Adblock Plus and (a little) more
On rapid releases and version numbers · 2011-08-19 18:45 by Wladimir Palant
I’ve spent a little too much time arguing about rapid releases and version numbers in a German-language forum. In the end, I think that the benefits of rapid releases outweigh their disadvantages. It is indeed important for Mozilla to bring out new features faster, working more than a year on a release like it happened for Firefox 4 is unacceptable. Seeing Mozilla fall behind on caniuse.com and the like isn’t great, Mozilla shouldn’t become the factor slowing down progress on the web. Also, as an add-on author I like that release dates are predictable now, it allows planning in advance.
Details on the resolved Adblock Plus for Chrome security issue · 2011-08-17 12:55 by Wladimir Palant
Adblock Plus 1.1.4 for Google Chrome has been released today and fixes a minor security issue. This blog post provides some details.
Binary XPCOM components are dead - js-ctypes is the way to go · 2011-07-12 13:19 by Wladimir Palant
Daniel Glazman is shocked to see how hard shipping binary XPCOM components with an extension became now. Fact is, we simply didn’t notice the hidden message of blog posts announcing dropping binary compatibility (meaning that your component needs to be recompiled for each new Firefox version, no matter how simple it is) and rapid releases — binary XPCOM components in extensions are deprecated. Theoretically, somebody could still continue using them but it requires so much effort that nobody can be expected to do that. Unfortunately, I haven’t seen it said like that anywhere, hence this blog post. There is still tons of documentation on binary XPCOM components on MDN and no deprecation warnings. Even XPCOM changes in Gecko 2.0 page lists all the important changes without making any conclusions.
Are undetectable changes to a native prototype possible? · 2011-07-11 14:27 by Wladimir Palant
This is a follow-up to Do JavaScript proxies allow undetectable function wrappers?. After that blog post I managed to solve the main problem: with Function.toString() and Function.toSource() being the only information leaks (bug 650299) one only needs to wrap these functions as well to get undetectable function proxies. However, the remaining problem is manipulating Window.prototype.open so that it actually returns my wrapper and the webpage can neither detect nor revert this manipulation.
Update on AMO's performance tests · 2011-05-18 18:02 by Wladimir Palant
I forgot to update my overview of AMO’s performance measurements for their latest test run on May 14th, done it now. As Alice Nodelman notes, a bunch of bugs has been fixed on the technical side. Six weeks after the campaign announcement it finally looks like the most critical bugs are fixed and the numbers are mostly reliable.
Running Linux in the browser · 2011-05-17 18:50 by Wladimir Palant
I haven’t seen it mentioned on Planet yet, could it be that nobody heard? I’ve seen lots of cool browser demos lately but this one really blows me away: jslinux by Fabrice Bellard. This is a real x86 emulator written in JavaScript and running Linux, not a fake Linux terminal. The emulated hardware is somewhat limited (e.g. no FPU) but this doesn’t make packing an emulator into less than 20 kB of JavaScript code less impressive. The emulator loads a bunch of binary Linux images and — voilà, Linux boots up.
Signing Firefox extensions with Python and M2Crypto · 2011-05-15 00:07 by Wladimir Palant
Sadly, signing Firefox extensions isn’t easy. I’ve seen people give up not having mastered even the very first step (install NSS). And after that you have to use its cryptic command line tools to set up a database, import your certificate into it as well as any intermediate or root certificates required, and then actually use signtool to sign your files. Java’s signtool is easier to handle but incompatible (though, I think the only real difference is that it doesn’t put zigbert.rsa first in the archive). So while rewriting my build scripts in Python I took it as a chance and implemented signing in Python using M2Crypto module. One of the advantages for me was that my build script can now package up the extension entirely in memory, without having to write out intermediate results for signing.
Donations policy change · 2011-05-04 18:01 by Wladimir Palant
It has been eight months since Adblock Plus changed from a hobby project to a full-time employment for me. The other person employed in the project is Till who you might know from the forums and who is responsible for our business development. Unfortunately, despite the help I am getting from Till and the numerous volunteers there is a noticeable resources shortage in the project that is slowing down Adblock Plus development.
New round of AMO's performance tests (2011-04-16) · 2011-04-17 17:42 by Wladimir Palant
I uploaded the overview for the new round of AMO‘s performance tests. The bug that skewed most Windows results so far has been fixed, so the results are more usable now.
Do JavaScript proxies allow undetectable function wrappers? · 2011-04-15 18:13 by Wladimir Palant
I am looking into whether an extension can use JavaScript proxies to do something similar to the built-in pop-up blocker since the built-in pop-up blocker uses a fixed logic that cannot be extended. The goal is to wrap window.open method to verify that any calls are “legit”. Unfortunately, no matter what I try the webpage is able to detect that it is dealing with a proxy and not the real function.