You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Feb 20, 2023. It is now read-only.
In order to prepare for AMO migration to GCP we have to make some changes to the way we handle add-on storage, and this in turn made us revisit our download URLs.
Previously, our download URLs would look like https://addons.mozilla.org/{app}/downloads/file/{fileid}/{filename.xpi} and redirect to https://addons.cdn.mozilla.net/user-media/addons/{addonid}/{filename.xpi}?filehash=sha256:{hash}.
Now, the redirect is removed and the download starts immediately from the download URL. That works with Fenix, we tested that with a custom build that changes AMO_BASE_URL. That change will land this week in production.
However, one thing we had before is the filehash= querystring. That helped ensure the CDN doesn't serve out of date cached responses for a download URL, which can happen if the file is accessed before signing (it would error out, we want that error to be cached but not be served once the file is signed and supposed to be available to the public). We'd like to re-introduce that, adding the query string to the download URL, but Fenix has code to intercept requests to extension downloads in order to trigger installs, and @csadilek mentioned on slack that it looks like it would break because the check is using matchEntire() and not just find().
Going further: would you mind tweaking the regex to allow downloads with and without the /android/ prefix ? i.e. in addition to supporting https://addons.mozilla.org/android/downloads/file/3913320/ublock_origin-1.41.8-an+fx.xpi, also support https://addons.mozilla.org/downloads/file/3913320/ublock_origin-1.41.8-an+fx.xpi ?
csadilek
added a commit
to csadilek/fenix
that referenced
this issue
Mar 24, 2022
In order to prepare for AMO migration to GCP we have to make some changes to the way we handle add-on storage, and this in turn made us revisit our download URLs.
Previously, our download URLs would look like
https://addons.mozilla.org/{app}/downloads/file/{fileid}/{filename.xpi}
and redirect tohttps://addons.cdn.mozilla.net/user-media/addons/{addonid}/{filename.xpi}?filehash=sha256:{hash}
.Now, the redirect is removed and the download starts immediately from the download URL. That works with Fenix, we tested that with a custom build that changes AMO_BASE_URL. That change will land this week in production.
However, one thing we had before is the
filehash=
querystring. That helped ensure the CDN doesn't serve out of date cached responses for a download URL, which can happen if the file is accessed before signing (it would error out, we want that error to be cached but not be served once the file is signed and supposed to be available to the public). We'd like to re-introduce that, adding the query string to the download URL, but Fenix has code to intercept requests to extension downloads in order to trigger installs, and @csadilek mentioned on slack that it looks like it would break because the check is usingmatchEntire()
and not justfind()
.┆Issue is synchronized with this Jira Task
The text was updated successfully, but these errors were encountered: