Web Extensions-A Hackathon on Add-ons

Hello Every Mozillans Around the globe from the Hyderabad Mozillan community

The community of Hyderabad is known for overnight hackathons.so we are back once again with one more hackathon Focusing on the development of the Addons using Web extensions.The Hackathon has Nearly run a day with a developer's count of 100+. so finally back to share the experience with the blogpost and hope you like it.

THE BEGINING

Once all the participants are ready the event was started by giving an introduction to the participants about mozilla and the mozilla Hyderabad Community by vineel reddy.people were excited to know about the community and the story of mozilla and then the session was continued by the tech speaker santosh.He spoke and gave an introduction to the firefox addons, statistics about addon ecosystems, web extensions and their ecosystem

Then a Hangout call was taken place by the Community Manager of the Addons team.

It was Caitlin Neiman who spoke much more about the web addons and gave a deeper insight of

the addons.She also Clarified Q&A which were asked by the participants of the hackathon

After the hangout call, the participants got a better clarity of the addons ecosystems and how to develop the addons.then participants started drawing ideas on the addons they wanted to develop in the hackathon.later the tech speaker Santosh took the session to illustrate the hackathon partcipants on the first addon which he developed and explained the anatomy of web extensions

.   

Afterwards, we provided the Hacksheet to all the participants which provided them useful links for developing and learning about the addons along with the communication channels. and the participants started working on their addon ideas and did their best to make the addon work absolutely fine.

later as we know it will be very difficult to stay awake the whole night and develop something we all had pizzas for dinner. and a refrigerator filled with red bulls helped us stay awake at night with full energy and enthusiasm.

  During the Middle of the Night, we had an icebreaker session called session called "Fuzzy Duck" which was explained to us by another Mozillain Madhukar.It was a very fun game and the people enjoyed playing it. 

Finally at the end of the hackathon during the morning the participants successfully completed their addons and started giving the demos on the addons which they developed during that night. then we finally conclude the event by distributing t-shirts to all the participants and the addons theme pendrives to the winners of the hackathon.

we loved the response  from the participants for the addons hackathon and the way they converted their ideas into 100% working models within a single night by continuously working 

so we finally thank all our speakers,collaborators &community members who helped us a lot to make the event happen very smoothly without any issues and make participants very happy. Keep looking towards the community as more things are going to happen in the community.

Excited by our story and want  to collaborate with us join on our Facebook page to know about further updates:                                                                     https://www.facebook.com/MozillaHyderabad/?notif_t=page_fan&notif_id=1498120651340588

This is akhil signing off from my end and hope you like the event . 

Firefox os And connected Devices

Hello Mozillans

We are back again with our contribution to open source MOZILLA once again. This time the event was a quite new one and interesting one..it was a two day hackathon we the students from across the city has come forward to meet at one place to "CONCEPTUALIZE, DEVELOP,SHOW & WIN". so lets dive into to the details to know more about the event and how did it take place..the event covered various themes of MOZILLA.

DAY 1:

The first we have started a bit late but there were a lot participants eagerly waiting for the session because they knew that they gonna learn something new from the regular things.Finally event was on.

so the event was started by one of our rep who started discussion about the agenda and the flow of event with the participants

MOZILLA MISSION
The first speaker was giridhar who started the event with the MOZILLA MISSION as there were several new students who are completely new to the environment..the session made the students know what mozilla mission &goal was which had clarified various kinds of doubts that the students were having regarding the mozilla.it also helped them know what was FSA programme and how it works and play a vital role..

PRIVACY
Later after the session the participants were taught about the user security and privacy.why was it considered to be as the most important consent and why the user have to care about it.this session was handled by me (akhil) where we covered about digital footprints, free basics and the tips and measures to be taken to prevent themselves from getting tracked..it got a huge response from the audience side because all the participants were asked to install the lightbeam addon and check out themselves for how much they being tracked.they were shocked by the results produced by the light beam addon.

