Package: release.debian.org Severity: normal Tags: jessie User: release.debian....@packages.debian.org Usertags: pu X-Debbugs-Cc: Michael Schutte <mi...@debian.org>
Hi, The latest iceweasel coming from security.d.o is breaking xul-ext-requestpolicy (#786565). Upstream recently made a targeted release to fix it, proposed filtered debdiff attached (removing the useless for us META-INF directory). In Sid/Stretch, we are using a beta 1.0.0 for a while (and 0.5.29 thus never made it in the archive), so this version is not widely tested in Debian, but the debdiff is far more reasonable that what we are often used to propose to fix such compatibility issue. Please tell me if I should use a ?deb8u1 suffix version anyway. As far as we know, dactyl is not compatible with iceweasel 38 either (Michael, can you follow up with a pu request to fix #785300 please?). We just discovered that pdf.js is also broken with the latest iceweasel, we don’t know yet the best way forward about it (discussing it currently with security team members). I have no clear view right now if other xul-ext-* packages are made incompatible by this latest upload (will come back to you in other bug report(s) once we know what else broke). Regards David
diff --git a/README b/README index 64a8ce5..1c140da 100644 --- a/README +++ b/README @@ -1,17 +1,17 @@ -RequestPolicy +RequestPolicy Continued ================================================= A Firefox extension for allowing user control over cross-site requests. -Author: Justin Samuel <justin (at) justinsamuel (dot) com> +original author: Justin Samuel +maintainer/main developer: Martin Kimmerle License: GPL 3 or later -Copyright 2008 -Website: http://www.requestpolicy.com/ -Documentation -------------- -On the website: http://www.requestpolicy.com/ +Website and Documentation +------------------------- +https://requestpolicycontinued.github.io/ + Installation ------------ @@ -19,3 +19,7 @@ Installation Any way you like to install your Firefox extensions. For example, you can open the .xpi file through Firefox's File > Open dialog. + +The extension is developed on github +------------------------------------ +https://github.com/RequestPolicyContinued/requestpolicy diff --git a/chrome.manifest b/chrome.manifest index 813ddf6..23f390d 100644 --- a/chrome.manifest +++ b/chrome.manifest @@ -2,6 +2,9 @@ content requestpolicy jar:chrome/requestpolicy.jar!/content/ resource requestpolicy modules/ skin requestpolicy classic/1.0 jar:chrome/requestpolicy.jar!/skin/ +content rpcontinued jar:chrome/requestpolicy.jar!/content/ +skin rpcontinued classic/1.0 jar:chrome/requestpolicy.jar!/skin/ + locale requestpolicy en-US jar:chrome/requestpolicy.jar!/locale/en-US/ locale requestpolicy de jar:chrome/requestpolicy.jar!/locale/de/ locale requestpolicy eo jar:chrome/requestpolicy.jar!/locale/eo/ diff --git a/chrome/requestpolicy.jar!/content/overlay.xul b/chrome/requestpolicy.jar!/content/overlay.xul index 7c4c62c..5efed2d 100644 --- a/chrome/requestpolicy.jar!/content/overlay.xul +++ b/chrome/requestpolicy.jar!/content/overlay.xul @@ -38,7 +38,7 @@ <toolbarbutton id="requestpolicyToolbarButton" class="toolbarbutton-1 chromeclass-toolbar-additional" label="RequestPolicy" - tooltiptext="RequestPolicy" + tooltiptext="RequestPolicy Continued" type="menu-button" oncontextmenu="event.preventDefault();" onclick="requestpolicy.overlay.openToolbarPopup(this)" /> @@ -55,7 +55,7 @@ <statusbarpanel class="statusbarpanel-menu-iconic" id="requestpolicyStatusbar" - tooltiptext="RequestPolicy" + tooltiptext="RequestPolicy Continued" oncontextmenu="event.preventDefault();" onclick="requestpolicy.overlay.openStatusbarPopup(this);" > diff --git a/chrome/requestpolicy.jar!/content/prefWindow.xul b/chrome/requestpolicy.jar!/content/prefWindow.xul index 666555b..fa6c1e8 100644 --- a/chrome/requestpolicy.jar!/content/prefWindow.xul +++ b/chrome/requestpolicy.jar!