Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sticky: add-ons #12

Closed
Thorin-Oakenpants opened this issue Feb 19, 2017 · 33 comments
Closed

sticky: add-ons #12

Thorin-Oakenpants opened this issue Feb 19, 2017 · 33 comments
Labels

Comments

@Thorin-Oakenpants
Copy link
Member

@Thorin-Oakenpants Thorin-Oakenpants commented Feb 19, 2017

Use this issue for add-on announcements: new, gone-to-sh*t, recommendations for adding or dropping in the wiki Extensions page. Stick to privacy and security related add-ons, and do not mention legacy addons - Web Extension ONLY please.

❗️ Reminder, everything in this thread gets deleted (info is added to the first post). It is only meant for mentioning new or broken add-ons. If you want a discussion, start a new issue.

🔸 Added Web Extensions

  • ...starting fresh from Aug-18

🔸 Pending Web Extensions

🔸 Rejected If you strongly disagree, then by all means, bring it up

...

@Thorin-Oakenpants Thorin-Oakenpants changed the title sticky: new add-ons sticky: add-ons Feb 19, 2017
@earthlng

This comment has been minimized.

Copy link
Member

@earthlng earthlng commented Mar 10, 2017

https://blog.mozilla.org/addons/2017/02/16/the-road-to-firefox-57-compatibility-milestones/

Firefox 53, April 18th release

  • Firefox will run in multiprocess mode by default for all users, with some exceptions. If your add-on has the multiprocessCompatible flag set to false, Firefox will run in single process mode if the add-on is enabled.
  • Add-ons that are reported and confirmed as incompatible with Multiprocess Firefox (and don’t have the flag set to false) will be marked as incompatible and disabled in Firefox.
  • Add-ons will only be able to load binaries using the Native Messaging API.
  • No new legacy add-ons will be accepted on addons.mozilla.org (AMO). Updates to existing legacy add-ons will still be accepted.

That means if you have any addons that you still want to use in FF53+ that don't have the flag set to false you may want to get a copy, add the flag and get it re-signed yourself BEFORE FF53 is released!!

I'll do that myself for NoRedirect because that's the only one I use that doesn't have the flag set yet.
Will share the link to the updated version somewhere around here.


An easy way to check if an addon has the flag set already is to go the AMO page for the addon, click on View the source under Version Information (for the latest version obviously) and then look for
<em:multiprocessCompatible> in the install.rdf file.

instructions on how to add the flag are here -- make sure to read my 2 follow-up comments after that too!! Oh, and make sure to use false for the flag or it will probably not work because the shims will be disabled.

@earthlng

This comment has been minimized.

Copy link
Member

@earthlng earthlng commented Apr 3, 2017

Hey everyone, please only suggest addons that you have tested and are working as expected.
I just tested Negotiator and it has so many errors it's ridiculous!
So I got myself a copy, removed all the Edge shit (because who wants that shit anyway) and started fixing the errors. Fixed the 1st one, ok, I can now add custom "New action"'s - nice.
Lets see if this works.... nope ... next error pops up immediately. Ok lets fix that one too ....ok nice, one step further but oh wait there's already the next error "trying to access dead object". Oh well, fuck it then.

@ghacksuserjs ghacksuserjs locked and limited conversation to collaborators Apr 3, 2017
@ghacksuserjs ghacksuserjs unlocked this conversation Apr 4, 2017
@publicarray

This comment has been minimized.

Copy link

@publicarray publicarray commented Apr 15, 2017

+1 SSleuth I like how it can highlight the url bar in green, orange or red based on the score. Another option for a visual indicator is sslpersonas - AMO link - Github link

For Live HTTP Headers, FF already can replay and show headers in the Dev console in the networktab:
screen shot 2017-04-16 at 9 55 20 am

@earthlng

This comment has been minimized.

Copy link
Member

@earthlng earthlng commented Apr 17, 2017

For Live HTTP Headers, FF already can replay and show headers in the Dev console in the networktab

The NetMonitor doesn't show all requests (fe. the HSTS priming HEAD requests) but the addon does.
And sometimes it's nice to have a way to see all headers in a single place instead of having to click on each request.

@crssi

This comment has been minimized.

Copy link
Collaborator

@crssi crssi commented Apr 24, 2017

Stumbled on PrefBar extension a few days ago.
I don't mean that need to be added to add-on list, but by quick overview looks useful, so I decide to mention it just to let you know. ;)

@fmarier

This comment has been minimized.

Copy link

@fmarier fmarier commented Apr 30, 2017

Is there any e10s-compatible extension that will add a toolbar button to clear the browser's cache/history/etc?

You could use the built-in "forget" button: https://support.mozilla.org/en-US/kb/forget-button-quickly-delete-your-browsing-history

@Gitoffthelawn

This comment has been minimized.

