Last Comment Bug 797378 - Deploy click-to-play and info bar blocks on popular plugins
: Deploy click-to-play and info bar blocks on popular plugins
Status: VERIFIED FIXED
:
Product: Toolkit
Classification: Components
Component: Blocklisting (show other bugs)
: unspecified
: All All
: -- normal with 2 votes (vote)
: ---
Assigned To: Jorge Villalobos [:jorgev]
: Paul Silaghi, QA [:pauly]
: Jorge Villalobos [:jorgev]
Mentors:
https://bsmedberg.etherpad.mozilla.or...
Depends on: 798756
Blocks:
  Show dependency treegraph
 
Reported: 2012-10-03 08:41 PDT by Jorge Villalobos [:jorgev]
Modified: 2016-08-28 11:07 PDT (History)
156 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments

Description Jorge Villalobos [:jorgev] 2012-10-03 08:41:01 PDT
We're staging some CTP blocks so we can test the feature. See Etherpad for the list to block: https://bsmedberg.etherpad.mozilla.org/ff15-ctp-blocklist-proposal

I'll block a few of these so we can verify that it works correctly.
Comment 1 Jorge Villalobos [:jorgev] 2012-10-03 08:47:29 PDT
Adobe Flash 10.3.183.19 and lower:
https://addons-dev.allizom.org/en-US/firefox/blocked/p139
Comment 2 Jorge Villalobos [:jorgev] 2012-10-03 08:54:58 PDT
Adobe Flash 11.0 -> 11.4
https://addons-dev.allizom.org/en-US/firefox/blocked/p141
Comment 3 Jorge Villalobos [:jorgev] 2012-10-03 09:00:54 PDT
Adobe Reader 9.5.1 and lower:
https://addons-dev.allizom.org/en-US/firefox/blocked/p143
Comment 4 Jorge Villalobos [:jorgev] 2012-10-03 09:15:58 PDT
Adobe Reader 10.0 to 10.1.3
https://addons-dev.allizom.org/en-US/firefox/blocked/p145
Comment 5 Jorge Villalobos [:jorgev] 2012-10-03 09:22:48 PDT
Silverlight below 4.1.10329.0
https://addons-dev.allizom.org/en-US/firefox/blocked/p147
Comment 6 Jorge Villalobos [:jorgev] 2012-10-03 09:25:18 PDT
Silverlight 5.0 to 5.1.10410.0
https://addons-dev.allizom.org/en-US/firefox/blocked/p149
Comment 7 Jorge Villalobos [:jorgev] 2012-10-03 09:26:25 PDT
I didn't add the Java blocks, since they're apparently missing information.

I talked to Paul earlier and he is just done for the day, so I thing someone else will need to do the testing if we want the results as early as possible.
Comment 8 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-03 10:25:14 PDT
Is this block platform specific or does it need testing across all platforms?
Comment 9 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-03 10:27:23 PDT
Also what versions of Firefox does this need testing with? Firefox 16b6 I assume?
Comment 10 Jorge Villalobos [:jorgev] 2012-10-03 10:39:31 PDT
All blocks are Windows-only, and they should be tested in Firefox 17 to see the CTP block, and Firefox 16b6 to see the infobar block.
Comment 11 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-03 11:40:06 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #7)
> I didn't add the Java blocks, since they're apparently missing information.
> 
> I talked to Paul earlier and he is just done for the day, so I thing someone
> else will need to do the testing if we want the results as early as possible.

I added Java 7 previously, what exactly do you need?
Comment 12 Jorge Villalobos [:jorgev] 2012-10-03 11:47:07 PDT
Unlike other blocks in the Etherpad, it doesn't say which version ranges to block.
Comment 13 Benjamin Smedberg [:bsmedberg] 2012-10-03 11:50:33 PDT
dveditz or mcoates were supposed to provide the specific Java version information.
Comment 14 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-03 12:57:49 PDT
The block does not appear to be working properly. With Flash 10.1.85.3 I am seeing an info-bar with Firefox 17.0a2 2012-10-03. I would expect to experience a CTP block on Firefox 17. Blocklist.xml appears to be properly updated:

