Fix Firefox version check

[kennethtran93]

Fixes #1329.

Version number check (primarily in Firefox) is now done by number instead of string. This fixes the issue of '100' >= '79' being false instead of true.

🤦 ...I wonder why I didn't do this in the first place.

[codecov]

Codecov Report

Merging #1363 (54c225e) into 3.X.X-Branch (54c225e) will not change coverage.
The diff coverage is n/a.

❗ Current head 54c225e differs from pull request most recent head 64889c2. Consider uploading reports for the commit 64889c2 to get more accurate results

@@              Coverage Diff              @@
##           3.X.X-Branch    #1363   +/-   ##
=============================================
  Coverage         40.99%   40.99%           
=============================================
  Files                34       34           
  Lines              2059     2059           
  Branches            330      330           
=============================================
  Hits                844      844           
  Misses              900      900           
  Partials            315      315           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 54c225e...64889c2. Read the comment docs.

[ghost]

/get-build 2142469342

[iroedius]

/get-build 2142469342

[ghost]

It seems like the bot isn't behaving.

[ghost]

No fix I'm afraid.

[iroedius]

Same here, the problem persists.

[kennethtran93]

clearly my CI workflow needs some updates as well. In the meantime, here's the manually compiled version for Firefox, from the recent commit (more parseInt) I did (and probably didn't need to but just in case).
Cookie-AutoDelete_Dev_20220411_114036_Firefox.zip
.

[ghost]

Sorted.

Thanks mate :)

[xnuk]

When would be the release of this? 👀

[kennethtran93]

I would like to release as soon as I can, but I need to also implement a privacy user-consent first to keep up with the recommended web extension workflow.

[ghost]

I've managed to install CAD 3.999.999 as an xpi. Works perfectly well. So happy to have localStorage and IndexedDB handled again within FF100.

Not blocked by Firefox 100 because xpinstall.signatures.required is locked to false in my Firefox's Autoconfig : lockPref('xpinstall.signatures.required', false);

Not blocked but I do get of course in about:addons the message:

When do you intend to release CAD 4.0? 3.999.999 works perfectly well, and I can imagine the number of users of FF100 being desperate!

Thanks for this invaluable extension.

[kennethtran93]

It won't be a 4.0 yet. I use 3.999.999 for Dev and test works. It will probably be 3.7.0 or so.

[ghost]

It won't be a 4.0 yet. I use 3.999.999 for Dev and test works. It will probably be 3.7.0 or so.

Good to know. That means installed 3.999.999 won't be updated by Firefox. I'll have to backup data/remove it first.
Looking forwards.
I haven't encountered the slightest issue up to now with 3.999.999

[ghost]

I'll have to backup data/remove it first.

FYI while a backup would be wise before and after the beta test, I was able to downgrade by simply removing the addon and installing the official version, and the existing data worked fine.

[ghost]

I won't be advised by Firefox add-ons update that CAD 3.7.0 or so is available if I'm running CAD 3.999.999, which means that
either,

• I backup CAD data, uninstall CAD 3.999.999, install CAD 3.7.0 or so and import backed up CAD data,

either, considering

I was able to downgrade by simply removing the addon and installing the official version, and the existing data worked fine.

• I download CAD 3.7.0 or so and install it manually over CAD 3.999.999

OK. But given CAD_CoreSettings and CAD_Expressions.json are easily importable and complete, given I'm a clean install maniac, I might follow my "academic" policy :=) though one thing to remember when importing CAD settings : import Expressions before CoreSettings, because if the latter has been set to Enable automatic cleaning and the former not in place... you'll loose all cookies!

Thanks for the information @xcasxcursex

[mrjohnjones]

I've managed to install CAD 3.999.999 as an xpi.

Did you have to use Firefox Nightly or did you find another way?

I've been waiting for the updated version, but think I want to use this dev version instead of waiting. I noticed a bunch of websites remembering me and found it was because this extension wasn't working.

[ghost]

I proceeded with Firefox 100.0, in fact because it's that version which revealed the CAD issue.

What I had done:

Downloaded from AMO cookie_autodelete-3.6.0-an+fx.xpi and unzipped it.
Downloaded from above Cookie-AutoDelete_Dev_20220411_114036_Firefox.zip and unzipped it
I copied the META-INF folder from unzipped cookie_autodelete-3.6.0-an+fx.xpi to unzipped Cookie-AutoDelete_Dev_20220411_114036_Firefox.zip
I zipped the edited unzipped cookie_autodelete-3.6.0-an+fx.xpi then renamed it to cookie_autodelete-3.9.9-an+fx.xpi : must be of course a .xpi
I installed manually the new cookie_autodelete-3.9.9-an+fx.xpi from about:addons > Install ad-on from file ...

