Mozilla Nederland LogoDe Nederlandse
Mozilla gemeenschap

Firefox Pleads for Cash with In-Browser Fundraiser - CIO

Nieuws verzameld via Google - ti, 16/12/2014 - 21:41


Firefox Pleads for Cash with In-Browser Fundraiser
Mozilla has been running a fundraiser from within its Firefox browser, a program that will run through the end of the year. When users launch Firefox they may see a PBS-style pitch for money on the browser's start screen, which normally is a minimalist ...
Priv8 adds sandboxed tabs to FirefoxGhacks Technology News

alle 3 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Nathan Froyd: what’s new in xpcom

Mozilla planet - ti, 16/12/2014 - 19:14

I was talking to somebody at Mozilla’s recent all-hands meeting in Portland, and in the course of attempting to provide a reasonable answer for “What have you been doing lately?”, I said that I had been doing a lot of reviews, mostly because of my newfound duties as XPCOM module owner. My conversational partner responded with some surprise that people were still modifying code in XPCOM at such a clip that reviews would be a burden. I responded that while the code was not rapidly changing, people were still finding reasons to do significant modifications to XPCOM code, and I mentioned a few recent examples.

But in light of that conversation, it’s good to broadcast some of the work I’ve had the privilege of reviewing this year.  I apologize in advance for not citing everybody; in particular, my reviews email folder only goes back to August, so I have a very incomplete record of what I’ve reviewed in the past year.  In no particular order:

Categorieën: Mozilla-nl planet

Jövő tavaszra készül el a Mozilla új, szuperbiztos programozási nyelve - Prog.Hu

Nieuws verzameld via Google - ti, 16/12/2014 - 18:39


Jövő tavaszra készül el a Mozilla új, szuperbiztos programozási nyelve
A Mozilla a napokban frissítette erősen párhuzamos működésre tervezett új programozási nyelve kiadási ütemtervét. A módosítások értelmében a Rust 1.0 legkorábban jövő tavasszal jelenhet majd meg végleges kiadásban - bár több előzetes verzió kiadása ...

en meer »Google Nieuws
Categorieën: Mozilla-nl planet

Michael Kaply: Managing Firefox with Group Policy and PolicyPak

Mozilla planet - ti, 16/12/2014 - 18:09

A lot of people ask me how to manage Firefox using Windows Group Policy. To that end, I have been working with a company called PolicyPak to help enhance their product to have more of the features that people are asking for (not just controlling preferences.) It's taken about a year, but the results are available for download now.

You can now manage the following things (and more) using PolicyPak, Group Policy and Firefox:

  • Set and lock almost all preference settings (homepage, security, etc) plus most settings in about:config
  • Set site specific permissions for pop-ups, cookies, camera and microphone
  • Add or remove bookmarks on the toolbar or in the bookmarks folder
  • Blacklist or whitelist any type of add-on
  • Add or remove certificates
  • Disable private browsing
  • Turn off crash reporting
  • Prevent access to local files
  • Always clear saved passwords
  • Disable safe mode
  • Remove Firefox Sync
  • Remove various buttons from Options

If you want to see it in action, you can check out these videos.

And if you've never heard of PolicyPak, you might have heard of the guy who runs it - Jeremy Moskowitz. He's a Group Policy MVP and literally wrote the book on Group Policy.

On a final note, if you decide to purchase, please let them know you heard about it from me.

Categorieën: Mozilla-nl planet

Jennie Rose Halperin: Leaving Mozilla as staff

Mozilla planet - ti, 16/12/2014 - 17:58

December 31 will be my last day as paid staff on the Community Building Team at Mozilla.

One year ago, I settled into a non-stop flight from Raleigh, NC to San Francisco and immediately fell asleep. I was exhausted; it was the end of my semester and I had spent the week finishing a difficult databases final, which I emailed to my professor as soon as I reached the hotel, marking the completion of my coursework in Library Science and the beginning of my commitment to Mozilla.