<pluginItem  blockID="p139">
<match name="filename" exp="NPSWF32\.dll" />
<versionRange  minVersion="0" maxVersion="10.3.183.19" severity="0" vulnerabilitystatus="1">
</versionRange>
</pluginItem>
Comment 15 Alex Keybl [:akeybl] 2012-10-03 13:43:36 PDT
Pinged David about this - hopefully he'll be able to help us figure out what's wrong.
Comment 16 David Keeler [:keeler] (use needinfo?) 2012-10-03 14:38:35 PDT
I'm pretty sure this is the culprit:

<pluginItem blockID="p94">
<match name="filename" exp="(NPSWF32\.dll)|(Flash\ Player\.plugin)"/>
<versionRange minVersion="0" maxVersion="10.2.159.1" severity="0"/>
</pluginItem>

p94 is essentially overriding p139 with an infobar.
Comment 17 Jorge Villalobos [:jorgev] 2012-10-03 14:43:56 PDT
Anthony, can you test a version higher than 10.2.159.1 and lower or equal to 10.3.183.19?
Comment 18 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-03 14:53:50 PDT
I tried Flash 10.3.181.14 and it appears the CTP block works in this instance. Loading a YouTube video overlays the video with the following warning:

This plugin is vulnerable and should be updated. 
__Check for updates__...
Click here to activate the Adobe Flash plugin.

Adobe Flash remains enabled in the Add-ons Manager.
Clicking the overlay plays the video.
Reloading the page redisplays the overlay.
Clicking "Check for updates" loads the PFS page in a new tab.

I suppose this is the UX we are looking for but that the p94 block is overriding this one for affected versions.
Comment 19 David Keeler [:keeler] (use needinfo?) 2012-10-03 14:57:38 PDT
(In reply to Anthony Hughes, Mozilla QA (:ashughes) from comment #18)
> Adobe Flash remains enabled in the Add-ons Manager.

Bug 772897 adds some UI to indicate the vulnerability status in the addons manager, but it hasn't been uplifted. I flagged the patch approval-mozilla-aurora? today.
Comment 20 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-03 14:59:44 PDT
I think we should hold off on testing Aurora until that lands so we can test the complete end-to-end experience. Though that should not block testing the Firefox 16b6 info-bar experience. Any objections?
Comment 21 Michael Coates [:mcoates] (acct no longer active) 2012-10-03 15:23:04 PDT
(In reply to Benjamin Smedberg  [:bsmedberg] from comment #13)
> dveditz or mcoates were supposed to provide the specific Java version
> information.

Java 7.x (Update 0 through 6)
Does not impact Java 6 and below
Comment 22 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-03 16:02:27 PDT
(In reply to Anthony Hughes, Mozilla QA (:ashughes) from comment #20)
> I think we should hold off on testing Aurora until that lands so we can test
> the complete end-to-end experience. Though that should not block testing the
> Firefox 16b6 info-bar experience. Any objections?

I spoke with Alex Keybl about this on IRC and he doesn't think that bug 772897 blocks any further testing. Unfortunately, I won't have enough time to finish up the testing today but I've instructed Paul to take over tonight. For those of you interested, our test plan is here:
https://wiki.mozilla.org/QA/Plugins/CTP_Blocklist

Paul, please reassign me as the QA Contact in the morning so I can pick up where you leave off.
Comment 23 Paul Silaghi, QA [:pauly] 2012-10-04 04:58:15 PDT
Hi guys,

I see the following behavior on FF 16b6 and not convinced it's the right one:
1. Force the blocklist ping
2. Open a youtube video => the video is click-to-play (old UI)
3. Click on the video => infobar saying "Some plugins user by this page are out of date"

What do you think?
Comment 24 Paul Silaghi, QA [:pauly] 2012-10-04 05:56:38 PDT
Also after updating flash, the block/notification won't disappear only after restarting FF.
Comment 25 Benjamin Smedberg [:bsmedberg] 2012-10-04 07:24:55 PDT
FF16 should not be showing CTP UI under any circumstances. That should have been fixed by bug 793273.
Comment 26 Paul Silaghi, QA [:pauly] 2012-10-04 07:25:45 PDT
Adobe Flash 11.2.202.235, Adobe Flash 11.3.300.271 are not blocked.
<pluginItem  blockID="p141">
                  <match name="filename" exp="NPSWF32\.dll" />                      <versionRange  minVersion="11.0" maxVersion="11.3.9999" severity="0" vulnerabilitystatus="1"></versionRange> 

I think this is because starting with Flash 11.2.xxx.xxx the dlls have different names:
File:  NPSWF32_11_2_202_235.dll
Comment 27 Paul Silaghi, QA [:pauly] 2012-10-04 08:07:29 PDT
(In reply to Paul Silaghi [QA] from comment #23)
> Hi guys,
> 
> I see the following behavior on FF 16b6 and not convinced it's the right one:
> 1. Force the blocklist ping
> 2. Open a youtube video => the video is click-to-play (old UI)
> 3. Click on the video => infobar saying "Some plugins user by this page are
> out of date"
> 
> What do you think?

