Commit bc794464 authored by Romain Courteaud's avatar Romain Courteaud

Provide a sandboxed firefox.

Allows to run firefox with a new profile each time to prevent having session
conflict.
parent f4c14b98
##############################################################################
#
# Copyright (c) 2012 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
#############################################################################
from slapos.recipe.librecipe import GenericBaseRecipe
import sys
class Recipe(GenericBaseRecipe):
def install(self):
prefjs = self.createFile(
self.options['prefsjs-path'],
self.substituteTemplate(self.getTemplateFilename('prefs.js'), {}))
config = {
'firefox_binary': self.options['firefox-path'],
'python_path': sys.executable,
'tmp_path': self.options['tmp-path'],
'pref_path': prefjs,
}
runner = self.createExecutable(
self.options['runner-path'],
self.substituteTemplate(self.getTemplateFilename('firefox_run.in'),
config))
return [runner, prefjs]
#!%(python_path)s
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
#
import os
from subprocess import Popen, PIPE
import tempfile
import shutil
import sys
import signal
import subprocess
import time
os.environ['MOZ_NO_REMOTE'] = '1'
os.environ['LC_ALL'] = 'C'
os.environ['MOZ_CRASHREPORTER_DISABLE'] = '1'
os.environ['NO_EM_RESTART'] = '1'
os.environ['TMPDIR'] = "%(tmp_path)s"
os.environ['DISPLAY'] = ':0'
# XXX .Xauthority
profile_path = tempfile.mkdtemp()
shutil.copyfile('%(pref_path)s', os.path.join(profile_path, 'pref.js'))
# os.environ['HOME'] = profile_path
child_pg = None
def sig_handler(signal, frame):
if child_pg is not None:
os.killpg(child_pg, signal.SIGHUP)
os.killpg(child_pg, signal.SIGTERM)
sys.exit(0)
signal.signal(signal.SIGINT, sig_handler)
signal.signal(signal.SIGQUIT, sig_handler)
signal.signal(signal.SIGTERM, sig_handler)
def execute_with_signal_translation(args):
"""Run process as children and translate from SIGTERM to another signal"""
child = subprocess.Popen(args, close_fds=True, preexec_fn=os.setsid)
child_pg = child.pid
try:
while True:
time.sleep(2)
finally:
os.killpg(child_pg, signal.SIGHUP)
os.killpg(child_pg, signal.SIGTERM)
try:
execute_with_signal_translation(
["%(firefox_binary)s", "-no-remote", "-profile", profile_path] + sys.argv[1:])
finally:
shutil.rmtree(profile_path)
// Don't ask if we want to switch default browsers
user_pref("browser.shell.checkDefaultBrowser", false);
user_pref("browser.startup.homepage_override.mstone", "ignore");
// disable application updates
user_pref("app.update.enabled", false)
// disables the 'know your rights' button from displaying on first run
user_pref("browser.rights.3.shown", true);
// Disable pop-up blocking
user_pref("browser.allowpopups", true);
user_pref("dom.disable_open_during_load", false);
user_pref("browser.tabs.warnOnClose", false);
// Configure us as the local proxy
//user_pref("network.proxy.type", 2);
// Disable security warnings
user_pref("security.warn_submit_insecure", false);
user_pref("security.warn_submit_insecure.show_once", false);
user_pref("security.warn_entering_secure", false);
user_pref("security.warn_entering_secure.show_once", false);
user_pref("security.warn_entering_weak", false);
user_pref("security.warn_entering_weak.show_once", false);
user_pref("security.warn_leaving_secure", false);
user_pref("security.warn_leaving_secure.show_once", false);
user_pref("security.warn_viewing_mixed", false);
user_pref("security.warn_viewing_mixed.show_once", false);
// Disable "do you want to remember this password?"
user_pref("signon.rememberSignons", false);
// increase the timeout before warning of unresponsive script
user_pref("dom.max_script_run_time", 120);
// this is required to upload files
// user_pref("capability.principal.codebase.p1.granted", "UniversalFileRead");
// user_pref("signed.applets.codebase_principal_support", true);
// user_pref("capability.principal.codebase.p1.id", "http://");
// user_pref("capability.principal.codebase.p1.subjectName", "");
user_pref("browser.link.open_external", 3);
user_pref("browser.link.open_newwindow", 3);
// disables the request to send performance data from displaying
user_pref("toolkit.telemetry.prompted", 2);
user_pref("toolkit.telemetry.rejected", true);
user_pref("browser.migration.version", 5);
user_pref("extensions.SelectionUI", true);
user_pref("network.cookie.prefsMigrated", true);
user_pref("browser.bookmarks.restore_default_bookmarks", false);
user_pref("browser.places.smartBookmarksVersion", 2);
user_pref("privacy.sanitize.migrateFx3Prefs", true);
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment