Page 1 of 2

Shouldn't we come to the rescue here?

Posted: Sun Aug 02, 2009 9:49 pm
by luntrus
Dear forum friends,

I just stumbled on this apology here: http://adblockplus.org/blog/apology-to-adblock-plus-users-and-call-for-participation
As our community has besides fervent users of the NS add-on naturally also I guess a lot of users of the ABP add-on I like to bring this to your attention, for the new ABP extension version seems to suffer under a couple of browser code regressions that the developer apparently missed being air-borne at the time (as he explains).
With my specific subscription-mode and the aid of my favorite NS add-on I cannot find much wrong with the use of the newest release of ABP, but maybe some of you may have experienced issues that one can report there. My motive for posting was that I always strongly believed in mutual support, it mostly works two ways,

luntrus

Re: Shouldn't we come to the rescue here?

Posted: Sun Aug 02, 2009 11:30 pm
by Alan Baxter
luntrus wrote:I cannot find much wrong with the use of the newest release of ABP, but maybe some of you may have experienced issues that one can report there.

Your sentiment is wonderful, luntrus.
Edit: I just reread the blog. There are at least a couple of regressions Wladimir hasn't been able to reproduce. Please report any problems introduced by Adblock Plus 1.1 in its forum. That might be helpful.

What he's mostly asking for is explained later on in his posting, i.e.
-more beta testers. He has only 400 now. He's adding automatic updates for the ABP development builds to give the testers a little better support.
- coding
- documentation
- managing release translations
- other helpful tasks

Many of these, especially the "other helpful tasks", would need to be done by one or more experienced, trusted ABP helpers. They are already active as filter set owners and forum helpers. There are quite a few and many of them are quite good. I gave up providing any significant user support on the forum a long time ago. The helpers there are so quick and knowledgeable that my contributions felt redundant.

Re: Shouldn't we come to the rescue here?

Posted: Mon Aug 03, 2009 6:59 am
by GµårÐïåñ
I don't see why. Each addon/program has its needs, requirements and has its challenges. If you as a developer or contributor and have something to offer to help them out, I say sure why not but THIS community is not really the right place to ask for help or support of another addon. On his website, he posted his excuses, listed his needs, and those who can and want will respond and others will just go on as usual and will remain mature enough to not go slinging mud. :|

Re: Shouldn't we come to the rescue here?

Posted: Mon Aug 03, 2009 7:01 pm
by luntrus
Hi my forum friends,

I can understand both of your reactions. My only reason for posting here was that I wanted to inform you of what I had found. As I find the combination of NS and ABP an interesting one, to say the least - just like I think the combination of NS and RP has a certain added flavour to my in-browser security settings, it is also my interest (and I might be a little selfish here) to state that I would like all the security/privacy extensions that I handle inside Fx and/or Flock browser to work to their "max".
From this attitude you must also see my contributions here. If it were not for the likes of Giorgio Maone and Władimir Palant where would we be in-browser-security-land? Everyone should contribute in his or her or its way,

luntrus

Re: Shouldn't we come to the rescue here?

Posted: Mon Aug 03, 2009 10:24 pm
by GµårÐïåñ
In all honesty, I have found the combination of NS+RP to be much more productive, stable and efficient than NS+ABP since RP pretty much mitigates everything ABP does using the NS model instead of the filter model. However, I personally use NS+RP+ABP and use ABP just to tweak what little and benign that gets through the first two and not as a primary security solution. ABP is hardly a security solution, its more of a less annoying web solution. Anyway, I speaking for myself meant no offense or ill will towards ABP, just saying there is a time and place for everything and request for help with ABP project has its place on their forum, that's all.

Re: Shouldn't we come to the rescue here?

Posted: Tue Aug 04, 2009 6:29 pm
by luntrus
Hi GµårÐïåñ,

That is an answer I like, because now you give your opinion about the combination NS+RP and that is completely in line with what I have experienced, that NS and RP as extensions are a perfect couple,

luntrus

Re: Shouldn't we come to the rescue here?

Posted: Mon Oct 19, 2009 5:17 pm
by computerfreaker
Just wondering, what is RP?? I Googled it but couldn't find anything... addons.mozilla.org didn't return any results either. :?

Re: Shouldn't we come to the rescue here?

Posted: Mon Oct 19, 2009 5:30 pm
by therube
I believe, RequestPolicy.

Re: Shouldn't we come to the rescue here?

Posted: Mon Oct 19, 2009 5:57 pm
by computerfreaker
therube wrote:I believe, RequestPolicy.

Thanks for the link!
EDIT: doesn't NoScript already handle XSS attacks?? So... what's going on here? :? :?:

Re: Shouldn't we come to the rescue here?

Posted: Mon Oct 19, 2009 7:21 pm
by Giorgio Maone
computerfreaker wrote:EDIT: doesn't NoScript already handle XSS attacks?? So... what's going on here? :? :?:

XSS <> CSRF

Re: Shouldn't we come to the rescue here?

Posted: Mon Oct 19, 2009 7:51 pm
by Tom T.
Hi Luntrus,

Unfortunately, AdBlock Original, which is much simpler than ABP and hence not prone to so many errors (none, in years of use), is not supported under F3+. That is *one* of the reasons that I still prefer to use obsolete F2, although I realize that those days are numbered.