1- I'm no expert, not sure META-INF was required for a successful operation
2- Firefox's xpinstall.signatures.required, may now be a hidden setting (not sure) in which case add it manually, must be set to false ...
BUT ...
I'm not sure that proceeding that way is a guarantee of success, I mean I'm not sure the setting is not reset to true when restarting Firefox : this happens, very seldom.
BUT ...
I do know that I use Firefox's Autoconfig which allows to set and lock a setting : lockPref('xpinstall.signatures.required', false);
All my about:config settings have been set via Firefox's Autoconfig for years now which is why I'm uncertain about total guarantee of manual or user.js writings.

3- I think CAD, independently of the Firefox's 3-digit compatibility issue, is not a 100% efficient with Firefox's Enhanced Tracking Protection given this feature auto-sets browser.contentblocking.category = "strict" together with network.cookie.cookieBehavior = 5 : this, in my experience, limits CAD (localStorage and IndxedDB cleaning) on sites which have a sort of elevated privilege so to say, i.e YouTube. Which is why, independently of CAD by the way, I decided to stick to:
pref("browser.contentblocking.category", "custom")
pref("network.cookie.cookieBehavior", 1); // block 3rd-party cookies

We then have as shown in my about:addons screenshot CAD 3.999.999 installed with the browser's warning yet fully functional on Firefox 100.
It just worked but again, not being an expert, I was surprised myself. I tried everything because surfing without a fully functional CAD / Firefox 100 was driving me nuts : now that cookies are increasingly controlled by browsers' native defense more and more sites use localStorage and indexedDB to upload to the user's profile data which is most often not at all required.

Hope that helps.

[ghost]

@kennethtran93 I'm sorry but I've held my tongue for long enough that I've reached a point where this needs to be said.

I really don't think you should be putting in work for #754, while the plugin is non-functional for the entire firefox userbase.

This kind of thing is EXACTLY why that kind of thing gets downvotes like it did. Your time is valuable and we don't want to see it lost to functionality of the plugin, in favour of a political agenda.

I know you've already delayed that thing by a long, long time.... But I really feel like you ought to delay it a little longer.

Late edit: and just for what it's worth, the reason I'm discussing this is because I thought maybe I should offer to help with CAD, so I decided to look at what's being worked on right now, to see if I would be of any use to you... And that is what I found. I'm still happy to help out, so long as it isn't with that, because I believe that action detracts from the fight against racism.

[ghost]

Auto-updated to 3.70, 267 sites cleaned, seems to be working now :) Thanks!

[kennethtran93]

@Cade66 You can install an extension via the zip file as well. No need to extract something from the published version to put into the 3.999 version. Of course, the xpinstall.signatures.required would need to be set to false but that's about it. The signature required versions are usually ones that have gone through Mozilla/Firefox's extension addon system to a certain extent and is allowed to either self-publish the extension or put it up to AMO's addon page for others to install.

As for your 3rd point, we are still continuing to look into this and will hopefully have something in the near future.

[kennethtran93]

@xcasxcursex at this point in time, the PR that is linked to that request needs to be redone anyway. I foresee tons of reworkings on the front and back end, and just renaming the lists to something more action based may help as we try to implement either custom lists and/or more lists with specific actions.

If you are still up for assisting with this project, regardless of the aforementioned item, there are still other issues and feature requests you can start to tackle and submit a PR for us to look at (like perhaps getting some dark styling going or pointing us to that direction).

[ghost]

@kennethtran93

You can install an extension via the zip file as well. No need to extract something from the published version to put into the 3.999 version. Of course, the xpinstall.signatures.required would need to be set to false but that's about it.

OK, and thanks for this precision. It was the first time I was dealing with an un-signed and moreover zipped extension so I sort of improvised.

As for your 3rd point, we are still continuing to look into this and will hopefully have something in the near future.

EDIT, 2022-05-27 : WHAT FOLLOWS IS OBSOLETE, RUNNING FIREFOX 100.0.2 WITH CAD 3.7.0: NO LONGER ISSUES MENTIONED HEREAFTER

What I had related in my 3rd point was my personal experience confirmed by experts' savvy explanations I've read occasionally : Firefox's Enhanced Tracking Protection is not a panacea yet is beneficial for a wider audience than that focusing on First-Party Isolation (FPI). FPI was and remains TOR's approach and remains the wisest and most efficient one, IMO.

I took YouTube as an example but other domains have this "elevated privilege" within Enhanced Tracking Protection which is that their IndexedDB data --- whatever isolated it is, and it is -- is isolated to the point of not being removable, even with CAD, even with other cookie managers such as the Cookie Quick Manager extension: they are preserved.

