Skip to content

Instantly share code, notes, and snippets.

👨‍🌾
will return on April 29th

Frederik mozfreddyb

View GitHub Profile
@mozfreddyb
mozfreddyb / log.txt
Created Dec 10, 2018
content security data for top level load of about:addons (plus some extra in between
View log.txt
[Parent 10611: Main Thread]: D/CSMLog doContentSecurityCheck {
[Parent 10611: Main Thread]: D/CSMLog channelURI: about:addons
[Parent 10611: Main Thread]: D/CSMLog loadingPrincipal: nullptr
[Parent 10611: Main Thread]: D/CSMLog triggeringPrincipal: SystemPrincipal
[Parent 10611: Main Thread]: D/CSMLog principalToInherit: NullPrincipal
[Parent 10611: Main Thread]: D/CSMLog RedirectChain:
[Parent 10611: Main Thread]: D/CSMLog internalContentPolicyType: 6
[Parent 10611: Main Thread]: D/CSMLog externalContentPolicyType: 6
[Parent 10611: Main Thread]: D/CSMLog upgradeInsecureRequests: false
@mozfreddyb
mozfreddyb / log.txt
Created Dec 10, 2018
content security data for a top level about:blank load
View log.txt
[Child 10890: Main Thread]: D/CSMLog doContentSecurityCheck {
[Child 10890: Main Thread]: D/CSMLog channelURI: about:blank
[Child 10890: Main Thread]: D/CSMLog loadingPrincipal: nullptr
[Child 10890: Main Thread]: D/CSMLog triggeringPrincipal: SystemPrincipal
[Child 10890: Main Thread]: D/CSMLog principalToInherit: NullPrincipal
[Child 10890: Main Thread]: D/CSMLog RedirectChain:
[Child 10890: Main Thread]: D/CSMLog internalContentPolicyType: 6
[Child 10890: Main Thread]: D/CSMLog externalContentPolicyType: 6
[Child 10890: Main Thread]: D/CSMLog upgradeInsecureRequests: false
[Child 10890: Main Thread]: D/CSMLog initalSecurityChecksDone: false
@mozfreddyb
mozfreddyb / log.txt
Created Dec 10, 2018
content security data for a top level URL load
View log.txt
[Child 10890: Main Thread]: D/CSMLog doContentSecurityCheck {
[Child 10890: Main Thread]: D/CSMLog channelURI: http://example.com/
[Child 10890: Main Thread]: D/CSMLog HTTP Method: GET
[Child 10890: Main Thread]: D/CSMLog loadingPrincipal: nullptr
[Child 10890: Main Thread]: D/CSMLog triggeringPrincipal: SystemPrincipal
[Child 10890: Main Thread]: D/CSMLog principalToInherit: NullPrincipal
[Child 10890: Main Thread]: D/CSMLog RedirectChain:
[Child 10890: Main Thread]: D/CSMLog internalContentPolicyType: 6
[Child 10890: Main Thread]: D/CSMLog externalContentPolicyType: 6
[Child 10890: Main Thread]: D/CSMLog upgradeInsecureRequests: false
View export-passwords.js
// for use within chrome://passwordmgr/content/passwordManager.xul
// this is the title of the CSV data
var csv = `"hostname", "username", "password"`;
// the signons variable already exists when the document is loaded.
// looping through all entries, called e.
for (var e of signons) {
// JSON.stringify properly adds quotes, regardless of what characters the entries.
// so for every entry, take e.hostname, e.username, e.passwowrd and turn them into a quoted string
@mozfreddyb
mozfreddyb / add-ca-cert.js
Created Jul 10, 2017
privileged JS for Firefox to add a certificate as a trusted CA
View add-ca-cert.js
if (typeof Cc == "undefined") { Cc = Components.classes; }
if (typeof Cu == "undefined") { Cu = Components.utils; }
if (typeof Ci == "undefined") { Ci = Components.interfaces; }
const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
const nsIX509Cert = Ci.nsIX509Cert;
const nsIX509CertDB = Ci.nsIX509CertDB;
const certdb = Cc[nsX509CertDB].getService(nsIX509CertDB);
let certstring = `-----BEGIN CERTIFICATE-----
@mozfreddyb
mozfreddyb / fix-unsanitized-violations.js
Last active Jun 2, 2017
doesnt fix, but comment-out violations to a specific eslint rule
View fix-unsanitized-violations.js
#!/usr/bin/env nodejs
var fs = require('fs');
var vobj;
const DISABLE_NEXT_LINE = "// eslint-disable-next-line ";
fs.readFile('build/gecko/inline-violations.json', 'utf8', function (err, data) {
if (err) throw err; // we'll not consider error handling for now
@mozfreddyb
mozfreddyb / random_string.js
Created Apr 15, 2016
generate random strings, e.g., for passwords
View random_string.js
/*
in one line for bookmarkletts:
javascript:!function(){"use strict";function r(){var r=new Uint8Array(n);window.crypto.getRandomValues(r);var r=Array.apply([],r);return r=r.filter(function(r){return r>32&&127>r}),String.fromCharCode.apply(String,r)}for(var n=50,t=20,a=r();a.length<t;)a+=r();prompt("",a)}();
*/
(function() {
"use strict";
var MAXLEN=50; /* tweak this */
var MINLEN=20;
function genString() {
@mozfreddyb
mozfreddyb / innerhtml-hook.js
Last active Aug 17, 2017
inspect assignments to innerHTML
View innerhtml-hook.js
/* inject via
ppmm.loadFrameScript("data:,<js source>", true);
(where ppmm is the message manager, e.g. in shell.js)
framescript documentation explains why this works[1] and
the message manager docs[2] explain that the parent process
manager defined as ppmm in shell.js[3] can be used.
[1] https://developer.mozilla.org/en-US/Firefox/Multiprocess_Firefox/Frame_script_loading_and_lifetime
View cpow-valence
time time in CPOWs name
2154860μs 0μs Firefox Developer Tools Adapters
117456μs 0μs [System Principal], file:///home/freddy/.mozilla/firefox/4bvglb2b.nightly-chrome-debugger/extensions/fxdevtools-adapters@mozilla.org/bootstrap.js (from: resource://gre/modules/addons/XPIProvider.jsm:4322)
517796μs 0μs [System Principal], resource://gre/modules/commonjs/sdk/addon/runner.js (from: resource://gre/modules/commonjs/toolkit/loader.js:241)
19288μs 0μs [System Principal], resource://gre/modules/commonjs/sdk/self.js (from: resource://gre/modules/commonjs/toolkit/loader.js:241)
4401μs 0μs [System Principal], resource://gre/modules/commonjs/sdk/preferences/service.js (from: resource://gre/modules/commonjs/toolkit/loader.js:241)
12029μs 0μs [System Principal], resource://gre/modules/commonjs/sdk/net/url.js (from: resource://gre/modules/commonjs/toolkit/loader.js:241)
2035μs 0μs [System Principal], resource://gre/modules/commonjs/sdk/core/promise.js (from: resource://gre/modules/commonjs/toolkit/loader.js:241)
@mozfreddyb
mozfreddyb / make-ni-uri.py
Created Sep 29, 2014
Computes the sha256 digest of the given file names and prints them in a ni URL.
View make-ni-uri.py
#!/usr/bin/env python
from sys import argv
import hashlib
from base64 import urlsafe_b64encode
from mimetypes import guess_type
from os.path import basename
def get_mimetype(filename):
mt = guess_type(filename)[0]
You can’t perform that action at this time.