Beginning on October 25th, 2016, Persona will no longer be an option for authentication on BMO. For more details see Persona Deprecated.
Last Comment Bug 830410 - Plugin block request: PDF Browser Plugin 2.4.2 and below
: Plugin block request: PDF Browser Plugin 2.4.2 and below
Product: Toolkit
Classification: Components
Component: Blocklisting (show other bugs)
: unspecified
: All All
: -- normal (vote)
: ---
Assigned To: Jorge Villalobos [:jorgev]
: juan becerra [:juanb]
: Jorge Villalobos [:jorgev]
Depends on:
Blocks: 693892
  Show dependency treegraph
Reported: 2013-01-14 10:13 PST by Scoobidiver (away)
Modified: 2016-03-07 15:30 PST (History)
8 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---

about:addons and plugin crash page (650.67 KB, image/png)
2013-01-15 10:28 PST, juan becerra [:juanb]
no flags Details

Description Scoobidiver (away) 2013-01-14 10:13:03 PST
Plugin name: PDF Browser Plugin
Plugin versions to block: 2.4.2
Applications, versions, and platforms affected: Firefox 18 and above, Mac OS X 10.6 and above
Block severity: (hard/soft)

How does this plugin appear in about:plugins?

Homepage and other references and contact info:

Reasons: Top crasher in 18.0 (bug 693892)
Comment 1 Benjamin Smedberg [:bsmedberg] 2013-01-14 11:38:39 PST
Are the crashes only in the plugin process? If so I'm not sure that the blocklist would actually be better than just letting the plugin crash.
Comment 2 Georg Fritzsche [:gfritzsche] [away Oct 21 - 24] 2013-01-14 12:35:01 PST
The crashes are in plugin code but per the signature summary 17.391% are running it in-process and hence get browser-crashes.
Comment 3 Benjamin Smedberg [:bsmedberg] 2013-01-14 12:55:31 PST
Not sure yet whether we want a CTP block or a hardblock, see bug 693892 comment 19
Comment 4 Benjamin Smedberg [:bsmedberg] 2013-01-15 06:41:58 PST
Reading the crash comment tea leaves, the affected version crashes every time it is used, so this should be a hardblock.

gfritzsche, can you paste the about:plugins data so Jorge can construct the block?
Comment 5 Georg Fritzsche [:gfritzsche] [away Oct 21 - 24] 2013-01-15 06:46:00 PST
File: PDF Browser Plugin.plugin
Version: 2.4.2
Description: View PDF documents within your web browser.
Comment 6 Jorge Villalobos [:jorgev] 2013-01-15 07:36:55 PST
The block is staged now:
Comment 7 juan becerra [:juanb] 2013-01-15 10:28:25 PST
Created attachment 702410 [details]
about:addons and plugin crash page

I tested this on staging, but I am not sure this is behaving like a hard block. Once I get the blocklist updated and try to load a PDF page I get a plugin crash message, and there is a corresponding crash in about:crashes

I tested this on Mac OS X with Firefox 18 and

Could someone double check this?
Comment 8 juan becerra [:juanb] 2013-01-15 10:30:28 PST
Reading comment #2 I get the impression this block makes things a lot better since the browser keeps running and only the plugin crashes, but I still want confirmation that this is the intended behavior for this block.
Comment 9 Georg Fritzsche [:gfritzsche] [away Oct 21 - 24] 2013-01-15 10:43:38 PST
Oh, so 2.4.2 is available if you just guess the file name, nice.

While i'm not sure on how exactly a hard-block is supposed to look like, the intent here is to avoid the plugin crashes (which will take down the browser if the plugin is not run out-of-process).
Comment 10 Jorge Villalobos [:jorgev] 2013-01-15 10:49:31 PST
(In reply to juan becerra [:juanb] from comment #7)
> Created attachment 702410 [details]
> about:addons and plugin crash page

You should have seen a dialog telling you that the plugin was blocked for your security, and the default action for that dialog should be to disable the plugin. Did you see the dialog? Did you change anything in it or enable the plugin after the fact?
Comment 11 juan becerra [:juanb] 2013-01-15 11:02:30 PST
I did not see the dialog at any point.
Comment 12 juan becerra [:juanb] 2013-01-15 11:13:31 PST
I've retested this due to the fact that earlier I had installed the latest version, then I installed the blocked version on top of it (without removing first). Now what I see is that when I start up the browser the PDF Browser Plugin is listed as disabled in about:addons and when I try to open a PDF document I get prompted to save the file.

I'm confident this is OK now, but, out of curiosity, why didn't my earlier testing work?
Comment 13 Jorge Villalobos [:jorgev] 2013-01-15 11:52:03 PST
(In reply to juan becerra [:juanb] from comment #12)
> I'm confident this is OK now, but, out of curiosity, why didn't my earlier
> testing work?

Might be an edge case in the add-ons manager block code. Not sure if this bug is already reported or not. Adding a couple of people who should know.
Comment 14 Jorge Villalobos [:jorgev] 2013-01-15 11:57:25 PST
The block is now live:
Comment 15 juan becerra [:juanb] 2013-01-15 13:56:31 PST
I've verified this in production.

Note You need to log in before you can comment on or make changes to this bug.