Re: Searchfox now provides code coverage information directly in the code listing!

2020-10-06 Thread Johann Hofmann
This is really really cool. Guess I'll stay loyal to the premier source code indexing tool for Mozilla Firefox. Thank you to everyone involved! On Tue, Oct 6, 2020 at 4:12 AM Andrew Sutherland < asutherl...@asutherland.org> wrote: > Have you ever been consulting the most excellent code coverage

Re: Intent to Ship: Require user interaction for session history entries

2020-06-09 Thread Johann Hofmann
once this is available on central. I filed bug 1644595 for continuing that discussion. Thanks for calling that out! On Tue, Jun 9, 2020 at 11:30 PM wrote: > On Tuesday, June 9, 2020 at 2:17:02 PM UTC-7, Johann Hofmann wrote: > > In bug 1515073 <https://bugzilla.mozilla.org/sho

Intent to Ship: Require user interaction for session history entries

2020-06-09 Thread Johann Hofmann
In bug 1515073 I plan to land an intervention that is aimed to reduce user frustration from an issue with malfunctioning or malicious websites which is commonly known as the “broken back button”. For user-initiated session history

Firefox Security Newsletter - 2019 in Recap

2020-04-20 Thread Johann Hofmann
ary override to allow early testers to avoid breakage. After a _series of experiments_ < https://blog.nightly.mozilla.org/2019/04/01/reducing-notification-permission-prompt-spam-in-firefox/ >, we launched _strong restrictions_ < https://blog.mozilla.org/futurereleases/201

Re: Intent to Prototype: ETP Cookie Purging

2020-04-20 Thread Johann Hofmann
this out. Cheers, Johann On Thu, Apr 9, 2020 at 11:26 PM Johann Hofmann wrote: > In bug 1628743 <https://bugzilla.mozilla.org/show_bug.cgi?id=1628743> I > plan to enable ETP cookie purging by default on Nightly only, affecting > both desktop and mobile. > > In shor

Intent to Prototype: ETP Cookie Purging

2020-04-09 Thread Johann Hofmann
In bug 1628743 I plan to enable ETP cookie purging by default on Nightly only, affecting both desktop and mobile. In short, ETP cookie purging is an attempt to protect against first-party redirect (“bounce”) trackers by periodically clearing

Re: Intent to unship: FTP protocol implementation

2020-03-19 Thread Johann Hofmann
Can you share some insight into the usage telemetry that was considered for unshipping this? On Thu, Mar 19, 2020 at 9:02 AM Henri Sivonen wrote: > On Thu, Mar 19, 2020 at 2:24 AM Michal Novotny > wrote: > > We plan to remove FTP protocol implementation from our code. > > Chrome's status

Re: Intent to ship: Optional Chaining Operator

2020-01-29 Thread Johann Hofmann
Just a note: Please be conservative about using this in m-c while it's not enabled in release yet, to avoid issues when uplifting patches. Otherwise, I think this is a great new feature that I'd love to use. On Wed, Jan 22, 2020 at 4:30 PM Patrick Brosset wrote: > Thanks Yulia, this is going to

Visibility of disabled tests

2020-01-08 Thread Johann Hofmann
Hi folks, in the past I and other triage owners have experienced some frequently failing tests being disabled without a clear notice to the triage owner, component owner or test author. I've seen this specific pattern a few times: - An intermittent test starts failing very frequently very

Re: Intent to prototype: Delegate and restrict permission in third party context

2019-12-06 Thread Johann Hofmann
I think the main question that needs to be answered here is: "How does that make the situation better?" There is an extensive document from the Chrome team on their motivation,

Intent to Ship: Require user interaction for notification permission prompts

2019-11-04 Thread Johann Hofmann
Starting from version 72, Firefox will require a user gesture when calling Notification.requestPermission() [0] and PushManager.subscribe() [1]. Requests that do not follow a user gesture will be automatically denied. We will, however, show a small UI indicator that can be used by Firefox users

Re: Intent to prototype: Web Speech API

2019-10-17 Thread Johann Hofmann
with the other, which I think is not unimaginable here. Hence my recommendation to avoid using the same permission name right now and using a separate UI as soon as that can be prioritized. On Wed, Oct 16, 2019, 19:43 Daniel Veditz wrote: > On Wed, Oct 16, 2019 at 4:40 AM Johann Hofmann >

Re: Intent to prototype: Web Speech API

2019-10-16 Thread Johann Hofmann
Putting on my hat as one of the people maintaining our permissions UI, I generally agree with Henri that it would be nice to have a slightly different UI for this use-case, i.e. as far as I can see the presented origin does not in fact get access to the user's microphone and it's a bit unclear

Intent to Ship: Move Extended Validation Information out of the URL bar

2019-08-12 Thread Johann Hofmann
In desktop Firefox 70, we intend to remove Extended Validation (EV) indicators from the identity block (the left hand side of the URL bar which is used to display security / privacy information). We will add additional EV information to the identity panel instead, effectively reducing the exposure

Re: Intent to Ship: Show an indicator for insecure HTTP in the URL bar

2019-07-16 Thread Johann Hofmann
I tried embedding it in my email but email is apparently complicated, so I also attached it to the bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1562881#c8 Thanks for letting me know :) On Tue, Jul 16, 2019 at 9:08 PM Dirkjan Ochtman wrote: > On Tue, Jul 16, 2019, 19:52 Johann Hofm

Intent to Ship: Show an indicator for insecure HTTP in the URL bar

2019-07-16 Thread Johann Hofmann
(This was originally posted to both dev-platform and firefox-dev, but seems to have gotten lost on dev-platform at least for some subscribers, so I'm resending. Apologies if you've received this twice now.) In desktop Firefox 70, we intend to show an icon in the “identity block” (the left hand