The next week was one of the best of my life. While working, hacking, and having fun, I started on the journey that has carried me through the past exhilarating months. I met more friendly faces than I could count and felt myself becoming part of the Mozilla community, which has embraced me. I’ve been proud to call myself a Mozillian this year, and I will continue to work for the free and open Web, though currently in a different capacity as a Rep and contributor.

I’ve met many people through my work and have been universally impressed with your intelligence, drive, and talent. To David, Pierros, William, and particularly Larissa, Christie, Michelle, and Emma, you have been my champions and mentors. Getting to know you all has been a blessing.

I’m not sure what’s next, but I am happy to start on the next step of my career as a Mozillian, a community mentor, and an open Web advocate. Thank you again for this magical time, and I hope to see you all again soon. Let me know if you find yourself in Boston! I will be happy to hear from you and pleased to show you around my hometown.

If you want to reach out, find me on IRC: jennierose. All the best wishes for a happy, restful, and healthy holiday season.

Categorieën: Mozilla-nl planet

Mozilla公布Rust 1.0版本的发布计划 - 博客园 (博客)

Nieuws verzameld via Google - ti, 16/12/2014 - 16:10

Mozilla公布Rust 1.0版本的发布计划
博客园 (博客)
Rust 是Mozilla 开发的注重安全、性能和并发性的编程语言。从2012 年问世以来,Rust 力图实现包括代数数据类型、闭包、类型推导、保证内存安全以及最小化运行时等诸多特性,且经历了快速的发展。当前,Rust 团队已经将目 ...

en meer »Google Nieuws
Categorieën: Mozilla-nl planet

Firefox OS Expands to Nearly 30 Countries

Mozilla Blog - ti, 16/12/2014 - 15:41
Firefox OS has brought choice to the mobile industry with 14 smartphones offered by 14 operators in 28 countries. Firefox OS unlocks mobile ecosystem participants from the barriers set by proprietary systems, allowing for independence, control and innovation. More choices … Continue reading
Categorieën: Mozilla-nl planet

Mike Hommey: One step closer to git push to mercurial

Mozilla planet - ti, 16/12/2014 - 13:54

In case you missed it, I’m working on a new tool to use mercurial remotes in git. Since my previous post, I landed several fixes making clone and pull more reliable:

  • Of 247316 unique changesets in the various mozilla-* repositories, now only two (but both in fact come from the same patch, one of the changesets being a backport to aurora of the other) are “corrupted” because their mercurial date have a timezone with a second.
  • Of 23542 unique changesets in the canonical mercurial repository, only three are “corrupted” because their raw mercurial data contains, for an unknown reason, a whitespace after the timezone.

By corrupted, here, I mean that the round-trip hg->git->hg doesn’t lead to matching their sha1. They will be fixed eventually, but I haven’t decided how yet, because they’re really edge cases. They’re old enough that they don’t really matter for push anyways.

Pushing to mercurial, however, is still not there, but it’s getting closer. It involves several operations:

  • Negotiating with the mercurial server what it doesn’t have that we do.
  • Creating mercurial changesets, manifests and files for local git commits that were not imported from mercurial.
  • Creating a bundle of the mercurial changesets, manifests and files that we have that the server doesn’t.
  • Pushing that bundle to the server.

The first step is mostly covered by the pull code, that does a similar negotiation. I now have the third step covered (although I cheated around the “corruptions” mentioned above):

$ git clone hg:: Cloning into 'hg'... (...) Checking connectivity... done. $ cd hg $ git hgbundle > ../hg.hg $ mkdir ../hg2 $ cd ../hg2 $ hg init $ hg unbundle ../hg.hg adding changesets adding manifests adding file changes added 23542 changesets with 44305 changes to 2272 files (run 'hg update' to get a working copy) $ hg verify checking changesets checking manifests crosschecking files in changesets and manifests checking files 2272 files, 23542 changesets, 44305 total revisions

Note: that hgbundle command won’t actually exist. It’s just an intermediate step allowing me to work incrementally.