Copy link

@Gitoffthelawn Gitoffthelawn commented May 20, 2017

delete me: it has been added to the first post

eCleaner is an WebExtension to delete:

<snip>

@Gitoffthelawn

This comment has been minimized.

Copy link

@Gitoffthelawn Gitoffthelawn commented Jun 1, 2017

delete me

@Atavic I previously used it as well. It does seem abandoned, but I hope it is not.

The authors have another extension that has received somewhat recent updates, so that is promising.

One of the great features of Click&Clean is the ability to run an external app/script when Firefox is closed. Very useful.

@Gitoffthelawn

This comment has been minimized.

Copy link

@Gitoffthelawn Gitoffthelawn commented Jun 18, 2017

delete me

3 similar comments
@crssi

This comment has been minimized.

Copy link
Collaborator

@crssi crssi commented Jun 22, 2017

delete me

@Gitoffthelawn

This comment has been minimized.

Copy link

@Gitoffthelawn Gitoffthelawn commented Jun 22, 2017

delete me

@Gitoffthelawn

This comment has been minimized.

Copy link

@Gitoffthelawn Gitoffthelawn commented Jun 22, 2017

delete me

@Gitoffthelawn

This comment has been minimized.

Copy link

@Gitoffthelawn Gitoffthelawn commented Jul 1, 2017

delete me

1 similar comment
@Gitoffthelawn

This comment has been minimized.

Copy link

@Gitoffthelawn Gitoffthelawn commented Jul 1, 2017

delete me

@Gitoffthelawn

This comment has been minimized.

Copy link

@Gitoffthelawn Gitoffthelawn commented Jul 2, 2017

@Thorin-Oakenpants and the rest of the motley crew (crue?): You might be interested in https://www.reddit.com/r/firefox/comments/6i1fu2/webext_equivalents_to_legacy_addons/

@kah0922

This comment has been minimized.

Copy link

@kah0922 kah0922 commented Jul 12, 2017

@ghacksuserjs ghacksuserjs deleted a comment from Gitoffthelawn Jul 17, 2017
@ghacksuserjs ghacksuserjs deleted a comment Jul 17, 2017
@2glops

This comment has been minimized.

Copy link

@2glops 2glops commented Jul 17, 2017

Web Extension : Smart HTTPS (revived)
https://addons.mozilla.org/en-US/firefox/addon/smart-https-revived/

Tested on Nightly, performs well.

@ghost

This comment has been minimized.

Copy link

@ghost ghost commented Jul 17, 2017

The problem with Smart HTTPS (revived or plain) is that it won't handle cross-site calls performed from a non-secured site.

Consider, i.e, http://www.cartesfrance.fr/
The site is not secured and calls sites of which some available in https : SmartHTTPS calls those sites in http (doesn't interfere in fact, when the page coder chose http and not https to call those sites) ... but HTTPSEverywhere calls those sites in https because it has rules for those...

smarthttps httpseverywhere

That itself, IMO, is in favor of forgetting SmartHTTPS
Note : the white arrow / black armor icon is my home-made icon for the FF SSleuth add-on

@2glops

This comment has been minimized.

Copy link

@2glops 2glops commented Jul 18, 2017

@zymase
Good point ! I missed that one.

@EchoDev

This comment has been minimized.

Copy link

@EchoDev EchoDev commented Aug 7, 2017

@rebrovov I don't think there are real alternatives.
The bug about Firefox 55 has been opened by someone 3 months ago but it seems he got no response.

https://notabug.org/desktopd/no-resource-uri-leak/issues/14

You have 2 options from what I understand.

  1. You go with ESR and test if that still works.

  2. You use NoScript and it should block the browser leaking info.

You could stay with FF54 but that would expose you to other problems.

@earthlng

This comment has been minimized.

Copy link
Member

@earthlng earthlng commented Aug 7, 2017

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member Author

@Thorin-Oakenpants Thorin-Oakenpants commented Aug 7, 2017

This information has been on the Wiki Addons page for the last 2 months

bugzilla 863246 will not land until 57 at a minimum, as it was decided that with the removal of legacy addons, the task is simplified by magnitudes of order

@EchoDev

This comment has been minimized.

Copy link

@EchoDev EchoDev commented Aug 7, 2017

@Thorin-Oakenpants

HTTPS Everywhere has an experimental Webextension addon, it isn't mentioned in the wiki

See:
EFForg/https-everywhere#9958
https://www.eff.org/files/https-everywhere-test/index.html

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member Author

@Thorin-Oakenpants Thorin-Oakenpants commented Aug 7, 2017

@EchoDev - thanks added the Web Ext github issue to the wiki

Legacy addons that will become WebExt will update automagically. These are currently marked with a green heart (known to be producing a WE). At some stage, I assume, the AMO page for WebExt will differ from the legacy AMO page, and I plan to then list these under BOTH Web Exts and Legacy Addons. For now, nothing has really moved. I can't even find HTTPS by searching on AMO, not even the original (but yes it is there).

The only one I'm missing github and WebExt (info, not the actual extension) is NoScript

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member Author

@Thorin-Oakenpants Thorin-Oakenpants commented Aug 7, 2017

Re: resource URI breaking. I believe earthlng has a working (but non non-e10s) version for use in 55+. Obviously, assuming the roadmap changes again, non e10s (even if the multiprocessCompatible flag is missing) should be good to go until 57. It means you can't go e10s tho

@earthlng : I won't be multi-process until 57 due to a couple of legacy addons. Can you upload your signed non e10s version for us like you did NoRedirect - pleasies, pretty pleasies

@earthlng

This comment has been minimized.

Copy link
Member

@earthlng earthlng commented Aug 7, 2017

#191 both the original + my hotfix are e10s compatible.

@publicarray

This comment has been minimized.

Copy link

@publicarray publicarray commented Aug 8, 2017

Smart Referer is now a hybrid extension (to migrate preferences). The code for the pure web extension is already on GitHub and is planned to ship in the beginning of September

@earthlng

This comment has been minimized.

Copy link
Member

@earthlng earthlng commented Aug 8, 2017

Lol, dude, I totally forgot we had a wiki for this bitch. Can we cleanup the 1st comment here a bit, maybe? Like remove Added [Web Extensions] + Added, these are done here. And while we're at it, can we maybe also work a bit on the wiki itself, fe why are eCleaner + Pure URL still listed under Recommended Addons with the problems they apparently have?!
Or "Cookie AutoDelete - does not work with privacy.firstparty.isolate" - how is that "working in tandem with the ghacks user.js"?
There are 23 freakin addons listed, are you using all of them? I'm using 11 and 2 of those are disabled. IMO the Recommended section should only list a handful of "must-have" addons. Ones that neither you or myself are using could go under a section "ghacks-Community Favorites" or something like that. Instead of listing 2-3 cookie addons we can list "the best" under Recommended (assuming you're using it, because I certainly don't) and the rest under "Alternatives" or so. Same for Redirect Control + Redirector.
The "Don't Bother Recommending These..." can be listed here instead, ideally with a reason why.

For newbies who will read that wiki, recommending them to use 23 freakin addons is nuts!

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member Author

@Thorin-Oakenpants Thorin-Oakenpants commented Aug 8, 2017

ToDo after 55 and changelog - And I'd rather just create a new sticky for WebExt only from here on in

eCleaner - It doesn't clean anything for me, because it is ALL blocked by default (cept history). The only thing it might clean is a site that uses local storage and all the sites I allow cookies (a whopping 8) don't.

Edit: I get the point re "recommended" - I certainly don't use all of them, and never intended that people should take our list as a must-have-ALL-these

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member Author

@Thorin-Oakenpants Thorin-Oakenpants commented Aug 8, 2017

@rebrovov There's a discussion kinda in #174 see my comment: #174 (comment)

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member Author

@Thorin-Oakenpants Thorin-Oakenpants commented Aug 18, 2017

note: I cleaned up the first post. I also cleaned up the wiki page several days ago.

From memory (or though you can look at the revisions, I can't be arsed)

  • legend removed half of the symbols. missing flag or non-e10s items are just noted as such. Web Ext is denoted by section title.
  • linked the two xpi's fixed by earthlng as the ones we recommend, linked to original AMO for info only, and streamlined/cut the amount of notes that were building eg over No Resource URI etc
  • don't recommend section - removed linkage, bundled items together, gave reasons
  • removed eCleaner - that thing is broken IMO. Listed in first post for followup
  • moved Web Ext cookie/local dom issues all under C-AD (some from SDC etc) - there were about 9 bugzilla tickets all up. Way too much going on. Some were too wide (encompassing indexedb, local dom etc) and others seem like a duplicate. All in all, once C-AD is perfect, those 4 bullet points under it can go, but for now I will leave them there for tracking)

Wiki page should all be a lot cleaner and easier to read, less clutter. Hopefully in several months we can ditch all the colored hearts

Edit

  • Smart Referer moved up to Web Ext section
@EchoDev

This comment has been minimized.

Copy link

@EchoDev EchoDev commented Aug 18, 2017

DecentralEyes webextension beta is released
See Synzvato/decentraleyes#173 (comment)

Works for FF56 (beta) and up.

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member Author

@Thorin-Oakenpants Thorin-Oakenpants commented Aug 19, 2017

This is now retired - a new sticky for Web Extensions is now open .. for reporting only, no discussions (open those in a new issue if you want ;) ) or it clutters the sticky

@ghacksuserjs ghacksuserjs locked and limited conversation to collaborators Sep 9, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
9 participants
You can’t perform that action at this time.