Intent to Ship: Show an indicator for insecure HTTP in the URL bar

2019-07-16 Thread Johann Hofmann
In desktop Firefox 70, we intend to show an icon in the “identity block” (the left hand side of the URL bar which is used to display security / privacy information) that marks all sites served over HTTP (as well as FTP and certificate errors) as insecure. This change is part of our new

Re: Intent to implement and experiment: Require user interaction for notification permission prompts

2019-04-02 Thread Johann Hofmann
On Tue, Apr 2, 2019 at 10:20 AM Henri Sivonen wrote: > On Tue, Mar 19, 2019 at 3:15 PM Johann Hofmann > wrote: > > > > In bug 1524619 <https://bugzilla.mozilla.org/show_bug.cgi?id=1524619> I > > plan to implement support for requiri

Re: Intent to implement and experiment: Require user interaction for notification permission prompts

2019-04-02 Thread Johann Hofmann
encourage you to remove your existing Notification permissions in about:preferences. I'll keep you posted on the results of these experiments and whenever we make a decision that impacts the release channel. Thanks! Johann On Tue, Mar 19, 2019 at 2:15 PM Johann Hofmann wrote: > In bug 1524619 <

Intent to implement and experiment: Require user interaction for notification permission prompts

2019-03-19 Thread Johann Hofmann
In bug 1524619 I plan to implement support for requiring a user gesture when calling Notification.requestPermission() [0] and PushManager.subscribe() [1]. The rationale is the increasing amount of unsolicited, out-of-context notification

Re: CookieSettings

2019-03-12 Thread Johann Hofmann
Hi Baku, thank you for all the work on this. For completeness sake I would like to mention that we are adapting to this new (and finally explicit!) cookie preferences user experience in https://bugzilla.mozilla.org/show_bug.cgi?id=1526075, where users are given the choice to reload their tabs so

Intent to require Secure Context for Web Notifications

2019-02-25 Thread Johann Hofmann
The Notifications API [0] allows websites to show notifications outside of the browser viewport, integrating into the native OS-like notification system. In combination with service workers this can be used to send push notifications that work even when the website is not opened. While the latter

Re: Cookie policy/permission in live documents - proposal

2019-02-04 Thread Johann Hofmann
In my experience having to restart applications to make settings apply is the worst thing ever, hence I really like your mock. We should make sure to include it in the bug (or a follow-up) for this proposed change. On Thu, Jan 31, 2019 at 8:13 PM wrote: > On Monday, January 28, 2019 at 11:08:32

Re: Cookie policy/permission in live documents - proposal

2019-01-28 Thread Johann Hofmann
Thanks for writing this up and adding the great explanations, Andrea! I think your proposal has a lot of benefits and I don't have any major concerns about it, I would just like to add a few comments: Just to reiterate, per your proposal the cookie policy (network.cookieBehavior pref) and

Re: mozilla-central Fails to Build on Mac With Latest Xcode (10.0)

2018-09-25 Thread Johann Hofmann
Also note that at least two of us were running into this issue after successfully compiling Nightly on Mojave: https://bugzilla.mozilla.org/show_bug.cgi?id=1494022 Until that is fixed you might need to downgrade to the 10.13 OSX SDK to compile Firefox. On Tue, Sep 25, 2018 at 5:42 PM Dave

Re: PSA: Major preference service architecture changes inbound

2018-07-20 Thread Johann Hofmann
Since I have seen several people point out in this thread that there's *probably* code that excessively accesses prefs: You can easily assert the name and amount of different prefs that are read during whatever scenario you'd like to perform by adding to this test (or writing your own version of

No more unsafe innerHTML in system privileged Firefox code, for good

2018-06-01 Thread Johann Hofmann
tl;dr Raw markup injection (e.g. through innerHTML) in system-privileged content is automatically sanitized and we have removed all exceptions to this rule. You should still not use innerHTML and friends. Hello everyone, The danger of remote code execution (RCE) exploits through unescaped

Re: Intent to unship: "storage" attribute in options for indexedDB.open()

2018-03-07 Thread Johann Hofmann
d DevTools >> use the system principal and migrate existing data? >> >> [1]: >> https://searchfox.org/mozilla-central/rev/bffd3e0225b65943364be721881470590b9377c1/devtools/shared/indexed-db.js#34 >> >> - Ryan >> >> On Tue, Mar 6, 2018 at 9:58 AM,

Intent to unship: "storage" attribute in options for indexedDB.open()

2018-03-06 Thread Johann Hofmann
I would like to unship the proprietary "storage" attribute in indexedDB.open()[0]. It allows developers to prevent their indexedDB storage from being evicted as part of quota management[1]. However, there is a web standard which specifies a better persistent storage mechanism and has broader

Re: Chrome will start marking HTTP pages as "Not secure"

2018-02-09 Thread Johann Hofmann
Yeah, there's a team working on this stuff (and they/we have been in touch with the Chrome people for a long time) and this is not a call we should make on a mailing list. There's a valid concern around warning fatigue (plastering so many sites with "Insecure" that users easily dismiss it) and we

Re: PSA: HTML injection in chrome documents is now automatically sanitized

2018-02-02 Thread Johann Hofmann
I don't think these rewrites fit the definition of a good first bug. I'm all for working with volunteers on this, since these are good isolated, non-time-sensitive projects to tackle, but I can't think of an innerHTML example in our codebase that matches the low difficulty we usually apply to

Re: Revocation protocol idea

2017-03-23 Thread Johann Hofmann
Hey, concerns about the viability of such a decentralized systems aside, I still don't understand the advantage of blocking on an API level vs. simply showing the SafeBrowsing error page that we currently have in place. Why would we continue to allow a user to visit a clearly harmful page?