In case you wonder what happens when the bundle contains bad data, mercurial fortunately rejects it:

$ cd ../hg $ git hgbundle-corrupt > ../hg.hg $ mkdir ../hg3 $ cd ../hg3 $ hg unbundle ../hg.hg adding changesets transaction abort! rollback completed abort: integrity check failed on 00changelog.i:3180!
Categorieën: Mozilla-nl planet

Rust: Mozilla stellt Ende März neue Programmiersprache vor - PC-Welt

Nieuws verzameld via Google - ti, 16/12/2014 - 13:36


Rust: Mozilla stellt Ende März neue Programmiersprache vor
Nach der Freigabe von Rust 1.0.0 würde zu dem bekannten Veröffentlichungssystem mit Nightly-Builds, Beta-Versionen und stabilen Endversionen übergehen. Das kennt man ja auch von Firefox, dem bekanntesten Produkt von Mozilla.
Mozilla: Rust 1.0 kommt im Frühjahr
Mozilla: Rust 1.0 im nächsten JahrPro-Linux
Mozillas C/C++-Konkurrent: Rust 1.0 erscheint wohl im Frühjahr 2015Heise Newsticker

alle 5 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Andrea Marchesini: Priv8 is out!

Mozilla planet - ti, 16/12/2014 - 10:29

Download page: click here

What is priv8? This is a Firefox addon that uses part of the security model of Firefox OS to create sandboxed tabs. Each sandbox is a completely separated world: it doesn’t share cookies, storage, and a lots of other stuff with the rest of Firefox, but just with other tabs from the same sandbox.

Each sandbox has a name and a color, therefore it will be always easy to identify which tab is sandboxed.

Also, these sandboxes are permanent! So, when you open one of them the second time, maybe after a restart, that sandbox will still have the same cookies, same storage, etc - as you left the previous time.

You can also switch between sandboxes using the context menu for the tab.

Here an example: with priv8 you can read your gmail webmail in a tab, and another gmail webmail in another tab at the same time. Still, you can be logged in on Facebook in a tab and not in the others. This is nice!

Moreover, if you are a web developer and you want to test a website using multiple accounts, priv8 gives you the opportunity to have each account in a sandboxed tab. Much easier then have multiple profiles or login and logout manung>ally every time!

Is it stable? I don’t know :) It works but more test must be done. Help needed!

Known issues?

  • doesn’t work from a sandbox
  • e10s is not supported yet.
  • The UI must be improved.


The manager

This is the manager, where you can “manage” your sandboxes.

The panel

The panel is always accessible from the firefox toolbar.

Context menu

The context menu allows you to switch between sandboxes for the current tab. This will reload the tab after the switch.

3 gmail tabs

3 separate instances of Gmail at the same time.

License: Priv8 is released under Mozilla Public License.
Source code: bakulf :: priv8

Categorieën: Mozilla-nl planet

Jövő tavaszra készült el a Mozilla új, szuperbiztos programozási nyelve - Prog.Hu

Nieuws verzameld via Google - ti, 16/12/2014 - 09:20


Jövő tavaszra készült el a Mozilla új, szuperbiztos programozási nyelve
A Mozilla a napokban frissítette erősen párhuzamos működésre tervezett új programozási nyelve kiadási ütemtervét. A módosítások értelmében a Rust 1.0 legkorábban jövő tavasszal jelenhet majd meg végleges kiadásban - bár több előzetes verzió kiadása ...

Google Nieuws
Categorieën: Mozilla-nl planet

Mozilla公布Rust 1.0版本的发布计划 - InfoQ: 时刻关注企业软件开发领域的变化与创新

Nieuws verzameld via Google - ti, 16/12/2014 - 08:26

Mozilla公布Rust 1.0版本的发布计划
InfoQ: 时刻关注企业软件开发领域的变化与创新
Rust是Mozilla开发的注重安全、性能和并发性的编程语言。从2012年问世以来,Rust力图实现包括代数数据类型、闭包、类型推导、保证内存安全以及最小化运行时等诸多特性,且经历了快速的发展。当前,Rust团队已经将目光投向 ...

Google Nieuws
Categorieën: Mozilla-nl planet

Byron Jones: happy bmo push day!

