How can I verify the signature of a message following the CMS structure (https://www.rfc-editor.org/rfc/rfc5652) by using the Firefox Add-On SDK?
I already could find some classes (e.g. http://doxygen.db48x.net/mozilla/html/interfacensICMSMessage.html), but I'm unsure if I can use them in an Add-On as there is not very much documentation.
If this is not possible, is there at least a way to check if the given certificate of the message is trusted by the list of CAs built into Firefox? (I'll try to use the webcrypto API to verify the signature in this case)
Related
I am developing a firefox web extension (Add On) which communicates with my Native Mac Application through "Socket Connection". I got stuck with the requirement to authorise the Client (Socket client from firefox add on) as I am unable to find out a unique identifier for my unpacked firefox add on.
I am trying to map the unique Id in the application side so that I can check whether the add on with same Id is trying to connect to the Socket server which would be restricted in case of unauthorised Identifier.
The identifier that comes along with Origin header in the connection request is Internal UUID of the add on which changes on each installation as per Firefox documentation.
I welcome an answer that could guide me to choose a perfect unique identifier or different approach that could validate the add on.
To have it work in this scenario, you will need to add in the applications key in manifest.json
Once you have finished developing the extension, you can package it and submit it to AMO for review and signing. If the packaged extension you upload does not contain an ID, AMO will generate one for you. It's only at this point that the add-on will be assigned a permanent ID, which will be embedded in the signed packaged extension.
Check out MDN webdocs for the full information on that though. They have full guides on how to use AMO as well.
I want to create a Firefox Addon using WebExtensions, that will;
Display user, list of already created Firefox profiles
Ability to switch Profile
Just like User Agent Switcher (it was built on top of Mozilla Addon SDK). Watch https://www.screencast.com/t/Zj4AkTmFfA
I am unable to find any api reference over https://developer.mozilla.org/en-US/Add-ons/WebExtensions to access profiles list or switch profile.
Not sure if Mozilla is going to remove accessing Firefox profiles from within WebExtensions like they have restricted access to Firefox preferences (about:config).
I'm afraid there is no API, at the moment, to deal with user profiles. Other than the list on MDN, there's a list of APIs that have been approved and are being implemented.
However, there is one mid-term possibility: you can file a bug to request the support for a new API. This doesn't necessarily mean that your request will be implemented, but it does mean that it will be at least discussed. There's a guide here on how to do that.
If none of these options address your situation, you can consider
filing an API request. Before you do, please keep in mind:
The goal of WebExtensions is not to support every use case from legacy extensions. In most cases, the functionality you need can be
built with WebExtensions APIs, but it requires some re-thinking and
modification.
Generic or very broad bugs are hard to turn into actionable issues. Try to limit the focus if possible.
We do try to review all incoming API requests, but it takes time, so please be patient.
Do a search to see if the bug exists already.
Still want to file a new API? You can do so here.
Please note that there are ideas for filesystem access post Firefox 57: this could potentially be used to at least show the different user profiles.
I am currently getting "You do not have access to the following domain:" error in Google developer console when attempting to use the "Configure webhook notifications" button for Google API push notifications despite the fact that the very same site / domain is listed as mine in Webmaster Tools and I have access to all of the services there. Any ideas?
I guess you also registered "https://yourdomain.com" in google webmaster tools, because the webhooks require https.
The very same thing is happening to me since about one week. I can add all kinds of domains to the push notification list, even "www.chatgrape.com" but not "chatgrape.com".
I described the problem in the Google Product Forums in detail but nobody was able to help me yet: https://productforums.google.com/forum/#!category-topic/apps/general-discussion/Numad1TlCJ8
Yes I actually found that it would only work if I had the https version of the URL registered in Webmaster tools. However, the reason that I can use an https version is that there are some SSL services included with a free CloudFlare account. This does not include using a signed certificate installed on your server. To use Google push, you need to have a certificate installed and it cannot be self signed.
How to use C++ to generate Certificate Signing Request by windows API?
I want to generate csr and send it to the server to sign it.
But I can't find the API.
Does anyone have some suggestion?
The library looks to be: CertEnroll.dll
http://msdn.microsoft.com/en-us/library/aa374863%28VS.85%29.aspx
These samples shows hot to access them from C++. This is where your application should go for the CSR.
While attempting to upload my apps binary to iTunes Connect, I get errors when I validate my app. The errors are:
- Your app contains non-public API usage.
- Apps are not permitted to access the UDID and must not use the uniqueIdentifier method of UIDevice
I have gone through several similar S.O. questions, such as:
- non-public API usage Warning...preventing validation on upload to App store?
- App rejected, but I don't use UDID
- Binary rejected because of Non-public API usage (google analytic iOSv2)
As far as I know, my app only uses the Flurry API and Google AdMob API. I have updated both of those with no change.
When I used the command grep -Rnis 'uniqueIdentifier' * I get the following:
Binary file BroncoMobile [CURRENT]/BroncoMobile/BroncoMobile.xcodeproj/project.xcworkspace/xcuserdata/oit.xcuserdatad/UserInterfaceState.xcuserstate matches
Binary file Bronco Mobile [CURRENT]/BroncoMobile/libGoogleAdMobAds.a matches
The match with libGoogleAdMobAds.a makes me assume that there is still a problem with the GADMob API, and I'm not sure on how the UserInterfaceState.xcuserstate match could cause problems with validation (or how to fix it if it is the problem).
If there are any more suggestions for how I can find the source of the error in the validation that would be greatly appreciated. If there is any more information I can provide about my app, I would be more than willing to edit my question to include whatever is needed.
I would suggest you to double check to make sure you are using latest version of Google AdMob API. I faced the similar problem in past and fixed it only by using latest Google AdMob SDK.
Also, you may like to check this question.