-
Notifications
You must be signed in to change notification settings - Fork 35
Development Basics
See Setting up a development environment and Working with the Source Code.
For distribution, the source code is packaged into .xpi
files. XPI files are just zip
archives which you can extract like any other. However, if you want to work on the source code you should take the code from the repository, because the XPI's content and the code in the src/
directory are not exactly the same.
RequestPolicy adds XUL elements to every browser window, such as the menu button. There's a great XUL Tutorial on MDN.
When developing Mozilla Add-Ons you will stumble upon XPCOM components:
There are some very useful tools for developing addons. To name some of them:
- the Browser Toolbox and other Firefox Developer Tools – to debug extensions
- the DOM Inspector and Inspect Context – inspect, browse, and edit the DOM of XUL windows
The main source code lives in the src/
directory, unit tests in tests
.
RequestPolicy is written in JavaScript. Some unit tests (Marionette) are written in Python.
When the addon is installed, the files install.rdf
and chrome.manifest
are parsed and bootstrap.js
is executed. More infos:
-
install.rdf
: docs. It specifies the addon's ID, name, description and version string, as well as the web browsers'minVersion
andmaxVersion
. -
chrome.manifest
: docs, tutorial. It specifies thechrome://rpcontinued/
URI. -
bootstrap.js
: docs
From bootstrap.js
RequestPolicy is started up.
RequestPolicy's blocking functionality bases mostly on the nsIContentPolicy
interface. RequestPolicy implements this interface by an XPCOM component. The component's shouldLoad
function will be called for each request to decide whether or not the resource at a given location should be loaded.
Each request has a destination URI, and often also an origin URI. For information about about URIs see STD 66 (Internet standard) – especially Appendix A. There's also some information on wikipedia.
This is the ABNF definition of an URI:
scheme ":" hier-part [ "?" query ] [ "#" fragment ]
The „scheme“ often is http
or https
. The „hier-part“ normally is the host in the form of //www.example.com
or //127.0.0.1
.
RequestPolicy treats domain names either as full domains (e.g. www.example.com
) or regarding their „Base Domain“ (e.g. example.com
). The Base Domain is determined using the „Public Suffix List“ (wikipedia, publicsuffix.org). Therefore, for example, the Base Domain of xyz.cloudfront.net
is equally xyz.cloudfront.net
, not cloudfront.net
.
Have a look at the MDN articles Security check basics and Same-origin policy
-
ruleset
: a list of rules. can be empty. -
rule
: contains some selection specification (e.g.origin
anddestination
) and apolicy
-
policy
: whether requests matching a rule are allowed or blocked
The following abbreviations are used
-
RP
: RequestPolicy;RPC
: RequestPolicy Continued -
Fx
: Firefox -
e10s
: Electrolysis (aka multiprocess firefox)
- Home
- About
- Help & Support
-
Documentation
- Quick Start
- FAQ
- benefits of using RP
- miscellaneous
- Contributing
- Development