Actually this happens only if forcing the ping in Aurora first(and see the CTP block) and using the same profile in Beta 6 then. Tested with Flash 10.3.181.34, Adobe Reader 8.1.3.187, Silverlight 4.0.60531.0
Comment 28 Paul Silaghi, QA [:pauly] 2012-10-04 09:23:06 PDT
If running vice-versa, force ping in FF 16b6 - everything will be ok here, but nothing will be blocked in FF 17 using the same profile.
Comment 29 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-04 11:21:58 PDT
I'm reproducing what Paul reports in comment 26.

Flash 11.3.300.273 is not blocked at all. The DLL is NPSWF32_11_3_300_273.dll which is not captured by "NPSWF32\.dll". I think the p141 block needs to be updated.
Comment 30 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-04 11:24:43 PDT
(In reply to Anthony Hughes, Mozilla QA (:ashughes) from comment #29)
> I'm reproducing what Paul reports in comment 26.
> 
> Flash 11.3.300.273 is not blocked at all. The DLL is
> NPSWF32_11_3_300_273.dll which is not captured by "NPSWF32\.dll". I think
> the p141 block needs to be updated.

As per previous testing, the first version to use version number in the DLL name was Flash 11.2.202.228; the last version to use NPSWF32.dll was Flash 11.1.102.63.
Comment 31 Jorge Villalobos [:jorgev] 2012-10-04 12:05:40 PDT
I just updated the regular expression to NPSWF32[0-9_]*\.dll. It should be updated in the downloaded blocklist within an hour.
Comment 32 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-04 12:27:54 PDT
Question about Reader, should Adobe Reader 10.1.3.23 be blocked?

<pluginItem  blockID="p145">
<match name="filename" exp="nppdf32\.dll" />
<versionRange  minVersion="10.0" maxVersion="10.1.3" severity="0" vulnerabilitystatus="1"></versionRange>
</pluginItem>
Comment 33 Jorge Villalobos [:jorgev] 2012-10-04 12:31:59 PDT
It's not supposed to be blocked given how the block is currently set up. I don't know if the block should cover those versions too, though. The etherpad says to block up to 10.1.3, but maybe they meant 10.1.3.*
Comment 34 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-04 12:37:26 PDT
FWIW, all Reader versions have a x.x.x.x version string in about:plugins, even though Adobe calls them version x.x.x.
Comment 35 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-04 13:49:12 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #5)
> Silverlight below 4.1.10329.0
> https://addons-dev.allizom.org/en-US/firefox/blocked/p147
>
> Silverlight 5.0 to 5.1.10410.0
> https://addons-dev.allizom.org/en-US/firefox/blocked/p149

QA signs off the Silverlight staged blocks.
Comment 36 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-04 13:57:58 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #3)
> Adobe Reader 9.5.1 and lower:
> https://addons-dev.allizom.org/en-US/firefox/blocked/p143

QA signs off the staged block for Adobe Reader 9.5.1 and lower.
Comment 37 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-04 15:14:31 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #2)
> Adobe Flash 11.0 -> 11.4
> https://addons-dev.allizom.org/en-US/firefox/blocked/p141

QA signs off the staged block for Adobe Flash 11.0 to 11.4.
Comment 38 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-04 15:15:45 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #4)
> Adobe Reader 10.0 to 10.1.3
> https://addons-dev.allizom.org/en-US/firefox/blocked/p145

QA signs off the staged Block for Adobe Reader 10 to 10.1.3, assuming the fact that 10.1.3.* builds not being blocked is not a blocker.
Comment 39 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-04 15:16:55 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #1)
> Adobe Flash 10.3.183.19 and lower:
> https://addons-dev.allizom.org/en-US/firefox/blocked/p139

QA signs off the staged block for Adobe Flash 10.3.183.19 and lower, assuming the fact that Flash <10.2.159.1 are info-bar blocked instead of CTP blocked due to block p94 is not a blocker.
Comment 40 David Keeler [:keeler] (use needinfo?) 2012-10-04 15:20:05 PDT
(In reply to Anthony Hughes, Mozilla QA (:ashughes) from comment #39)
> assuming the fact that Flash <10.2.159.1 are info-bar blocked instead of CTP
> blocked due to block p94 is not a blocker.

