From: Philipp Kewisch Date: Tue, 5 Feb 2019 17:52:08 +0000 (+0100) Subject: Bug 1525308 - Add a custom bug entry form for blocklisting bugs X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=579e31cc9db2aa7e881e9badc30b5c72505895df;p=thirdparty%2Fbugzilla.git Bug 1525308 - Add a custom bug entry form for blocklisting bugs --- diff --git a/extensions/BMO/Extension.pm b/extensions/BMO/Extension.pm index efddc7385..c5551e134 100644 --- a/extensions/BMO/Extension.pm +++ b/extensions/BMO/Extension.pm @@ -2766,6 +2766,10 @@ sub app_startup { '/:REWRITE_web_bounty' => [REWRITE_web_bounty => qr{form[\.:]web[\.:]bounty}]) ->to( 'CGI#enter_bug_cgi' => {'format' => 'web-bounty', 'product' => 'mozilla.org'}); + $r->any( + '/:REWRITE_blocklist_bug' => [REWRITE_blocklist_bug => qr{form[\.:]blocklist}]) + ->to( + 'CGI#enter_bug_cgi' => {'format' => 'blocklist', 'product' => 'Toolkit'}); $r->any( '/:REWRITE_automative' => [REWRITE_automative => qr{form[\.:]automative}]) ->to( diff --git a/extensions/BMO/template/en/default/bug/create/create-blocklist.html.tmpl b/extensions/BMO/template/en/default/bug/create/create-blocklist.html.tmpl new file mode 100644 index 000000000..335793846 --- /dev/null +++ b/extensions/BMO/template/en/default/bug/create/create-blocklist.html.tmpl @@ -0,0 +1,231 @@ +[%# This Source Code Form is subject to the terms of the Mozilla Public + # License, v. 2.0. If a copy of the MPL was not distributed with this + # file, You can obtain one at http://mozilla.org/MPL/2.0/. + # + # This Source Code Form is "Incompatible With Secondary Licenses", as + # defined by the Mozilla Public License, v. 2.0. + #%] + +[% PROCESS global/variables.none.tmpl %] + +[% inline_style = BLOCK %] +#blocklist_form h1 { + margin-bottom: 0; +} +#blocklist_form .required:after { + content: " *"; + color: red; +} +#blocklist_form .field_label { + font-weight: bold; +} +#blocklist_form .field_desc { + padding-bottom: 3px; +} +#blocklist_form .field_desc, +#blocklist_form .head_desc { + width: 600px; + word-wrap: normal; +} +#blocklist_form .head_desc { + padding-top: 5px; + padding-bottom: 12px; +} +#blocklist_form .form_section { + margin-bottom: 10px; +} +#blocklist_form textarea { + font-family: inherit; + font-size: inherit; + margin: 0 !important; +} +#blocklist_form em { + font-size: 1em; +} + +#blocklist_form.noscript { + display: none; +} +[% END %] + +[% inline_javascript = BLOCK %] +function compileDescription() { + function backtick(str) { + return str.replace(/^\s*```/mg, "").trim(); + } + function unlink(str) { + return str.replace(/http(s?):\/\/(?!(reviewers\.)?addons.mozilla.org)/g, "hxxp$1://") + } + function table(arr) { + function escapeTable(str) { + return str.replace(/\\/g, "\\\\").replace(/\|/g, "\\|"); + } + return "| | |\n|-|-|\n|" + arr.map(function(row) { + return row.map(escapeTable).join("|") + }).join("|\n|") + "|\n"; + } + + let severity = document.querySelector("input[name='blocklist_severity']:checked").value; + let name = document.getElementById("blocklist_name").value; + let versions = document.getElementById("blocklist_versions").value || ""; + let platformVersions = document.getElementById("blocklist_platform_versions").value || ""; + let reason = document.getElementById("blocklist_reason").value; + let guids = document.getElementById("blocklist_guids").value; + let additionalInfo = document.getElementById("blocklist_moreinfo").value; + + let descr = table([ + ["Extension name", name], + ["Extension versions affected", versions], + ["Platforms affected", platformVersions], + ["Block severity", severity] + ]); + + descr += "\n### Reason\n" + unlink(reason); + descr += "\n\n### Extension GUIDs\n```\n" + backtick(guids) + "\n```"; + + if (additionalInfo) { + descr += "\n\n### Additional Information\n" + unlink(additionalInfo.trim()); + } + + return descr; + +} + +function validateAndSubmit() { + let name = document.getElementById("blocklist_name").value; + + document.getElementById("short_desc").value = `Extension Block Request: ${name}` + document.getElementById("comment").value = compileDescription(); + return true; +} + +window.addEventListener("DOMContentLoaded", function() { + document.getElementById("blocklist_form").classList.remove("noscript"); +}); + +[% END %] + +[% PROCESS global/header.html.tmpl + title = "Blocklist Policy Request Form" + generate_api_token = 1 + style = inline_style + javascript = inline_javascript + javascript_urls = [ 'extensions/BMO/web/js/form_validate.js', + 'js/field.js', 'js/util.js' ] +%] + +[% USE Bugzilla %] +[% cgi = Bugzilla.cgi %] + +
+ + + + + + + + + + + + + +

Blocklist Policy Request Form

+ +
+

+ Using this form you can report a malicious extension that needs to be blocked. Please provide + as much information as possible, and make sure your request is in line with the + Blocklisting Policy. +

+

+ It is particularly important that you provide enough information for us to clearly identify + the extension that needs to be blocked. +

+
+ +
+ +
+ The name of the extension to be blocked. If multiple extensions are to be blocked, please + mention a common trait. +
+ +
+ +
+ +
+ The reason to block. Please make sure the reason adheres to + our guidelines. Links will automatically + be replaced with hxxp to avoid accidental clicking of malicious links. +
+ +
+ +
+ +
+ The severity of the block. Hard blocks are employed for malicious extensions. Please see + the blocklisting page for + more details. +
+ + + + + +
+ + +
+ +
+ The GUIDs of the extension(s) to be blocked, if known. This is the id of the extension, found in + the manifest. If it is not mentioned in the maniest please provide other forms of + identification of the extension in the additional information field. +
+ +
+ +
+ +
+ The version of the extension to be blocked. May be left empty all versions should be blocked. +
+ +
+ +
+ +
+ The applications, application versions, and platform of the extension to be blocked. May be + left empty if this [% terms.bug %] affects all Firefox versions on all platforms. +
+ +
+ +
+ +
+ Additional information, such as the page the extension was found on, AMO listing page, or + other references. Links will automatically be replaced with hxxp to avoid + accidental clicking of malicious links. +
+ +
+ + + +

+ [ * Required Field ] +

+
+ + +[% PROCESS global/footer.html.tmpl %] diff --git a/extensions/BMO/template/en/default/bug/create/custom_forms.none.tmpl b/extensions/BMO/template/en/default/bug/create/custom_forms.none.tmpl index c068ac106..1339dc1ad 100644 --- a/extensions/BMO/template/en/default/bug/create/custom_forms.none.tmpl +++ b/extensions/BMO/template/en/default/bug/create/custom_forms.none.tmpl @@ -186,5 +186,11 @@ custom_forms = { link => basepath _ "form.name.clearance", } ], + "Toolkit" => [ + { + link => basepath _ "form.blocklist", + title => "Blocklist Policy Request", + }, + ] } %]