/content/prefWindow.xul @@ -128,7 +128,7 @@ <textbox id="addOrigin-originField" emptytext="&rp.origin;" oninput="requestpolicy.prefWindow.addToWhitelistInputChanged(this)" flex="1" - onkeydown="if(event.keyCode==event.DOM_VK_ENTER || event.keyCode==event.DOM_VK_RETURN) { requestpolicy.prefWindow.addToWhitelist(this.button); return false; }" /> + onkeydown="if(event.keyCode==event.DOM_VK_RETURN) { requestpolicy.prefWindow.addToWhitelist(this.button); return false; }" /> <button id="addOrigin" label="&rp.allow;" oncommand="requestpolicy.prefWindow.addToWhitelist(this)" disabled="true" /> @@ -160,7 +160,7 @@ <textbox id="addDestination-destinationField" emptytext="&rp.destination;" oninput="requestpolicy.prefWindow.addToWhitelistInputChanged(this)" flex="1" - onkeydown="if(event.keyCode==event.DOM_VK_ENTER || event.keyCode==event.DOM_VK_RETURN) { requestpolicy.prefWindow.addToWhitelist(this.button); return false; }" /> + onkeydown="if(event.keyCode==event.DOM_VK_RETURN) { requestpolicy.prefWindow.addToWhitelist(this.button); return false; }" /> <button id="addDestination" label="&rp.allow;" oncommand="requestpolicy.prefWindow.addToWhitelist(this)" disabled="true" /> @@ -188,19 +188,19 @@ <button id="removeOriginsToDestinations" label="&preferences.removeSelectedSites;" oncommand="requestpolicy.prefWindow.removeSelectedFromList(this.listbox)" disabled="true" /> - </hbox> + </hbox> <separator class="thin" /> <hbox> <textbox id="addOriginToDestination-originField" emptytext="&rp.origin;" oninput="requestpolicy.prefWindow.addToWhitelistInputChanged(this)" flex="1" - onkeydown="if(event.keyCode==event.DOM_VK_ENTER || event.keyCode==event.DOM_VK_RETURN) { requestpolicy.prefWindow.addToWhitelist(this.button); return false; }" /> + onkeydown="if(event.keyCode==event.DOM_VK_RETURN) { requestpolicy.prefWindow.addToWhitelist(this.button); return false; }" /> <textbox id="addOriginToDestination-destinationField" emptytext="&rp.destination;" oninput="requestpolicy.prefWindow.addToWhitelistInputChanged(this)" flex="1" - onkeydown="if(event.keyCode==event.DOM_VK_ENTER || event.keyCode==event.DOM_VK_RETURN) { requestpolicy.prefWindow.addToWhitelist(this.button); return false; }" /> + onkeydown="if(event.keyCode==event.DOM_VK_RETURN) { requestpolicy.prefWindow.addToWhitelist(this.button); return false; }" /> <button id="addOriginToDestination" label="&rp.allow;" oncommand="requestpolicy.prefWindow.addToWhitelist(this)" disabled="true" /> diff --git a/chrome/requestpolicy.jar!/content/rp-and-rpc.html b/chrome/requestpolicy.jar!/content/rp-and-rpc.html new file mode 100644 index 0000000..7500e43 --- /dev/null +++ b/chrome/requestpolicy.jar!/content/rp-and-rpc.html @@ -0,0 +1,51 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";> +<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en"> + <head> + <title>RequestPolicy Continued - Notice about legacy RP</title> + <style> + body { + background: #fec; + font-family: sans-serif; + } + + #content { + background-image: url(chrome://rpcontinued/skin/requestpolicy-icon-32.png); + background-position: 16px 3.3em; + background-repeat: no-repeat; + max-width: 45em; + padding: 3em 3em 3em 72px; + } + + h1 { + margin-top: 0; + } + + h1 span { + color: #c32; + font-size: 0.7em; + } + </style> + </head> + <body> + <div id="content"> + <h1>Important Notice! <span>regarding RequestPolicy</span></h1> + + <p> + You've successfully installed <i>RequestPolicy Continued</i>! + </p> + + <p> + However, currently both <i>“RequestPolicy”</i> and + <i>“RequestPolicy Continued”</i> are installed and enabled + in your browser. <b>This will lead to conflicts!</b> + </p> + + <p> + Therefore, please disable or uninstall the old version. To do + that, visit the <a href ="about:addons">Add-ons Manager</a>. + </p> + </div> + </body> +</html> diff --git a/chrome/requestpolicy.jar!/skin/menu-allowed.png b/chrome/requestpolicy.jar!/skin/menu-allowed.png new file mode 100644 index 0000000..eb9d5d2 Binary files /dev/null and b/chrome/requestpolicy.jar!/skin/menu-allowed.png differ diff --git a/components/requestpolicyService.js b/components/requestpolicyService.js index 9f6c413..21410b9 100644 --- a/components/requestpolicyService.js +++ b/components/requestpolicyService.js @@ -179,6 +179,40 @@ RequestPolicyService.prototype = { // default preferences. }, + + _checkForLegacyRP : function () { + + function addonCallback(addon) { + if (addon === null) { + // RP is not installed + return; + } + + if (addon.isActive === false) { + // RP is disabled + return; + } + + const url = "chrome://rpcontinued/content/rp-and-rpc.html"; + + var wm = CC["@mozilla.org/appshell/window-mediator;1"] + .getService(CI.nsIWindowMediator); + var mostRecentWindow = wm.getMostRecentWindow("navigator:browser"); + + // the gBrowser object of the firefox window + var _gBrowser = mostRecentWindow.getBrowser(); + + if (typeof(_gBrowser.addTab) !