Personally, I think this is something that should be fixed.
Comment 41 Jorge Villalobos [:jorgev] 2012-10-04 16:22:54 PDT
So, do you want me to remove the previous block? That should fix the problem.
Comment 42 David Keeler [:keeler] (use needinfo?) 2012-10-04 16:24:17 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #41)
> So, do you want me to remove the previous block? That should fix the problem.

Sounds good :)
Comment 43 Jorge Villalobos [:jorgev] 2012-10-04 16:54:28 PDT
OK, it's done on staging now.

I'm also changing this bug to include pushing these blocks to production.
Comment 44 Robert Kaiser 2012-10-04 17:05:15 PDT
I think we should probably replace all infobar blocks with CTP blocks because of the better UX. But that's just my opinion. ;-)
Comment 45 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-04 17:14:23 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #43)
> OK, it's done on staging now.

Flash <10.2.159.1 works as a CTP block now. I see no blockers to pushing to production.
Comment 46 Jorge Villalobos [:jorgev] 2012-10-05 10:45:09 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #1)
> Adobe Flash 10.3.183.19 and lower:
> https://addons-dev.allizom.org/en-US/firefox/blocked/p139

This block has been updated to exclude 10.3 and above. It now blocks 10.2.* and lower.
Comment 47 Jorge Villalobos [:jorgev] 2012-10-05 10:47:15 PDT
Pushed to production (all Windows-only):

Silverlight 4.1.10328.0 and lower
https://addons.mozilla.org/en-US/firefox/blocked/p152

Silverlight 5.0 to 5.1.10410.0
https://addons.mozilla.org/en-US/firefox/blocked/p154

Adobe Reader 9.5.1 and lower
https://addons.mozilla.org/en-US/firefox/blocked/p156

Adobe Reader 10.0 to 10.1.3
https://addons.mozilla.org/en-US/firefox/blocked/p158
Comment 48 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-05 12:04:38 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #46)
> (In reply to Jorge Villalobos [:jorgev] from comment #1)
> > Adobe Flash 10.3.183.19 and lower:
> > https://addons-dev.allizom.org/en-US/firefox/blocked/p139
> 
> This block has been updated to exclude 10.3 and above. It now blocks 10.2.*
> and lower.

QA signs off this updated block. Flash 10.3 and above are no longer blocked, Flash 10.2 and below are info-bar blocked in Firefox 16 and CTP blocked in Firefox 17.
Comment 49 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-05 12:24:28 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #47)
> Pushed to production (all Windows-only):
> 
> Silverlight 4.1.10328.0 and lower
> https://addons.mozilla.org/en-US/firefox/blocked/p152

QA signs off the Silverlight 4.1.10328.0 and lower live block.
Comment 50 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-05 12:28:24 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #47)
> Pushed to production (all Windows-only):
>
> Silverlight 5.0 to 5.1.10410.0
> https://addons.mozilla.org/en-US/firefox/blocked/p154

QA signs off the Silverlight 5.0 to 5.1.10410.0 live block.
Comment 51 Jorge Villalobos [:jorgev] 2012-10-05 12:36:58 PDT
Adobe Flash 10.2.* and lower
https://addons.mozilla.org/en-US/firefox/blocked/p160

This covers all the blocks we decided to push for now. Please file separate bugs for other blocks.
Comment 52 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-05 12:37:37 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #47)
> Pushed to production (all Windows-only):
>  
> Adobe Reader 9.5.1 and lower
> https://addons.mozilla.org/en-US/firefox/blocked/p156

QA signs off the Adobe Reader 9.5.1 and lower live block.
Comment 53 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-05 12:48:58 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #47)
> Pushed to production (all Windows-only):
> 
> Adobe Reader 10.0 to 10.1.3
> https://addons.mozilla.org/en-US/firefox/blocked/p158