What's the deal? Take the following scenario: we want to keep only some of YouTube's cookies, not localStorage, not IndexedDB, and great: that's what CAD is done for. We allow cookies for Youtube.com (they'll remain after FF restart) and set CAD accordingly only for some of its cookies:

My experience is that, with Firefox's Enhanced Tracking Protection (browser.contentblocking.category = "strict" together with network.cookie.cookieBehavior = 5) CAD cannot delete Yutube's IndexedDB, but it does perform perfectly with browser.contentblocking.category = "custom" together with network.cookie.cookieBehavior = 1. The latter would be nonsense of course without Firefox's Enhanced Tracking Protection counterpart which is First-Party Isolation enabled.

I'm not sure CAD will ever be able to defeat Firefox's Enhanced Tracking Protection site isolation when it comes to domains granted with this elevated privilege I was referring to, an approximate terminology for a number of concerned domains of which I haven't managed to find the exact list.

We have of course installed CAD 3.7.0, signed!, and I'll really emphasize on the quality of this Recommended by Firefox extension.

[KamiOh]

@kennethtran93

You can install an extension via the zip file as well. No need to extract something from the published version to put into the 3.999 version. Of course, the xpinstall.signatures.required would need to be set to false but that's about it.

OK, and thanks for this precision. It was the first time I was dealing with an un-signed and moreover zipped extension so I sort of improvised.

As for your 3rd point, we are still continuing to look into this and will hopefully have something in the near future.

What I had related in my 3rd point was my personal experience confirmed by experts' savvy explanations I've read occasionally : Firefox's Enhanced Tracking Protection is not a panacea yet is beneficial for a wider audience than that focusing on First-Party Isolation (FPI). FPI was and remains TOR's approach and remains the wisest and most efficient one, IMO.

I took YouTube as an example but other domains have this "elevated privilege" within Enhanced Tracking Protection which is that their IndexedDB data --- whatever isolated it is, and it is -- is isolated to the point of not being removable, even with CAD, even with other cookie managers such as the Cookie Quick Manager extension: they are preserved.

What's the deal? Take the following scenario: we want to keep only some of YouTube's cookies, not localStorage, not IndexedDB, and great: that's what CAD is done for. We allow cookies for Youtube.com (they'll remain after FF restart) and set CAD accordingly only for some of its cookies:

My experience is that, with Firefox's Enhanced Tracking Protection (browser.contentblocking.category = "strict" together with network.cookie.cookieBehavior = 5) CAD cannot delete Yutube's IndexedDB, but it does perform perfectly with browser.contentblocking.category = "custom" together with network.cookie.cookieBehavior = 1. The latter would be nonsense of course without Firefox's Enhanced Tracking Protection counterpart which is First-Party Isolation enabled.

I'm not sure CAD will ever be able to defeat Firefox's Enhanced Tracking Protection site isolation when it comes to domains granted with this elevated privilege I was referring to, an approximate terminology for a number of concerned domains of which I haven't managed to find the exact list.

We have of course installed CAD 3.7.0, signed!, and I'll really emphasize on the quality of this Recommended by Firefox extension.

How i can enable these options?
*CONSENT
*PREF
*wide
Winbugs 10 x64
Firefox 100.0.2 x64

[ghost]

@KamiOh I'm aware of that, but thanks.
Anyway my comment you're referring to has become obsolete. I'm editing it now.

[kennethtran93]

How i can enable these options?
*CONSENT
*PREF
*wide
Winbugs 10 x64
Firefox 100.0.2 x64

@KamiOh those are specific cookies that the aforementioned user has explicitly kept but removed the rest. If you are looking to keep all cookies, then keep your expression as is, otherwise uncheck the 'keep all cookies' checkbox to see a list of individual cookies for that site.

[KamiOh]

How i can enable these options?
*CONSENT
*PREF
*wide
Winbugs 10 x64
Firefox 100.0.2 x64

@KamiOh those are specific cookies that the aforementioned user has explicitly kept but removed the rest. If you are looking to keep all cookies, then keep your expression as is, otherwise uncheck the 'keep all cookies' checkbox to see a list of individual cookies for that site.

i can't found
*CONSENT
Just found wide and PREF
from this list:

