Release #5 part 1 of 2

Posted: March 15, 2014 in Programming
Tags: , , , , , , ,

Its Friday and I will let you know what I was working on during this week.

I started to work on a couple of new bugs, which are not quite connected to CSP implementation, but also in the are I’m interested in.

  • I found out that nom install command could be failed during downloading source from a git repo using SSH (the path is written using git:// protocol). That is why it is safer to connect using HTTP. i fixed that issue in bug981588 and the bug was merged.
  • The other bug is about refactoring, that non-error responses SHOULD NOT be sent with res.json({error: "okay"}), instead use: res.json({status: "okay"}). My commit for this issue has not been pushed to PR yet. I’m looking for all files that could take place in this issue.
  • Also, I found out the other great thing about OpenSource. The challenge I faced last week was about my experience with AirMail App. With the latest update, this program started to lag and show weird green links in emails. So the fun stuff happened when I was looking for the contact information of that company to file my issue, because all the reinstallation procedures didn’t help. I found out that AirMail App uses github as a place for filing issues.. I found it pretty neat, even when the application is doesn’t use open source direction, using github for filing issues could be very beneficial for the company. I filed my issue there and got an answer on the next day. I liked it.

Coming back to CSP and block bugs. A could of new reviews happened.

  • Two last blocks for Thimble were fixed, reviewed and merged. (bug981357 and bug979111). That is why I pushed CSP for Thimble to be reviewed -> bug959271.
  • Also, all the dependencies for CSP were merged and I pushed CSP bug to review as well: bug959277. It has only one weird questing, where I’m stuck. When user press “Activate X-Ray Goggles” – CSP caught inline script violation, but an interesting part is that there is no inline script there. The suggesting I have is that:
    <div class="bookmarklet"><a href="" id="bookmarklet-link" class="ui-btn"><span>{{ gettext("Activate X-Ray Goggles") }}</span></a></div>

    “bookmarklet-link” id field has some kind of error/bug. Working and getting help to find out why.

  • One more thing is that Jon put me on review for CSP at, which Jon PRed not while ago. I found out that two new policies should be added and it’s still early to push this update, because there are 2 more block bugs left.
  • I’m still working on eval() at PluginDetect_Flash.js David helped me and pointed to pinlady PluginDetect. The possible solution is:
    Instead of using eval like this:


    Do this:

    isIE = (function () {
      var tmp = document.documentMode, e, isIE;
      // Try to force this property to be a string.
      try{document.documentMode = "";}
      catch(e){ };
      // If document.documentMode is a number, then it is a read-only property, and so
      // we have IE 8+.
      // Otherwise, if conditional compilation works, then we have IE < 11.
      // Otherwise, we have a non-IE browser.
      isIE = typeof document.documentMode == "number";
      // Switch back the value to be unobtrusive for non-IE browsers.
      try{document.documentMode = tmp;}
      catch(e){ };
      return isIE;

    At this point, I’m waiting for more info from Jon on this, just to make sure that I’m on a right way.

    Hopefully one of the CSP implementation will be merged to master or at least a great progress will be made before my Rel #5.
    Have a great weekend!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s