QA signs off the Adobe Reader 10.0 to 10.1.3 live block.
Comment 54 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-05 14:10:44 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #51)
> Adobe Flash 10.2.* and lower
> https://addons.mozilla.org/en-US/firefox/blocked/p160

This block does not appear to be working as expected after being pushed live. Adobe Flash 10.1.85.3 and 10.2.159.1 are showing an info-bar block in Firefox 17 (not a CTP block). When testing on staging I got a CTP block for both. I'm not sure why this would be broken by the live push.
Comment 55 Jorge Villalobos [:jorgev] 2012-10-05 14:21:22 PDT
I just removed the old block on staging. After looking at the live block, I realized that it was meant for Windows and Mac OS, so on prod I modified the existing block to remove the Windows bits. It looks like it hasn't updated yet.
Comment 56 Jorge Villalobos [:jorgev] 2012-10-05 14:29:52 PDT
I tried saving the old block again to see if that kicks the cache into action. If that doesn't work, I'll remove and push the old block again, without the Windows bits so that it doesn't overlap with the new one.
Comment 57 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-05 15:26:20 PDT
Seems to be working properly now. I'll finish up the testing.
Comment 58 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-05 15:42:10 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #51)
> Adobe Flash 10.2.* and lower
> https://addons.mozilla.org/en-US/firefox/blocked/p160

QA signs off the Adobe Flash 10.2.* and lower live block. With that, all staged blocks are now signed off and live. To reiterate, the following plugins are CTP blocked in Firefox 17:

* Adobe Flash <= 10.2.*
* Adobe Reader <= 10.1.3
* Microsoft Silverlight <= 5.1.10410.0
Comment 59 Paul Silaghi, QA [:pauly] 2012-10-08 01:55:05 PDT
(In reply to Anthony Hughes, Mozilla QA (:ashughes) from comment #54)
> (In reply to Jorge Villalobos [:jorgev] from comment #51)
> > Adobe Flash 10.2.* and lower
> > https://addons.mozilla.org/en-US/firefox/blocked/p160
> 
> This block does not appear to be working as expected after being pushed
> live. Adobe Flash 10.1.85.3 and 10.2.159.1 are showing an info-bar block in
> Firefox 17 (not a CTP block). When testing on staging I got a CTP block for
> both. I'm not sure why this would be broken by the live push.

I can still reproduce this on FF 17 with Flash 10.1.85.3 and 10.2.152.26
Comment 60 Paul Silaghi, QA [:pauly] 2012-10-08 09:44:45 PDT
Please forget about the comment 59.
Comment 61 David Keeler [:keeler] (use needinfo?) 2012-10-08 11:53:50 PDT
It looks like Java was never added to the block - are we still doing this, or is there some information we need?
Comment 62 Jorge Villalobos [:jorgev] 2012-10-08 13:32:20 PDT
No, it was never added. Please file a new bug for it.

It's also worth noting that these blocks generated an unexpectedly high amount of traffic on the plugin check page, so we should wait some time before adding more big plugin blocks.
Comment 63 Dominik Friedrichs 2012-10-21 17:07:55 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #62)
> It's also worth noting that these blocks generated an unexpectedly high
> amount of traffic on the plugin check page

No kidding - did you guys check the user agents of the high traffic? Because I for one am still using FF 3.6 (spare me the preaching), and since you tinkered with this blocklist.xml (I dont fully understand why or what these new features should do), I got this plugin page every day. Deleting the blocklist didnt help; updating all the plugins didnt help. The only thing that did help was setting the file to read only after manually removing the severity="0" entries...
Comment 64 Paul Silaghi, QA [:pauly] 2012-10-22 05:40:17 PDT
(In reply to Anthony Hughes, Mozilla QA (:ashughes) from comment #58)
> the following plugins are CTP blocked in Firefox 17:
> * Adobe Flash <= 10.2.*
> * Adobe Reader <= 10.1.3
> * Microsoft Silverlight <= 5.1.10410.0

It seems that Silverlight 4.1.1039.0 is not blocked. Unfortunately I couldn't find the installation kit to re-test. Silverlight 4.0.60531.0 and 5.0.61118 are properly blocked.
http://www.microsoft.com/getsilverlight/locale/en-us/html/Microsoft%20Silverlight%20Release%20History.htm#SL_4_1_10329
Comment 65 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2012-10-22 05:50:39 PDT
Indeed, the only reliable source of Silverlight archives I can find is http://www.oldapps.com/silverlight.php and 4.1.1039.0 is not listed. Paul, please file a follow-up bug to investigate that particular Silverlight version. We are all done with this bug so any newly identified issues should be filed in separate bugs.
Comment 66 Jorge Villalobos [:jorgev] 2012-10-22 08:03:16 PDT
(In reply to Dominik Friedrichs from comment #63)
> No kidding - did you guys check the user agents of the high traffic? Because
> I for one am still using FF 3.6 (spare me the preaching), and since you
> tinkered with this blocklist.xml (I dont fully understand why or what these
> new features should do), I got this plugin page every day.

That is bug 802189, which we discovered after these blocks were deployed. We're still looking into it, because the plugin check page should be opened only once.
Comment 67 chrismildner 2013-01-11 13:33:03 PST
The IT staff is unable to do the update to the plugin. When they try to run as administrator the icon disappears or, if they get into the process, it doesn't allow them to login to their system which enables them to run programs.  I am not allowed to do any updates myself. Is there a way around this because I really don't want to use IE again!!! Thank you.
Chris Mildner cmildner@lhs.org
Comment 68 Jorge Villalobos [:jorgev] 2013-01-11 14:36:09 PST
If this is about the recent Java block (bug 829111), all current versions are blocked, so there's no new version to update to in order to avoid the block. The type of block allows anyone to enable the plugin per-site, though.
Comment 69 tina_hassrat 2013-02-05 08:33:25 PST
(In reply to Jorge Villalobos [:jorgev] from comment #4)
> Adobe Reader 10.0 to 10.1.3
> https://addons-dev.allizom.org/en-US/firefox/blocked/p145

(In reply to Jorge Villalobos [:jorgev] from comment #68)
> If this is about the recent Java block (bug 829111), all current versions
> are blocked, so there's no new version to update to in order to avoid the
> block. The type of block allows anyone to enable the plugin per-site, though.
Comment 70 saeed_tsr874 2013-03-22 17:02:12 PDT
Created attachment 728519 [details]
[spam]

NOTE: Please see https://wiki.mozilla.org/Release_Management/B2G_Landing to better understand the B2G approval process and landings.

[Approval Request Comment]
Bug caused by (feature/regressing bug #): 
User impact if declined: 
Testing completed: 
Risk to taking this patch (and alternatives if risky): 
String or UUID changes made by this patch:

[Approval Request Comment]
If this is not a sec:{high,crit} bug, please state case for ESR consideration:
User impact if declined: 
Fix Landed on Version:
Risk to taking this patch (and alternatives if risky): 
String or UUID changes made by this patch: 

See https://wiki.mozilla.org/Release_Management/ESR_Landing_Process for more info.

[Approval Request Comment]
Regression caused by (bug #): 
User impact if declined: 
Testing completed (on m-c, etc.): 
Risk to taking this patch (and alternatives if risky):

[Approval Request Comment]
Bug caused by (feature/regressing bug #): 
User impact if declined: 
Testing completed (on m-c, etc.): 
Risk to taking this patch (and alternatives if risky): 
String or UUID changes made by this patch:
Comment 71 Reed Loden [:reed] (use needinfo?) 2013-03-24 17:56:44 PDT
The content of attachment 728519 [details] has been deleted for the following reason:

File has nothing to do with this bug.
Comment 72 fsh 2013-04-26 18:05:30 PDT
(In reply to Jorge Villalobos [:jorgev] from comment #41)
> So, do you want me to remove the previous block? That should fix the problem.

For I want you to remove the previous block to the process of modernization and thank you for your cooperation
Comment 73 jullietmutesi2007 2013-04-27 22:35:48 PDT
Please disable and update
Comment 74 jullietmutesi2007 2013-04-27 22:40:59 PDT
Please update and save changes
Comment 75 Jorge Villalobos [:jorgev] 2013-04-29 09:23:10 PDT
Please read the Bugzilla Etiquette page before posting: https://bugzilla.mozilla.org/page.cgi?id=etiquette.html
Comment 76 sherlock 2013-05-25 21:09:05 PDT
(In reply to chrismildner from comment #67)
> The IT staff is unable to do the update to the plugin. When they try to run
> as administrator the icon disappears or, if they get into the process, it
> doesn't allow them to login to their system which enables them to run
> programs.  I am not allowed to do any updates myself. Is there a way around
> this because I really don't want to use IE again!!! Thank you.
> Chris Mildner cmildner@lhs.org

