory `/Users/tvyas/dev/mozilla-central/obj-ff-dbg/browser'
make[4]: *** [export_tier_app] Error 2
make[4]: Leaving directory `/Users/tvyas/dev/mozilla-central/obj-ff-dbg'
make[3]: *** [tier_app] Error 2
make[3]: Leaving directory `/Users/tvyas/dev/mozilla-central/obj-ff-dbg'
make[2]: *** [default] Error 2
make[2]: Leaving directory `/Users/tvyas/dev/mozilla-central/obj-ff-dbg'
make[1]: *** [realbuild] Error 2
make: *** [build] Error 2
|
|
Reporter | |
Comment 4•13 years ago
|
||
fixed build problem
|
|
Reporter | |
Updated•13 years ago
|
Attachment #650050 -
Attachment is obsolete: true
|
||
Comment 6•13 years ago
|
||
Un-bitrotted for Ameya to work on
Attachment #668461 -
Attachment is obsolete: true
|
||
Comment 7•13 years ago
|
||
Do we have any documentation regarding what kind of security properties we can/want to detect?
|
|
||
Comment 8•13 years ago
|
||
(In reply to David Rajchenbach Teller [:Yoric] from comment #7)
> Do we have any documentation regarding what kind of security properties we
> can/want to detect?
https://etherpad.mozilla.org/securityreport
|
|
||
Comment 9•12 years ago
|
||
Updated to reflect build changes
Attachment #710666 -
Attachment is obsolete: true
|
||
Comment 10•12 years ago
|
||
Comment on attachment 726191 [details] [diff] [review]
experimental patch - v0.009?
Review of attachment 726191 [details] [diff] [review]:
-----------------------------------------------------------------
::: browser/devtools/commandline/CmdSecurityReport.jsm
@@ +17,5 @@
> + * Security Report commands
> + */
> +
> +gcli.addCommand({
> + name: "security-report-show",
4 things:
- JSM loading is slow, so we should have fewer of them. We've been adding mostly to BuiltinCommands.jsm when there isn't a better owner, but this also goes for reporter/security-recorder/security-renderer also.
- We should consider using subcommands. See the 'addon' set of command in BuiltinCommands.jsm
- I think we need a strategy around reporting commands in general.
We might need "report security start" or something. We'll need to think about this
- Perhaps the show should happen automatically with the stop?
@@ +29,5 @@
> + },
> +});
> +
> +gcli.addCommand({
> + name: "security-report-start",
Can we not be 'started' at all times? Does this slow things down?
::: browser/devtools/moz.build
@@ +19,5 @@
> 'responsivedesign',
> 'framework',
> 'profiler',
> 'fontinspector',
> + 'security-report',
Could we lose the '-' please?
::: browser/devtools/security-report/security-report.html
@@ +1,5 @@
> +<html xmlns="http://www.w3.org/1999/xhtml">
> + <head>
> + <title>Security Report</title>
> + <link rel="icon" type="image/png" id="favicon" href="chrome://global/skin/icons/warning-16.png" />
> + <style>
Perhaps we should split this out so it could be themed?
|
||
Updated•8 years ago
|
Severity: normal → enhancement
Component: Developer Tools → Developer Tools: Graphic Commandline and Toolbar
Priority: -- → P3
|
||
Updated•7 years ago
|
Product: Firefox → DevTools
|
||
Comment 11•7 years ago
|
||
Per bug 1491875, this component has been closed, and the affected code is being removed from Firefox. Closing this bug as incomplete.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INCOMPLETE
|
|
||
Updated•7 years ago
|
Product: DevTools → DevTools Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•