Bug #9387

Browser and extension detection code

Added by sajolida 2015-05-12 17:04:49 . Updated 2016-01-05 22:26:58 .

Status:
Resolved
Priority:
Elevated
Assignee:
Category:
Installation
Target version:
Start date:
2015-11-10
Due date:
% Done:

100%

Feature Branch:
Type of work:
Code
Blueprint:

Starter:
Affected tool:
ISO Verification Extension
Deliverable for:

Description

We’ll need some JavaScript on the download page to display the relevant initial state depending one:

  • JavaScript being available
  • Browser supported or not
  • Extension installed or not
  • Extension outdated or not

Subtasks

Bug #10525: Make it clear that Firefox 38 is required to use the ISO verification extension Resolved

100


History

#1 Updated by sajolida 2015-05-12 17:05:20

  • Assignee set to sajolida

#2 Updated by sajolida 2015-05-21 13:41:50

  • Assignee changed from sajolida to ma1

Maone, do you actually need more specification than the wireframe and the HTML code to be able to write this code?

#3 Updated by ma1 2015-05-21 14:07:25

No, I think they can suffice, thank you.

#4 Updated by sajolida 2015-10-29 04:14:03

  • Target version set to Tails_1.7

Setting this for 1.7 (November 3) as an approximation. Detailed were sent in https://mailman.boum.org/pipermail/tails-ux/2015-October/000724.html.

#5 Updated by sajolida 2015-11-02 15:22:38

  • Target version changed from Tails_1.7 to Tails_1.8

#6 Updated by ma1 2015-11-07 20:21:02

  • % Done changed from 0 to 90

I’m currently having a bad time at updating the git repository, looks like my credentials are outdated.

The sniffing code is complete and working correctly, the extension still needs some work in the download management department, but I hope to have it fixed by Monday as noted in its own bug.

Until I do that and figure out how to update the repo, you can play with both the web page prototype (based on tchou’s work) and the extension itself at

https://maone.net/dev/tails/download.html

and download the sources from

https://maone.net/dev/tails/src/dave-0.0.5.zip

#7 Updated by sajolida 2015-11-09 03:32:34

Thanks for the prototype!

I quickly tested the sniffing code and it works fine in Firefox and Chrome.

Still, having a look at the code, it seems like we’re supporting Firefox starting from version 38. If you confirm that fact, then we should adapt the HTML code to take into consideration people using older versions of Firefox.

Also, regarding Redmine methodology, when you think that you work is ready for review, please mark it as “QA Check: Ready for QA” and assign it to either tchou or me. Otherwise we might miss that.

#8 Updated by ma1 2015-11-09 06:28:13

  • QA Check set to Ready for QA

Firefox 38 is current ESR (which Tor Browser is based on) and the oldest version supported by Mozilla with security patches.

Beside the fact our extension is using features which are available from that version on, letting users download the ISO with an outdated and exploitable browser would jeopardize any security advantage we mean to give through this “download and verify” setup, wouldn’t it?

However I agree specifying the minimum browser version in the UI would avoid any confusion.
I’ve just modified dave.js to populate any .minver-{browser-name} DOM element with the respective required minimum browser version, as checked by the sniffer.

Sorry for for the hassle with methodology and git, I’m really the noob here :)

Marking as “ready for QA”: the files to look at here for this very bug are “dave.js” and “dave.css”, also in the repo at ma1/download-and-verify-extension/www/.

#9 Updated by sajolida 2015-11-10 01:31:23

  • Assignee changed from ma1 to sajolida

Thanks for the clarification. In my previous comment I didn’t mean to question your technical choice and I think that it makes perfect sense to limit ourselves to Firefox ESR. But we did’t think about this while designing the wireframe and this needs adjustment on our side. That’s now tracked in Bug #10525.

We’ll try to review the browser detection code again today and get back to you.

#10 Updated by sajolida 2015-11-23 08:47:58

  • Assignee deleted (sajolida)
  • QA Check deleted (Ready for QA)

#11 Updated by sajolida 2015-12-17 03:01:59

  • Target version changed from Tails_1.8 to Tails_2.0

#12 Updated by sajolida 2016-01-05 22:26:58

  • Status changed from Confirmed to Resolved
  • Target version deleted (Tails_2.0)

This seems to be working fine now.