whats wrong with using ie it works fine with me
no slowness nor drag for me.
Comment 77 sherlock 2013-05-25 21:40:10 PDT
well did i pass the test
Comment 78 shaluthumbi112 2013-07-14 19:19:13 PDT
thanks
Comment 79 Валентин 2013-08-06 12:53:32 PDT
 Извините  меня очень давно интересует вопрос :  ПОЧЕМУ  я  ОБЯЗАН  переходить на версию продукта КОТОРАЯ МНЕ НЕ НРАВИТСЯ !!!
          Мне не нужна обновлённая версия !!!
 Зачем мне её впихивают , даже при попытке отослать  отзыв !
         Моя ( та что стоит у меня сейчас)  УСТОЙЧИВЕЕ !   Я пробовал почти все ваши обновлённые версии  ( попутно пробовал и другие браузеры ))  ,   и ВСЕГДА возвращался к старой, НАДЁЖНОЙ  версии Мазилы !
             Да и сейчас  я ВЫНУЖДЕННО  здесь зарегистрировался ,  ВЫ ЗАЧЕМ ТО ЗАПРЕТИЛИ ПЛАГИН  Адоба Акробат  ...
              Вы нехорошие люди ( мягко говоря !!!! ) :  НАСИЛЬНО  заставляете переходить на "новые" уродливые версии,  а тем кто не хочет этого  вы портите жизнь !         С какого фига вы посчитали что этот плагин влияет на безопасность(((((((         У себя на компьютере Я САМ  присмотрю за безопасностью !!
          КАК ВКЛЮЧИТЬ  снова плагин адоба акробат  ?!?
Comment 80 Anthony Hughes (:ashughes) [GFX][QA][Mentor] 2013-08-06 13:07:45 PDT
(In reply to Валентин from comment #79)

Google translate indicates you are wondering how to re-enable the Acrobat plug-in. There are two ways: either update to a version which is not vulnerable or manually whitelist it. More info can be found here:
http://support.mozilla.org/en-US/kb/why-do-i-have-click-activate-plugins
Comment 81 komoeyangonmyanmar 2013-08-12 03:57:30 PDT
save change and update
Comment 82 komoeyangonmyanmar 2013-08-12 04:06:30 PDT
save changes 797378 & update plugin
Comment 83 sourove.zaman 2013-08-31 08:16:35 PDT
save change and updater
Comment 84 sourove.zaman 2013-08-31 08:54:26 PDT
I THINK IT IS HELPFUL
Comment 85 mgholamreza92 2013-09-02 05:18:21 PDT
bug797378
Comment 86 musaalkhouri 2013-10-14 21:59:48 PDT
79738
Comment 87 celise_bucka 2013-12-16 14:42:02 PST
Created attachment 8348341 [details]
AcroRd32.exe
Comment 88 zuhiar5z 2014-01-28 08:40:29 PST
good
Comment 89 mutiaraismail03 2014-07-28 09:41:44 PDT
Created attachment 8463454 [details]
firefox.exe
Comment 90 Byron Jones ‹:glob› [PTO until 2017-01-09] 2014-07-28 10:29:25 PDT
The content of attachment 8348341 [details] has been deleted for the following reason:

suspect attachment
Comment 91 Byron Jones ‹:glob› [PTO until 2017-01-09] 2014-07-28 10:29:33 PDT
The content of attachment 8463454 [details] has been deleted for the following reason:

suspect attachment
Comment 92 addison.jaida2003 2014-11-07 07:44:37 PST
i hate this fvkin ****
Comment 93 fitrianurhasanah406@gmail.com 2015-04-03 18:37:06 PDT
[Tracking Requested - why for this release]:
Comment 94 pssingh560 2015-06-01 06:47:44 PDT
i like
Comment 95 Barbara Phillips 2016-02-01 20:30:38 PST
(In reply to Jorge Villalobos [:jorgev] from comment #5)
> Silverlight below 4.1.10329.0
> https://addons-dev.allizom.org/en-US/firefox/blocked/p147

(In reply to pssingh560 from comment #94)
> i like
Comment 96 emmamoshiy 2016-02-03 10:28:54 PST
[Tracking Requested - why for this release]:

Note You need to log in before you can comment on or make changes to this bug.