Mozilla planet - ti, 16/12/2014 - 07:47

the following changes have been pushed to

  • [1063818] Updates to
  • [1111954] Updates to Spreadsheet Data in
  • [1092578] Decide if an email needs to be encrypted at the time it is generated, not at the time it is sent
  • [1107275] Include Build.PL file for bmo/4.2 to install Perl dependencies (useful for Travis CI, etc.)
  • [829358] Changing the name of a private attachment in an unhidden bug results in the name change being sent unencrypted
  • [1104291] The form.web.bounty page does not say it’s a bounty form
  • [1105585] Fix bug bounty form to validate its input more and relax the restriction on the paid field to include -+? suffix
  • [1105155] Indicate that an existing comment has been modified for tracking flags with prefill text
  • [1105745] changes made via the bounty form are not emailed immediately
  • [1111862] HTML code injection in review history page

discuss these changes on

Filed under: bmo, mozilla
Categorieën: Mozilla-nl planet

Cameron McCormack: Submission

Mozilla planet - ti, 16/12/2014 - 05:10

254 pages, eleven and a half years of my life.

Me submitting my thesis at the Monash Institute of Graduate Research office.

 Authoring and Publishing Adaptive Diagrams.

Now for the months-long wait for the examiners to review it.

Categorieën: Mozilla-nl planet

Paul Rouget: Firefox.html screencast

Mozilla planet - ti, 16/12/2014 - 01:00

Firefox.html screencast. Contribute:

Youtube video:
Categorieën: Mozilla-nl planet

David Humphrey: Video killed the radio star

Mozilla planet - mo, 15/12/2014 - 23:31

One of the personal experiments I'm considering in 2015 is a conscious movement away from video-based participation in open source communities. There are a number of reasons, but the main one is that I have found the preference for "realtime," video-based communication media inevitably leads to ever narrowing circles of interaction, and eventually, exclusion.

I'll speak about Mozilla, since that's the community I know best, but I suspect a version of this is happening in other places as well. At some point in the past few years, Mozilla (the company) introduced a video conferencing system called Vidyo. It's pretty amazing. Vidyo makes it trivial to setup a virtual meeting with many people simultaneously or do a 1:1 call with just one person. I've spent hundreds of hours on Vidyo calls with Mozilla, and other than the usual complaints one could level against meetings in general, I've found them very productive and useful, especially being able to see and hear colleagues on the other side of the country or planet.

Vidyo is so effective that for many parts of the project, it has become the default way people interact. If I need to talk to you about a piece of code, for example, it would be faster if we both just hopped into Vidyo and spent 10 minutes hashing things out. And so we do. I'm guilty of this.

I'm talking about Vidyo above, but substitute Skype or Google Hangouts or or some cool WebRTC thing your friend is building on Github. Video conferencing isn't a negative technology, and provides some incredible benefits. I believe it's part of what allows Mozilla to be such a successful remote-friendly workplace (vs. project). I don't believe, however, that it strengthens open source communities in the same way.

It's possible on Vidyo to send an invitation URL to someone without an account (you need an account to use it, by the way). You have to be invited, though. Unlike irc, for example, there is no potential for lurking (I spent years learning about Mozilla code by lurking on irc in #developers). You're in or you're out, and people need to decide which it will be. Some people work around this by recording the calls and posting them online. The difficulty here is that doing so converts what was participation into performance--one can watch what happened, but not engage it, not join the conversation and therefore the decision making. And the more we use video, the more likely we are to have that be where we make decisions, further making it difficult for those not in the meeting to be part of the discussion.

Even knowing that decisions have been made becomes difficult in a world where those decisions aren't sticky, and go un-indexed. If we decided in a mailing list, bug, irc discussion, Github issue, etc. we could at least hope to go back and search for it. So too could interested members of the community, who may wish to follow along with what's happening, or look back later when the details around how the decision came to be become important.

