We keep hitting cases where we would like Firefoxes in the field to have some data updated using a process which is much lighter in expended effort than shipping a security release. Here are some examples of the data Firefox stores that I know of which might benefit from this:
- The Public Suffix List (more important with new TLDs coming) - The Root CA store, or trust lists in general - Addon and plugin blacklists - The default prefs file - The UA override list (needed for B2G, at least) (In addition, the IDN TLD whitelist would have been on that list until it was recently obsoleted, and there are possible future additions - intermediate CA whitelists being one I know some people want. Safe Browsing already has its own dedicated service.) It was the last of these which has triggered this conversation. Given that we need a system for dynamically updating the UA override list on B2G and maybe Android too, and that I know Brian Smith is thinking about how we can have dynamic updates to the Root CA store, is it worth spending a little extra effort to build something which can be used for these other cases too, and any others which come along? The question for webdev is: do we have existing services we can repurpose or tweak for this? v1 requirements: - Firefox polls server every 24 hours - Secure connection - Server sends names of files to be replaced and new data - File on disk at Firefox end gets replaced (and would be reloaded on restart) - Ability to send different data to different clients - Ability to cope and fall-back to profile-stored per-user info if Firefox directory is read-only Future stuff: - Ability to trigger data reload without restart - Ability to integrate data not stored in separate file - Send only deltas - Intelligent scheduling - Server-side ability to send different data to different versions of the same client Gerv _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform