91 Matching Annotations
  1. Last 7 days
  2. Jan 2021
  3. Dec 2020
    1. website developers and extension authors

      Like, for example, Google having a problem with ad-blockers in Google Chrome. This is an example of why monopolies aren't great; Google makes money selling ads but they also control a browser that most people use. There's a conflict here when the users of the browser install extensions that limit Google's ability to show you ads.

  4. Oct 2020
    1. The problem is that the since both the JSX transpiler and the traceur compiler are actually parsing the full javascript AST, they would have to mutually agree on the syntax extensions you use: traceur can't parse the faux-xml syntax JSX adds, and JSX can't parse the async or await keywords, for example, or generator functions.
  5. Sep 2020
    1. In '07, safety implied an unacceptable performance hit on slow single-core devices with 128MiB of RAM.

      In 2007, safety implied an unacceptable performance hit for hosting extensions, on devices with one core and 128MiB ram. In 2020, the lack of extensions is the ultimate app-ification of the web, the reduction of the web into a useless, powerless medium where users have no control.

  6. Jul 2020
    1. require 'set' class Array def uniq_elements(&prc) prc ||= ->(e) { e } uniques, dups = {}, Set.new each do |e| k = prc[e] ((uniques.key?(k)) ? (dups << k; uniques.delete(k)) : uniques[k] = e) unless dups.include?(k) end uniques.values end end
  7. Jun 2020
  8. May 2020
    1. 1. Disabling concrete extension update. That's what I wanted! You can do this by editing the extensions manifest json-file on Windows: C:\Users\<USERNAME>\AppData\Local\Google\Chrome\User Data\Default\Extensions\<EXTENSION-ID>\<VERSION>\manifest.json (find out the extensions ID by enabling developer mode in the extension settings page) on Ubuntu for Chromium: ${HOME}/.config/chromium/Default/Preferences In this file set "update_url" property to something invalid like "https://localhost" for example. For now according to given url updating of that extension is simply impossible.
    1. I believe that beginning to distribute tools that patch Firefox and give back power to users and allow them to install unsigned extensions is necessary when an organization is taking away our rights without giving us a compelling reason for doing so.
    2. The other pressing issue is that users have lost the right to run private extensions in the release version of Firefox, without needing to hand over their source code to Mozilla.
    1. I would like to know if you know a way to load unsigned extensions without requiring a developer or unbranded version of Firefox.
    2. To load one temporarily go to about:debugging, "This Firefox" and click "Load temporary add-on from file". More permanently: many (most?) Linux distributions allow unsigned extensions to be placed in /usr/lib/firefox/browser/extensions/ and they will automatically be loaded, provided they have valid names (e.g. dodgy@unsignedextension.com.xpi).
    1. Add-ons that are intended for internal or private use, are only accessible to a closed user group, or for distribution testing may not be listed on AMO. Such add-ons may be uploaded for self-distribution instead.
  9. Apr 2020
  10. Mar 2020
    1. On top of standard Markdown blockquotes, which require prepending > to quoted lines, GFM supports multiline blockquotes fenced by >>>:

      First sighting of this >>>. I like it! It's always a pain to paste in a quote and then have to manually prefix every line with >, esp. if there are many lines.

      I also like that it very nicely parallels the multilne code block delimeter syntax.

    1. This is where the incredibly useful gettext filter comes in. If you take a peek at your plugin's code you'll see strings like this: .gist table { margin-bottom: 0; } <?php _e( 'Related Products', 'woocommerce' ); ?> view raw sample-translatable-string.php hosted with by GitHub You can easily translate these strings by adding a filter to your functions.php file: .gist table { margin-bottom: 0; } <?php /** * Change text strings * * @link http://codex.wordpress.org/Plugin_API/Filter_Reference/gettext */ function my_text_strings( $translated_text, $text, $domain ) { switch ( $translated_text ) { case 'Related Products' : $translated_text = __( 'Check out these related products', 'woocommerce' ); break; } return $translated_text; } add_filter( 'gettext', 'my_text_strings', 20, 3 );
  11. Jan 2020
  12. Dec 2019
  13. Nov 2019
    1. Registering new services to the Injector If you've created a module using React, it's a good idea to afford other developers an API to enhance those components, forms, and state. To do that, simply register them with Injector.
  14. Oct 2019
  15. Aug 2019
  16. Feb 2019
  17. Oct 2018
  18. Sep 2017
  19. Aug 2017
    1. 6.2 Extension IDs Each extension has an extension ID that follows the browserext:// protocol. For example browserext://MyExtension_c1wakc4j0nefm/options.html browserext://dfcijpibodeoenkablikbkiobbdnkfki/options.html The algorithms that generate these IDs are different for each browser. To access these resources, do not hardcode the ID generated by a particular browser. Instead, use the runtime.getURL() method to convert a relative file name or path to the absolute name or path, which includes the extension ID.

      Vivaldi, as you know, I love your browser and use it primary and multiple times a day, despite it's quirks deviating from Chrome.

      Having said this, can we eliminate the generated file names for extensions, screenshots, and notes?

  20. Apr 2016
  21. Oct 2015
    1. So rather than waiting further we decided to instrument the existing web interface — not a terribly elegant or reliable solution but it works for now.

      Sigh, it looks like we'll need to do something similar for H in order to automate the Firefox extension build process unless APIs are ready soon.

  22. Aug 2015
    1. This section defines three signature algorithms based on the RSA encryption process described in Sections 8 and 9. The intended use of the signature algorithms is in signing X.509/PEM certificates and certificate-revocation lists, PKCS #6 extended certificates, and other objects employing digital signatures such as X.401 message tokens. The algorithms are not intended for use in constructing digital signatures in PKCS #7. The first signature algorithm (informally, "MD2 with RSA") combines the MD2 message-digest algorithm with RSA, the second (informally, "MD4 with RSA") combines the MD4 message-digest algorithm with RSA, and the third (informally, "MD5 with RSA") combines the MD5 message-digest algorithm with RSA.

      See http://security.stackexchange.com/questions/10706/encode-der-with-openssl for a high level overview of the signing process

    1. Accessing a Webpage
    2. In Share extensions (on both platforms) and Action extensions (iOS only), you can give users access to web content by asking Safari to run a JavaScript file and return the results to the extension.
    3. On both platforms, your custom JavaScript class can define a run() function that Safari invokes as soon as it loads the JavaScript file. In the run() function, Safari provides an argument named completionFunction, with which you can pass results to your app extension in the form of a key-value object. In iOS, you can also define a finalize() function that Safari invokes when your app extension calls completeRequestReturningItems:completion: at the end of its task. A finalize() function can use items your extension passes in completeRequestReturningItems:completion: to change the webpage as desired.
    4. Create a JavaScript file that includes a global object named ExtensionPreprocessingJS. Assign a new instance of your custom JavaScript class to this object.
    1. When we first set out to identify malicious extensionsour expectation was to find banking trojans and pass-word stealers that duplicated the strategies pioneered byZeus and SpyEye. In practice, the abusive extensionecosystem is drastically different from malicious bina-ries. Monetization hinges on direct or indirect relation-ships with syndicated search partners and ad injection af-filiate programs, some of which earn millions of dollarsfrom infected users [37]. Miscreants derive wealth fromtrafficanduser targetingrather than the computing re-sources or privileged access mediated via the browser. Itmay simply be that the authors of malicious binaries havelittle incentive (or external pressure) to change, leavingextensions to a distinct set of actors. This uncertainty isa strong motivation for exploring the extension ecosys-tem further.

      This is the section that identifies the motives and economics around malicious extensions