I'll go further and suggest that in global, open projects, the idea that we can schedule a "call" with interested and affected parties is necessarily flawed. There is no time we can pick that has us all, in all timezones, able to participate. We shouldn't fool ourselves: such a communication paradigm is necessarily geographically rooted; it includes people here, even though it gives the impression that everyone and anyone could be here. They aren't. They can't be. The internet has already solved this problem by privileging asynchronous communication. Video is synchronous.

Not everything can or should be open and public. I've found that certain types of communication work really well over video, and we get into problems when we do too much over email, mailing lists, or bugs. For example, a conversation with a person that requires some degree of personal nuance. We waste a lot of time, and cause unnecessary hurt, when we always choose open, asynchronous, public communication media. Often scheduling an in person meeting, getting on the phone, or using video chat would allow us to break through a difficult impasse with another person.

But when all we're doing is meeting as a group to discuss something public, I think it's worth asking the question: why aren't we engaging in a more open way? Why aren't we making it possible for new and unexpected people to observe, join, and challenge us? It turns out it's a lot easier and faster to make decisions in a small group of people you've pre-chosen and invited; but we should consider what we give up in the name of efficiency, especially in terms of diversity and the possibility of community engagement.

When I first started bringing students into open source communities like Mozilla, I liked to tell them that what we were doing would be impossible with other large products and companies. Imagine showing up at the offices of Corp X and asking to be allowed to sit quietly in the back of the conference room while the engineers all met. Being able to take them right into the heart of a global project, uninvited, and armed only with a web browser, was a powerful statement; it says: "You don't need permission to be one of us."

I don't think that's as true as it used to be. You do need permission to be involved with video-only communities, where you literally have to be invited before taking part. Where most companies need to guard against leaks and breaches of many kinds, an open project/company needs to regularly audit to ensure that its process is porous enough for new things to get in from the outside, and for those on the inside to regularly encounter the public.

I don't know what the right balance is exactly, and as with most aspects of my life where I become unbalanced, the solution is to try swinging back in the other direction until I can find equilibrium. In 2015 I'm going to prefer modes of participation in Mozilla that aren't video-based. Maybe it will mean that those who want to work with me will be encouraged to consider doing the same, or maybe it will mean that I increasingly find myself on the outside. Knowing what I do of Mozilla, and its expressed commitment to working open, I'm hopeful that it will be the former. We'll see.

Categorieën: Mozilla-nl planet

Daniel Stenberg: Can curl avoid to be in a future funnily named exploit that shakes the world?

Mozilla planet - mo, 15/12/2014 - 23:21

During this year we’ve seen heartbleed and shellshock strike (and a  few more big flaws that I’ll skip for now). Two really eye opening recent vulnerabilities in projects with many similarities:

  1. Popular corner stones of open source stacks and internet servers
  2. Mostly run and maintained by volunteers
  3. Mature projects that have been around since “forever”
  4. Projects believed to be fairly stable and relatively trustworthy by now
  5. A myriad of features, switches and code that build on many platforms, with some parts of code only running on a rare few
  6. Written in C in a portable style

Does it sound like the curl project to you too? It does to me. Sure, this description also matches a slew of other projects but I lead the curl development so let me stay here and focus on this project.

cURLAre we in jeopardy? I honestly don’t know, but I want to explain what we do in our project in order to minimize the risk and maximize our ability to find problems on our own before they become serious attack vectors somewhere!

previous flaws

There’s no secret that we have let security problems slip through at times. We’re right now working toward our 143rd release during our around 16 years of life-time. We have found and announced 28 security problems over the years. Looking at these found problems, it is clear that very few security problems are discovered quickly after introduction. Most of them linger around for several years until found and fixed. So, realistically speaking based on history: there are security bugs still in the code, and they have probably been present for a while already.

code reviews and code standards

We try to review all patches from people without push rights in the project. It would probably be a good idea to review all patches before they go in for real, but that just wouldn’t work with the (lack of) man power we have in the project while we at the same time want to develop curl, move it forward and introduce new things and features.

We maintain code standards and formatting to keep code easy to understand and follow. We keep individual commits smallish for easier review now or in the future.

test cases

As simple as it is, we test that the basic stuff works. We don’t and can’t test everything but having test cases for most things give us the confidence to change code when we see problems as we then remain fairly sure things keep working the same way as long as the test go through. In projects with much less test coverage, you become much more conservative with what you dare to change and that also makes you more vulnerable.