List

CONSISTENCY
CookieAutoDeleteBrowsingDataCleanup
GPS
PREF
ST-118we1t
ST-125m94j
ST-12ki2jt
ST-131ei7b
ST-139tug3
ST-13d1lyr
ST-1424w1h
ST-14aztkp
ST-153s5uw
ST-155cwua
ST-16bd86n
ST-16k8zxx
ST-16k8zxy
ST-16l9tpv
ST-178qcec
ST-17ohb3e
ST-18avpp9
ST-18rybul
ST-19gi8dt
ST-1a9iafh
ST-1aralvk
ST-1b
ST-1bniol1
ST-1cfhczk
ST-1d8mo2i
ST-1e0z8dn
ST-1ek5rex
ST-1ekh83x
ST-1fruwpr
ST-1g5khky
ST-1g9rjoj
ST-1gac7sw
ST-1gw8e5r
ST-1i5e5a2
ST-1i5xlqr
ST-1ikktp7
ST-1islygs
ST-1jh6k6i
ST-1jw7ict
ST-1ki1h7o
ST-1kz05yv
ST-1l4tm76
ST-1lqcotg
ST-1lrkq0g
ST-1ltu5lz
ST-1m52pds
ST-1n3l2dl
ST-1n5wh3t
ST-1o33gyh
ST-1oimhin
ST-1oo7lxw
ST-1oz69ti
ST-1pe6b7
ST-1qmbfyb
ST-1ruals3
ST-1s8fi2w
ST-1sn0m9a
ST-1sopywz
ST-1sr9vgx
ST-1ukav6p
ST-1usgu0p
ST-1v9w1af
ST-1vyqvkf
ST-1x5erid
ST-1x6wpi0
ST-1x8id2d
ST-1xj8x0e
ST-2h3nd0
ST-2hm6hr
ST-2j4joq
ST-2j7r5o
ST-2p64bw
ST-2xef7j
ST-49f95j
ST-4i5jgl
ST-4m228h
ST-53rm9n
ST-5h6nf
ST-5hjz1h
ST-5jxf4
ST-5yu6zi
ST-62vz7u
ST-67t91v
ST-6ilyxm
ST-6wjo7p
ST-84ayu6
ST-8gd527
ST-9pp8hs
ST-b75llq
ST-b7ml6g
ST-b9g7qt
ST-bf6v5o
ST-c7zlfs
ST-cdoiq5
ST-colhhh
ST-d4dcgr
ST-d63f1i
ST-e0i8ja
ST-egn16v
ST-f6xf84
ST-fi8ca9
ST-ficvox
ST-ganjuy
ST-h298lp
ST-hd41u8
ST-hvwyll
ST-hxwc4p
ST-iw706m
ST-j5l141
ST-jcie24
ST-jhohg5
ST-jl13ld
ST-kefcqq
ST-khc8t4
ST-kkkqrm
ST-kkkrnj
ST-lfi1i8
ST-lkpdon
ST-ma33fs
ST-n5bmen
ST-ogg3gi
ST-ois2by
ST-p0s3w1
ST-p45e84
ST-pjiq9m
ST-pogf8m
ST-q84nuj
ST-qa178g
ST-qlgyha
ST-racp5s
ST-roci4c
ST-sguks4
ST-sscp0p
ST-su0gc5
ST-t6jvlb
ST-t6jvlc
ST-ti2qam
ST-tm789s
ST-u7jx6x
ST-uhjn6r
ST-ur9prv
ST-vav363
ST-vxs5fo
ST-wm89bh
ST-wnuaxr
ST-xzaeo1
ST-y3f185
ST-ylljkp
ST-z8aive
VISITOR_INFO1_LIVE
wide
YSC

[kennethtran93]

How i can enable these options?
*CONSENT
*PREF
*wide
Winbugs 10 x64
Firefox 100.0.2 x64

@KamiOh those are specific cookies that the aforementioned user has explicitly kept but removed the rest. If you are looking to keep all cookies, then keep your expression as is, otherwise uncheck the 'keep all cookies' checkbox to see a list of individual cookies for that site.

i can't found *CONSENT Just found wide and PREF from this list:

if CONSENT is not shown, this means that the site has not created a cookie with that name yet. Sites overtime may change how they store/set cookies and other data. Keep in mind that cookie names may not necessarily represent what you are looking for.

If you still want to have that specific cookie name checked in your entry, there are a couple ways of doing so.

• Export the list of expressions, find that entry, and manually add the cookie name in the area where the other cookie names are found within that entry. Some JSON knowledge is needed here.
• Add another webextension that creates/manages cookies, and create the CONSENT cookie with an arbitrary value for that domain, then go back to CAD and you should then see it listed there for checking. Once checked you are free to delete that cookie from the cookie manager so it doesn't break the site if it uses that cookie value for something.
• Figure out (possibly from other users) where the CONSENT cookie comes into play on the site (or try to look it up yourself), and trigger that scenario to get the site to actually create that cookie, then you can use CAD to check it for keeping.

At this point, there's no plan in the near future to implement a way to manually add a (non-existent) cookie name to the list, because for most users, there is no need to. For all anybody knows, that CONSENT cookie may have been used at one point in time but not anymore, so trying to exclude a cookie from being deleted when it is not even created yet is a bit of an extra work in which it may never be created. Also that cookie may not even be used at that site as well, but created from another web extension that another person has on their browser (good example is our own cookie CookieAutoDeleteBrowsingDataCleanup, which we always set every time any sites get accessed, when any browsing types are enabled for cleanup.