== "function") { + return; + } + + _gBrowser.selectedTab = _gBrowser.addTab(url); + } + + AddonManager.getAddonByID("requestpol...@requestpolicy.com", + addonCallback); + }, + _initializeExtensionCompatibility : function() { if (this._compatibilityRules.length != 0) { return; @@ -516,6 +550,7 @@ RequestPolicyService.prototype = { os.addObserver(this, "http-on-modify-request", false); os.addObserver(this, "xpcom-shutdown", false); os.addObserver(this, "profile-after-change", false); + os.addObserver(this, "sessionstore-windows-restored", false); os.addObserver(this, "quit-application", false); os.addObserver(this, "private-browsing", false); os.addObserver(this, HTTPS_EVERYWHERE_REWRITE_TOPIC, false); @@ -537,6 +572,7 @@ RequestPolicyService.prototype = { os.removeObserver(this, "http-on-modify-request"); os.removeObserver(this, "xpcom-shutdown"); os.removeObserver(this, "profile-after-change"); + os.removeObserver(this, "sessionstore-windows-restored"); os.removeObserver(this, "quit-application"); if (!AddonManager) { os.removeObserver(this, "em-action-requested"); @@ -1670,6 +1706,9 @@ RequestPolicyService.prototype = { this._initializeApplicationCompatibility(); break; + case "sessionstore-windows-restored": + this._checkForLegacyRP(); + break; case "private-browsing" : if (data == "enter") { this._privateBrowsingEnabled = true; diff --git a/debian/changelog b/debian/changelog index 292371d..2326f3d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +requestpolicy (0.5.29-1) jessie; urgency=medium + + * Team upload, targeted to Jessie + * Imported Upstream version 0.5.29: restore compatibility with iceweasel 38 + (Closes: #786565) + + -- David Prévot <taf...@debian.org> Wed, 12 Aug 2015 11:34:24 +0200 + requestpolicy (0.5.28-1) unstable; urgency=low * Team upload diff --git a/debian/gbp.conf b/debian/gbp.conf new file mode 100644 index 0000000..4e78e26 --- /dev/null +++ b/debian/gbp.conf @@ -0,0 +1,3 @@ +[DEFAULT] +debian-branch = jessie +upstream-branch = upstream-jessie diff --git a/install.rdf b/install.rdf index 1739f69..089c3e5 100644 --- a/install.rdf +++ b/install.rdf @@ -4,16 +4,21 @@ xmlns:em="http://www.mozilla.org/2004/em-rdf#";> <Description about="urn:mozilla:install-manifest"> - <em:name>RequestPolicy</em:name> - <em:version>0.5.28</em:version> + <em:name>RequestPolicy Continued</em:name> + <em:version>0.5.29</em:version> <em:type>2</em:type> <em:description>Control which cross-site requests are allowed. Improve the privacy of your browsing. Secure yourself from Cross-Site Request Forgery (CSRF) and other attacks.</em:description> - <em:creator>Justin Samuel</em:creator> - <em:id>requestpol...@requestpolicy.com</em:id> - <em:homepageURL>http://www.requestpolicy.com/</em:homepageURL> + <em:id>rpcontin...@requestpolicy.org</em:id> + <em:unpack>true</em:unpack> + <em:homepageURL>https://requestpolicycontinued.github.io/</em:homepageURL> <em:optionsURL>chrome://requestpolicy/content/prefWindow.xul</em:optionsURL> <em:iconURL>chrome://requestpolicy/skin/requestpolicy-icon-32.png</em:iconURL> + <em:creator>RequestPolicy Continued Team</em:creator> + + <em:developer>Justin Samuel (original author)</em:developer> + <em:developer>Martin Kimmerle (main developer)</em:developer> + <em:contributor>myahoo (French translation)</em:contributor> <em:contributor>Team erweiterungen.de (German translation)</em:contributor> <em:contributor>Archaeopteryx (German translation)</em:contributor> @@ -40,7 +45,7 @@ <Description> <em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id> <em:minVersion>4.0</em:minVersion> - <em:maxVersion>26.0</em:maxVersion> + <em:maxVersion>40.0a2</em:maxVersion> </Description> </em:targetApplication> @@ -49,7 +54,7 @@ <Description> <em:id>{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}</em:id> <em:minVersion>2.1</em:minVersion> - <em:maxVersion>2.23</em:maxVersion> + <em:maxVersion>2.33.*</em:maxVersion> </Description> </em:targetApplication>
signature.asc
Description: OpenPGP digital signature