We always want more test cases and we want to improve on how we always add test cases when we add new features and ideally we should also add new test cases when we fix bugs so that we know that we don’t introduce any such bug again in the future.

static code analyzes

We regularly scan our code base using static code analyzers. Both clang-analyzer and coverity are good tools, and they help us by pointing out code that look wrong or suspicious. By making sure we have very few or no such flaws left in the code, we minimize the risk. A static code analyzer is better than run-time tools for cases where they can check code flows that are hard to repeat in my local environment.


bike helmetValgrind is an awesome tool to detect memory problems in run-time. Leaks or just stupid uses of memory or related functions. We have our test suite automatically use valgrind when it runs tests in case it is present and it helps us make sure that all situations we test for are also error-free from valgrind’s point of view.


Building and testing curl on a plethora of platforms non-stop is also useful to make sure we don’t depend on behaviors of particular library implementations or non-standard features and more. Testing it all is basically the only way to make sure everything keeps working over the years while we continue to develop and fix bugs. We would course be even better off with more platforms that would test automatically and with more developers keeping an eye on problems that show up there…

code complexity

Arguably, one of the best ways to avoid security flaws and bugs in general, is to keep the source code as simple as possible. Complex functions need to be broken down into smaller functions that are possible to read and understand. A good way to identify functions suitable for fixing is pmccabe,

essential third parties

curl and libcurl are usually built to use a whole bunch of third party libraries in order to perform all the functionality. In order to not have any of those uses turn into a source for trouble we must of course also participate in those projects and help them stay strong and make sure that we use them the proper way that doesn’t lead to any bad side-effects.

You can help!

All this takes time, energy and system resources. Your contributions and help will be appreciated where ever among these tasks that you can insert any. We could do more of all this, more often and more thorough if we only were more people involved!

Categorieën: Mozilla-nl planet

Julien Vehent: Stripe's AWS-Go and uploading to S3

Mozilla planet - mo, 15/12/2014 - 22:05

Yesterday, I discovered Stripe's AWS-Go library, and the magic of auto-generated API clients (which is one fascinating topic that I'll have to investigate for MIG).

I took on the exercise of writing a simple file upload tool using aws-go. It was fairly easy to achieve, considering the complexity of AWS's APIs. I would have to evaluate aws-go further before recommending it as a comprehensive AWS interface, but so far it seems complete. Check out for a detailed doc.

The source code is below. It reads credentials from ~/.awsgo:

$ cat ~/.awsgo
    accesskey = "AKI...."
    secretkey = "mw0...."

It takes a file to upload as the only argument, and returns the URL where it is posted.

$ ./s3up s3up is not revolutionary compared to python & boto, but benefits from Go's very clean approach to programming. And getting rid of install dependencies, pip and python{2{6,7},3} hell is kinda nice!