If we are recruiting coders and developers across sites, Luntrus, could you possibly recruit someone to take over the abandoned AdBlock Original and update it to be F3-compatible? I doubt it would take much work, and as it is totally self-contained (no subscriptions or other external input, etc.), maintenance should be very minimal, if any.

AdBlock Original has had no maintenance since 2006, IIRC, yet still works fine.

Thank you as always for your fine contributions here, and for anything you can do to help resuscitate ABO. I would gladly make a small donation to whomever got this project up again.

Cheers -
Tom

Re: Shouldn't we come to the rescue here?

Posted: Mon Oct 19, 2009 11:57 pm
by GµårÐïåñ
computerfreaker wrote:Just wondering, what is RP?? I Googled it but couldn't find anything... addons.mozilla.org didn't return any results either. :?


Sorry for the delay in getting back to you but as others have corrected informed you, it stands for RequestPolicy which can be used in conjunction with NS to provide more granular control over some requests even if they are allowed, although ABE provides more control, it is still manual and that will take some time to incorporate on a large scale for now. ABP (Adblock Plus), ABO (Adblock Original), RP (RequestPolicy), NS (NoScript), FG (FlashGot), etc, will come up during our discussions and maybe one day we will put up a list of shortnames or create an automatic linking db but for now just ask if you can't figure it out ;)

Re: Shouldn't we come to the rescue here?

Posted: Tue Oct 20, 2009 2:26 am
by Tom T.
GµårÐïåñ wrote:
computerfreaker wrote:Just wondering, what is RP?? I Googled it but couldn't find anything... addons.mozilla.org didn't return any results either. :?

... ABP (Adblock Plus), ABO (Adblock Original), RP (RequestPolicy), NS (NoScript), FG (FlashGot), etc, will come up during our discussions and maybe one day we will put up a list of shortnames or create an automatic linking db but for now just ask if you can't figure it out ;)

PLEASE READ THIS FIRST! -- FORUM RULES AND GUIDELINES
Forum Rules and Guidelines wrote:10) The following abbreviations are convenient, though not required: Firefox = Fx; NoScript = NS; FlashGot = FG; Mozilla = MZ; addons.mozilla.org = AMO; AdBlockPlus = ABP; Adblock (original) = ABO; Request Policy (extension) = RP.

Happy to have been of service four months ago, Brother! ;)

Re: Shouldn't we come to the rescue here?

Posted: Tue Oct 20, 2009 2:55 am
by GµårÐïåñ
I hinted to it but didn't want to smack the person with a referral to the rules, like go check this out. :P I was trying my hat at subtlety but I may have missed the mark. :( Yes, you did do it months ago and we appreciate it but unfortunately not all users read what they should, so figured go easy since no one else had said anything about it and I was coming late back into it. :|

Re: Shouldn't we come to the rescue here?

Posted: Tue Oct 20, 2009 10:56 pm
by computerfreaker
Giorgio Maone wrote:XSS <> CSRF

NoScript FAQ wrote:What is ABE?
A: ABE stands for "Application Boundaries Enforcer" and it's a technology against CSRF and internet-to-intranet attacks.

So... NoScript handles CSRF too, right?
WAIT, I think I'm understanding now...
NoScript's ABE thingy blocks all cross-site requests (unless the user specifically allows the given site), while RequestPolicy allows very granular control over which sites can and cannot send cross-site requests?

GµårÐïåñ wrote:
computerfreaker wrote:Just wondering, what is RP?? I Googled it but couldn't find anything... addons.mozilla.org didn't return any results either. :?


Sorry for the delay in getting back to you but as others have corrected informed you, it stands for RequestPolicy which can be used in conjunction with NS to provide more granular control over some requests even if they are allowed, although ABE provides more control, it is still manual and that will take some time to incorporate on a large scale for now. ABP (Adblock Plus), ABO (Adblock Original), RP (RequestPolicy), NS (NoScript), FG (FlashGot), etc, will come up during our discussions and maybe one day we will put up a list of shortnames or create an automatic linking db but for now just ask if you can't figure it out ;)

GµårÐïåñ wrote:I hinted to it but didn't want to smack the person with a referral to the rules, like go check this out. :P I was trying my hat at subtlety but I may have missed the mark. :( Yes, you did do it months ago and we appreciate it but unfortunately not all users read what they should, so figured go easy since no one else had said anything about it and I was coming late back into it. :|

:oops: :oops: :oops:
This is what I get for being a member on so many places... I thought I had seen a list of abbreviations on here, and I tried to find that post, but couldn't seem to locate it... so I finally decided I must have seen it on the MozillaZine forums instead. Sorry... :oops:

GµårÐïåñ wrote:I hinted to it but didn't want to smack the person with a referral to the rules, like go check this out. :P I was trying my hat at subtlety but I may have missed the mark. :( Yes, you did do it months ago and we appreciate it but unfortunately not all users read what they should, so figured go easy since no one else had said anything about it and I was coming late back into it. :|

Thanks for the sublety, GµårÐïåñ... I noticed your emphasis on that phrase, and began to feel uncomfortable... and then I read Tom T.'s post and truly felt like a fool for not being able to find the darn post. (Don't worry, a good smack upside the head every once in awhile is good for me... :))

Well, I'll go check out RequestPolicy...