Frederik Braun mozfreddyb

## csmlogparser.py
#!/usr/bin/env python3

import yaml
import sys
from functools import reduce


def lines_into_blocks():
    consume_into_block = False
    block = []

## principals-reference.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                mozfreddyb
                / principals-reference.md
            
            
              Last active
              August 3, 2020 11:29
            
              
                reference sheet for principals in mozilla code
              
          
    Reference Sheet for Principals in Mozilla Code

Note: This is the "reference sheet" version.
The details and the big picture are covered in Understanding Web Security Checks in Firefox (Part 1).
Principals as a level of privilege

A security context is always using one of these four kinds of Principals:

ContentPrincipal: This principal is used for typical web pages and can be serialized to an origin URL, e.g., https://example.com/
NullPrincipal: Some pages are never same-origin with anything else. E.g., <iframes sandbox> or documents loaded with a data: URI. The standard calls this an opaque origin.
SystemPrincipal: The SystemPrincipal is used for the browser's user interface, commonly referred to as "browser chrome". Pages like about:preferences use the SystemPrincipal.


## foo.js
/* This script can be run on a searchfox.org results page as it is.
 * the results.normal from line 9 is already in global scope and can be iterated as it is
 * Note that this "results.normal" does /not/ include occurences in tests or generated code.
 * Use other properties of the "results" object instead, if you need these.
 */

// objkey is something like "Uses (searchterm)"
objkey = Object.keys(results.normal)[0];
occs = results.normal[objkey];
t = [];

## vimdiff.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                mozfreddyb
                / vimdiff.md
            
            
              Last active
              December 13, 2022 11:57
                — forked from mattratleph/vimdiff.md
            
              
                vimdiff cheat sheet
              
          
    vimdiff cheat sheet

git mergetool

In the middle file (future merged file), you can navigate between conflicts with ]c and [c.
Choose which version you want to keep with :diffget //2 or :diffget //3 (the //2 and //3 are unique identifiers for the target/master copy and the merge/branch copy file names).
:diffupdate (to remove leftover spacing issues)

:only (once you’re done reviewing all conflicts, this shows only the middle/merged file)

  
## weekly_release.py
#!/usr/local/bin/python3

import requests
import json
from twilio.rest import Client

HEADERS = {'Accept': 'application/vnd.github.inertia-preview+json'}
GH_TOKEN = "XXX" # Your auth token from https://github.com/settings/tokens
TW_SID = "XXX" # Your Account SID from twilio.com/console
TW_TOKEN = "XXX" # Your Auth Token from twilio.com/console

## log.txt

[Parent 10611: Main Thread]: D/CSMLog doContentSecurityCheck {
[Parent 10611: Main Thread]: D/CSMLog   channelURI: about:addons
[Parent 10611: Main Thread]: D/CSMLog   loadingPrincipal: nullptr
[Parent 10611: Main Thread]: D/CSMLog   triggeringPrincipal: SystemPrincipal
[Parent 10611: Main Thread]: D/CSMLog   principalToInherit: NullPrincipal
[Parent 10611: Main Thread]: D/CSMLog   RedirectChain:
[Parent 10611: Main Thread]: D/CSMLog   internalContentPolicyType: 6
[Parent 10611: Main Thread]: D/CSMLog   externalContentPolicyType: 6
[Parent 10611: Main Thread]: D/CSMLog   upgradeInsecureRequests: false

## log.txt
[Child 10890: Main Thread]: D/CSMLog doContentSecurityCheck {
[Child 10890: Main Thread]: D/CSMLog   channelURI: about:blank
[Child 10890: Main Thread]: D/CSMLog   loadingPrincipal: nullptr
[Child 10890: Main Thread]: D/CSMLog   triggeringPrincipal: SystemPrincipal
[Child 10890: Main Thread]: D/CSMLog   principalToInherit: NullPrincipal
[Child 10890: Main Thread]: D/CSMLog   RedirectChain:
[Child 10890: Main Thread]: D/CSMLog   internalContentPolicyType: 6
[Child 10890: Main Thread]: D/CSMLog   externalContentPolicyType: 6
[Child 10890: Main Thread]: D/CSMLog   upgradeInsecureRequests: false
[Child 10890: Main Thread]: D/CSMLog   initalSecurityChecksDone: false

## log.txt
[Child 10890: Main Thread]: D/CSMLog doContentSecurityCheck {
[Child 10890: Main Thread]: D/CSMLog   channelURI: http://example.com/
[Child 10890: Main Thread]: D/CSMLog   HTTP Method: GET
[Child 10890: Main Thread]: D/CSMLog   loadingPrincipal: nullptr
[Child 10890: Main Thread]: D/CSMLog   triggeringPrincipal: SystemPrincipal
[Child 10890: Main Thread]: D/CSMLog   principalToInherit: NullPrincipal
[Child 10890: Main Thread]: D/CSMLog   RedirectChain:
[Child 10890: Main Thread]: D/CSMLog   internalContentPolicyType: 6
[Child 10890: Main Thread]: D/CSMLog   externalContentPolicyType: 6
[Child 10890: Main Thread]: D/CSMLog   upgradeInsecureRequests: false

## export-passwords.js
// for use within chrome://passwordmgr/content/passwordManager.xul

// this is the title of the CSV data
var csv = `"hostname", "username", "password"`;