package main import ( "" "fmt" "" "" "os" ) // conf takes an AWS configuration from a file in ~/.awsgo // example: // // [credentials] // accesskey = "AKI...." // secretkey = "mw0...." // type conf struct { Credentials struct { AccessKey string SecretKey string } } func main() { var ( err error conf conf bucket string = "testawsgo" // change to your convenience fd *os.File contenttype string = "binary/octet-stream" ) // obtain credentials from ~/.awsgo credfile := os.Getenv("HOME") + "/.awsgo" _, err = os.Stat(credfile) if err != nil { fmt.Println("Error: missing credentials file in ~/.awsgo") os.Exit(1) } err = gcfg.ReadFileInto(&conf, credfile) if err != nil { panic(err) } // create a new client to S3 api creds := aws.Creds(conf.Credentials.AccessKey, conf.Credentials.SecretKey, "") cli := s3.New(creds, "us-east-1", nil) // open the file to upload if len(os.Args) != 2 { fmt.Printf("Usage: %s <inputfile>\n", os.Args[0]) os.Exit(1) } fi, err := os.Stat(os.Args[1]) if err != nil { fmt.Printf("Error: no input file found in '%s'\n", os.Args[1]) os.Exit(1) } fd, err = os.Open(os.Args[1]) if err != nil { panic(err) } defer fd.Close() // create a bucket upload request and send objectreq := s3.PutObjectRequest{ ACL: aws.String("public-read"), Bucket: aws.String(bucket), Body: fd, ContentLength: aws.Integer(int(fi.Size())), ContentType: aws.String(contenttype), Key: aws.String(fi.Name()), } _, err = cli.PutObject(&objectreq) if err != nil { fmt.Printf("Error: %v\n", err) } else { fmt.Printf("%s\n", ""+bucket+"/"+fi.Name()) } // list the content of the bucket listreq := s3.ListObjectsRequest{ Bucket: aws.StringValue(&bucket), } listresp, err := cli.ListObjects(&listreq) if err != nil { panic(err) } if err != nil { fmt.Printf("Error: %v\n", err) } else { fmt.Printf("Content of bucket '%s': %d files\n", bucket, len(listresp.Contents)) for _, obj := range listresp.Contents { fmt.Println("-", *obj.Key) } } }
Categorieën: Mozilla-nl planet

Pomax: Let's make a Firefox Extension, the painless way

Mozilla planet - mo, 15/12/2014 - 20:10

Ever had a thing you really wanted to customise about Firefox, but you couldn't because it wasn't in any regular menu, advanced menu, or about:config?

For instance, you want to be able to delete elements on a page for peace of mind from the context menu. How the heck do you do that? Well, with the publication of the new node-based jpm, the answer to that question is "pretty dang simply"...

Let's make our own Firefox extension with a "Delete element" option added to the context menu:

a screenshot of the Firefox page context menu with a 'delete element' option

We're going to make that happen in five steps.

  1. Install jpm -- in your terminal simply run: npm install -g jpm (make sure you have node.js installed) and done (this is mostly prerequisite to developing an extension, so you only have to do this once, and then never again. For future extensions, you start at step 2!)
  2. Create a dir for working on your extension whereveryou like, navigate to it in the terminal and run: jpm init to set up the standard files necessary to build your extension. Good news: it's very few files!
  3. Edit the index.js file that command generated, writing whatever code you need to do what you want to get done,
  4. Turn your code into an .xpi extension by running : jpm xpi,
  5. Install the extension by opening the generated .xpi file with Firefox

Of course, step (3) is the part that requires some effort, but let's run through this together. We're going to pretty much copy/paste the code straight from the context menu API documentation:

// we need to make sure we have a hook into "things" we click on: 1: var self = require("sdk/self"); // and we'll be using the context menu, so let's make sure we can: 2: var contextMenu = require("sdk/context-menu"); // let's add a menu item! 3: var menuItem = contextMenu.Item({ // the label is pretty obvious... 4: label: "Delete Element", // the context tells Firefox which things should have this in their context // menu, as there are quite a few elements that get "their own" menu, // like "the page" vs "an image" vs "a link". .. We pretty much want // everything on a page, so we make that happen: 5: context: contextMenu.PredicateContext(function(data) { return true; }), // and finally the script that runs when we select the option. Delete! 6: contentScript: 'self.on("click", function (node, data) { node.outerHTML = ""; });' });

The only changes here are that we want "delete" for everything, so the context is simply "for anything that the context menu opens up on, consider that a valid context for our custom script" (which we do by using the widest context possible on line 5), and of course the script itself is different because we want to delete nodes (line 6).

The contentScript property is a string, so we're a little restricted in what we can do without all manner of fancy postMessages, but thankfully we don't need it: the addon mechanism will always call the contentScript function with two arguments, "node" and "data, and the "node" argument is simply the HTML element you clicked on, which is what we want to delete. So we do! We don't even try to be clever here, we simply set the element's .outerHTML property to an empty string, and that makes it vanish from the page.

If you expected more work, then good news: there isn't any, we're already done! Seriously: run jpm run yourself to test your extension, and after verifying that it indeed gives you the new "Delete element" option in the context menu and deletes nodes when used, move on to steps (4) and (5) for the ultimate control of your browser.

Because there it is: the freedom to control your online experience, and Firefox, go hand in hand.

Categorieën: Mozilla-nl planet

Mozilla Open Policy & Advocacy Blog: Spotlight on Public Knowledge: A Ford-Mozilla Open Web Fellow Host

Mozilla planet - mo, 15/12/2014 - 19:11

(This is the fourth in our series spotlighting host organizations for the 2015 Ford-Mozilla Open Web Fellowship. For years, Public Knowledge has been at the forefront of fighting for citizens and informing complex telecommunications policy to protect people. Working at Public Knowledge, the Fellow will be at the center of emerging policy that will shape the Internet as we know it. Apply to be a Ford-Mozilla Open Web Fellow and use your tech skills at Public Knowledge to protect the Web.)

Spotlight on Public Knowledge: A Ford-Mozilla Open Web Fellow Host
by Shiva Stella, Communications Manager of Public Knowledge

This year has been especially intense for policy advocates passionate about protecting a free and open internet, user protections, and our digital rights. Make no mistake: From net neutrality to the Comcast/Time Warner Cable merger, policy makers will continue to have an outsized influence over the web.

In order to enhance our advocacy efforts, Public Knowledge is hosting a Ford-Mozilla Open Web Fellow. We are looking for a leader with technical skills and drive to defend the internet, focusing on fair-use copyright and consumer protections. There’s a lot of important work to be done, and we know the public could use your help.

Public Knowledge Long

Public Knowledge works steadfastly in the telecommunications and digital rights space. Our goal is to inform the public of key policies that impact and limit a wide range of technology and telecom users. Whether you’re the child first responders fail to locate accurately because you dial 911 from a cell phone or the small business owner who can’t afford to “buy into” the internet “fast lane,” these policies affect your digital rights – including the ability to access, use and own communications tools like your set-top box (which you currently lease forever from your cable company, by the way) and your cell phone (which your carrier might argue can’t be used on a competing network due to copyright law).

There is no doubt that public policy impacts people’s lives, and Public Knowledge is advocating for the public interest at a critical time when special interests are attempting to shape policy that benefits them at our cost or that overlooks an issue’s complexity.

Indeed, in this interconnected world, the right policy outcome isn’t always immediately clear. Location tracking, for example, can impact people’s sense of privacy; and yet, when deployed in the right way, can lead to first responders swiftly locating someone calling 911 from a mobile device. Public Knowledge sifts through the research and makes sure consumers have a seat at the table when these issues are decided.

Public policy in this area can also impact the broader economy, and raises larger questions: Should we have an internet with a “fast lane“ for the relatively few companies that can afford it, and a slow lane for the rest of us? What would be the impact on innovation and small business if we erase net neutrality as we know it?

The answers to these questions require a community of leaders to advocate for policies that serve the public interest. We need to state in clear language the impact of ill-informed policies and how they affect people’s digital rights —including the ability to access, use and own communications tools, as well as the ability to create and innovate.

Even as the U.S. Federal Communications Commission reviews millions of net neutrality comments and considers approving huge mergers that risk consumers, the cable industry is busy hijacking satellite bills (STAVRA), stealthily slipping “pro-cable” provisions into legislation and that must be passed so 1.5 million satellite subscribers may continue receiving their (non-cable!) service. Public Knowledge shines light on these policies to prevent them from harming innovation or jeopardizing our creative and connected future. To this end we advocate for an open internet and public access to affordable technologies and creative works, engaging policy makers and the public in key policy decisions that affect us all.

Let us be clear: private interests are hoping you won’t notice or just don’t care about these issues. We’re betting that’s not the case. Please apply today to join the Public Knowledge team as a Ford-Mozilla Open Web Fellow to defend the internet we love.

Apply to be a Ford-Mozilla Open Web Fellow. Application deadline for the 2015 Fellowship is December 31, 2014.

Categorieën: Mozilla-nl planet