SummerOfCode/2012/UserCSP/WeeklyUpdates/2012-07-16
From MozillaWiki
< SummerOfCode | 2012 | UserCSP
« previous week | index | next week »
Contents
This Week
Monday, 16 July
- BugFix: https://csptest.computerist.org website rules are not displayed in add-on UI.
Currently, we know https://csptest.computerist.org website sets CSP rules. However, website CSP rules were not correctly reflected in the add-on.
Tuesday, 17 July
- Hostname Wildcards Filtering according to W3C specification
- A source expression MAY contain a single wildcard character, * , in the hostname portion and it MUST be used in place of the leftmost, or most specific, DNS label. The wildcard character matches zero or more DNS labels.
- Accepted Inputs: *, *.example.com
- Rejected Inputs: example.* , www.*.com
- A source expression MAY contain a single wildcard character, * , in the hostname portion and it MUST be used in place of the leftmost, or most specific, DNS label. The wildcard character matches zero or more DNS labels.
- Port Wildcards Filtering according to W3C specification
- A source expression MAY contain a single wildcard character, * , in place of the port number. The wildcard character indicates that any port may be used to load content.
Wednesday, 18 July
- BigFix: User specified rules for a website should take precedence over "Every Website" rules.
- Tested with yahoo.com. First, defined rules for "Every Website" then defined rules for yahoo.com. Rules defined for yahoo.com were enforced by add-on.
Thursday, 19 July
- Used Regular expression to filter out unnecessary input to make sure characters that aren't allowed in a url are filtered out.
- Regular expression I used is as follows:
*** var myRegexp = new RegExp('^[a-z0-9 _.:*\']*$', 'i'); *** Please let me know if there are any bugs in it. (email: patilkr AT comp DOT nus DOT edu DOT sg)
Friday, 20 July
- Added a newline in All Tab UI after websiteCSP rule, User CSP rules and Combine CSP rules for better visibility.
- For filtering, if there is invalid user input, it was reported using alert prompt. But it deteriorate user experience and Hides add-on UI. Instead of reporting errors using alert prompt, it would be better to show errors to user in add-on UI. Therefore, errors are now reported in the UI with RED color below the input field.