// the signons variable already exists when the document is loaded.
// looping through all entries, called e.
for (var e of signons) {
    // JSON.stringify properly adds quotes, regardless of what characters the entries.
    // so for every entry, take e.hostname, e.username, e.passwowrd and turn them into a quoted string

## add-ca-cert.js
if (typeof Cc == "undefined") { Cc = Components.classes; }
if (typeof Cu == "undefined") { Cu = Components.utils; }
if (typeof Ci == "undefined") { Ci = Components.interfaces; }

const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
const nsIX509Cert = Ci.nsIX509Cert;
const nsIX509CertDB = Ci.nsIX509CertDB;
const certdb = Cc[nsX509CertDB].getService(nsIX509CertDB);

let certstring = `-----BEGIN CERTIFICATE-----
	#!/usr/bin/env python3

	import yaml
	import sys
	from functools import reduce


	def lines_into_blocks():
	consume_into_block = False
	block = []
	/* This script can be run on a searchfox.org results page as it is.
	* the results.normal from line 9 is already in global scope and can be iterated as it is
	* Note that this "results.normal" does /not/ include occurences in tests or generated code.
	* Use other properties of the "results" object instead, if you need these.
	*/

	// objkey is something like "Uses (searchterm)"
	objkey = Object.keys(results.normal)[0];
	occs = results.normal[objkey];
	t = [];
	#!/usr/local/bin/python3

	import requests
	import json
	from twilio.rest import Client

	HEADERS = {'Accept': 'application/vnd.github.inertia-preview+json'}
	GH_TOKEN = "XXX" # Your auth token from https://github.com/settings/tokens
	TW_SID = "XXX" # Your Account SID from twilio.com/console
	TW_TOKEN = "XXX" # Your Auth Token from twilio.com/console

	[Parent 10611: Main Thread]: D/CSMLog doContentSecurityCheck {
	[Parent 10611: Main Thread]: D/CSMLog channelURI: about:addons
	[Parent 10611: Main Thread]: D/CSMLog loadingPrincipal: nullptr
	[Parent 10611: Main Thread]: D/CSMLog triggeringPrincipal: SystemPrincipal
	[Parent 10611: Main Thread]: D/CSMLog principalToInherit: NullPrincipal
	[Parent 10611: Main Thread]: D/CSMLog RedirectChain:
	[Parent 10611: Main Thread]: D/CSMLog internalContentPolicyType: 6
	[Parent 10611: Main Thread]: D/CSMLog externalContentPolicyType: 6
	[Parent 10611: Main Thread]: D/CSMLog upgradeInsecureRequests: false
	[Child 10890: Main Thread]: D/CSMLog doContentSecurityCheck {
	[Child 10890: Main Thread]: D/CSMLog channelURI: about:blank
	[Child 10890: Main Thread]: D/CSMLog loadingPrincipal: nullptr
	[Child 10890: Main Thread]: D/CSMLog triggeringPrincipal: SystemPrincipal
	[Child 10890: Main Thread]: D/CSMLog principalToInherit: NullPrincipal
	[Child 10890: Main Thread]: D/CSMLog RedirectChain:
	[Child 10890: Main Thread]: D/CSMLog internalContentPolicyType: 6
	[Child 10890: Main Thread]: D/CSMLog externalContentPolicyType: 6
	[Child 10890: Main Thread]: D/CSMLog upgradeInsecureRequests: false
	[Child 10890: Main Thread]: D/CSMLog initalSecurityChecksDone: false
	[Child 10890: Main Thread]: D/CSMLog doContentSecurityCheck {
	[Child 10890: Main Thread]: D/CSMLog channelURI: http://example.com/
	[Child 10890: Main Thread]: D/CSMLog HTTP Method: GET
	[Child 10890: Main Thread]: D/CSMLog loadingPrincipal: nullptr
	[Child 10890: Main Thread]: D/CSMLog triggeringPrincipal: SystemPrincipal
	[Child 10890: Main Thread]: D/CSMLog principalToInherit: NullPrincipal
	[Child 10890: Main Thread]: D/CSMLog RedirectChain:
	[Child 10890: Main Thread]: D/CSMLog internalContentPolicyType: 6
	[Child 10890: Main Thread]: D/CSMLog externalContentPolicyType: 6
	[Child 10890: Main Thread]: D/CSMLog upgradeInsecureRequests: false
	// for use within chrome://passwordmgr/content/passwordManager.xul

	// this is the title of the CSV data
	var csv = `"hostname", "username", "password"`;

	// the signons variable already exists when the document is loaded.
	// looping through all entries, called e.
	for (var e of signons) {
	// JSON.stringify properly adds quotes, regardless of what characters the entries.
	// so for every entry, take e.hostname, e.username, e.passwowrd and turn them into a quoted string
	if (typeof Cc == "undefined") { Cc = Components.classes; }
	if (typeof Cu == "undefined") { Cu = Components.utils; }
	if (typeof Ci == "undefined") { Ci = Components.interfaces; }

	const nsX509CertDB = "@mozilla.org/security/x509certdb;1";
	const nsIX509Cert = Ci.nsIX509Cert;
	const nsIX509CertDB = Ci.nsIX509CertDB;
	const certdb = Cc[nsX509CertDB].getService(nsIX509CertDB);

	let certstring = `-----BEGIN CERTIFICATE-----