Firefox install unsigned add-ons

Since Firefox 43, it won’t allow you to install unsigned extensions.

While it’s a good thing, you can revert it in case with the following steps:

To disable signature checks, you will need to set the xpinstall.signatures.required preference to “false”.

  • type about:config into the URL bar in Firefox
  • in the Search box type xpinstall.signatures.required
  • double-click the preference, or right-click and selected “Toggle”, to set it to false.

It will eventually show your unsigned extension with a warning but it should work out fine.

References:

weekly links 2011-06

Hackers penetrated Nasdaq’s network

Why go with RichFaces

Android Google Maps Tutorial

Using Java 6 processors in Eclipse

Next level of Don’t Repeat Yourself(DRY) principle

Java FX 2.0 – The Installation, Doc and Launch Experience – A Smoke Test

Linux vulnerable to Windows-style autorun exploits and fixed.

Dependency Injection Performance in Java EE 6: Dependent (easy) vs ApplicationScoped (“optimized”)

weekly links 2010-42 & 43

Adding Google Maps to your Java Application

RE: Moving from Spring to Java EE 6: The Age of Frameworks is Over

Java deprecation on MacOSX

How To Choose A Java EE Application Server? (Mail Of The Week)

Steve Jobs Comments on Apple’s Java Discontinuation

JDK / Java 7 on Mac OS X Lion – An Interesting Business Opportunity

Generate, rename and delete getters/setters instantly in Eclipse

Already known but nice to have it detailed 🙂

What Ubuntu should mainly do for 11.04

Mozilla Confirms Firefox Zero-Day and Recommends NoScript

Ubuntu changes its desktop from GNOME to Unity

Java Mac Trojan

the interest of crackers in Apple products is raising.

Mozilla patches Firefox zero-day bug in 48 hours

Introducing JSOP

Yes, a bit old post (Aug 2010) but still interesting

Ajax user authentication and registration techniques with jQuery

Learn how to use Asynchronous JavaScript + XML (Ajax) with jQuery to authenticate and sign-in a user without refreshing the browser. Then, take it a step farther by suggesting user names to a new user who’s attempting to register with an existing user name.

 

SSL and java

credits: ph0t0 (from flickr)

credits: ph0t0 (from flickr)

Sooner or later it happens that you have to access an https via Java. Accessing a generic http (non ssl) site is quite easy using the URL and URLConnection objects.

When you try to access a site through SSL the main problem is that most sites does not have a registration in the java’s Certificate Autorithy (CA), causing the framework to refuse connection to that site. So the main solution is to register the certificate of that site in the java’s CA.

So, the things to do are:

  1. download the site certificate
  2. register it in the java’s CA
  3. accessing the site

Downloading the certificate

In order to download the certificate we are gonna use Firefox. With firefox navigate to the site and if required accept the certificate. Double click on the icon of the certificate (1), in the screen that appear choose view certificate (2), on details tab (3) use the export button (4) and save it wherever you want (5).

screen

Register the certificate

Once downloaded the .cer file (X 509 Certificate DER), you can import it into the CA using the a command line program deployed with the j2se installation: keytool.

Java’s CA and keytool are available in the $JAVA_HOME/lib/security/ and an example of using the keytool (under windows) is the following

C:\Program Files\Java\jre6\lib\security>keytool -import -trustcacerts -alias fonsai -keystore cacerts -file fonsai.cer

where fonsai.cer the file name of the certificate just downloaded.

Maybe if you are using eclipse, you will have to restart the workbench in order to make the registration visible to the jvm.

The main counterpart of using this approach is that you have to register the certificate for each jvm running the program and since certificate can expire you should have to do this operation more than one time. I advise to automate the registration operation with a shell script to be distributed among with the program.

Accessing the site

Once registered the site’s certificate, you can access it as usual using the URL and URLConnection objects. It should be enough to tell (via System.properties) an SSL provider. Here is a PDF with the code.