SERVICE WORKERS
Later the next session was taken by madhukar who spoke about the topic called service workers even this session has got a huge response as everyone in the hall were new to the word called service workers.he spoke about the various websites which are using the service workers technology and the other websites which will port it in near future.he also covered how the service workers concept gonna become a major important factor for the websites in the near future.which made everyone curious to know about the technology behind it and how would it become possible to run a website offline.

Now the real coding part was started which was handled by avinash were he thought for sometime about how to code a firefox os app for a tv.He covered the topics such as html,css,javascript and bootstrap.later they were thought about the firefox simulator how it looks and how it works.Finally student were given a task to make a TO-DO list app for firefox os powered tv.which made them know about the importance of  making open web apps.later it they were tested on both mobile and tv simulators for knowing how their apps which were programmed by them worked

     After the completion of making hands on open web apps we have ended DAY-1 Hackathon

DAY-2

The DAY-2 was completely different from the 1st day as it was a completely a hands on session on Iot for connected devices.and all the participants were formed into teams. later they learnt about the basiscs of arduino by prasana dutt. later the participants started programming the arduino using the ide.Built some of the basic tasks of arduino for a while and obtained the serial data from it

Later after doing some tasks on iot for connected devices by all the participants santosh viswanatham had spoke about some of the important mission & goals of Mozilla and also the reason why it is important to think that the web should be open and secure to everyone and also how MOZILLA is doing it's part to make the web open and seecure.later the participants were given a few tasks to programme in the IOT IDE.

After the completeion of the allocated tasks to each participant.the tasks were juged by the reps and the best tasks were awaded. later there was a disturbtion of certificate to all the participants by the event organiser  followed by the closing keynote of the event.this was the end to the two days event on  Firefox os And connected Devices.

That's all for today folks this is Akhil logging out.
Have a Great Day.

Moztrap Hands on

hello reader's
 Happy New Year 2016 To Everyone
 This is akhil from Mozilla Hyderabad community
The year has started with a most important campaign for online privacy.a campaign to make  users know about the important of online privacy
 Apart  from this campaign i have started contributing to the new area in contribution called "MOZTRAP" which falls under QA(quality assurance)
first of all i would like to thank my reps deepak upendra &santosh  for teaching me how to contribute in "MOZTRAP"
 I have contributed to the firefox web browser verison in moztrap and solved the following issues in the Moztarp under firefox web browser private browsing area

  #6036       Session restore after private browsing                          

   #6551        copy-paste

  #6552 open links in new tabs and windows

 #6554    private browsing pdfs

 #6556 private browsing java content

#6717    open links from external apps

#6718 using services in private window       

#6720  reopen closed windows

 #6721 [windows 7] firefox frequent activity

#6722 close pb while downloading files

#6723 undo close private tabs

#6725 about:private browsing information

#6726 switch to tab

 #6728 private data in the error console

 #6729 no restore previous session option in private windows

 #6730 update firefox

 #15125 about:new page search suggestions

 #15126  about:home page search suggestions                                             

 #14544  Search history     

#15129 Search toolbar  

#15131  Search navigation

#15132 Change Search Settings - Add new search engine                                              

#15133 Disable search suggestions

#15134 Searches in health report

#15135 Disable new UI

#15144 Change Search Settings - deselect and select search engines

So now lets get into the core part on how to start contributing in moztrap

Follow the following steps

1)  go tohttps://moztrap.mozilla.org

2) Now click on signin and login with your persona account

3)and then click on Run tests

4) then click on products

         5)select desktop firefox

        6)then from the versions select the version you want to test

        7)Select from Runs a test to run 

        8)Set your Build value. You can find this by opening about:config in a new tab or window

         9)select your os (operating system) and platform in the drop down menu 

         10)click the button run tests which will be in green color

 

11)now on the next from the list of test available select the test you want to test can be done by clicking the little arrow which is at the left end of each test

12)you can report the failure of a test by clicking the fail step which is in pink color  if any of the step dosen't execute in the given steps

13) once clicking a fail step will treat the entire test as a failure

14)if all the steps are executed perfectly which are mentioned in the test case then click on pass test

 

if any problem occurs  raise an issue in irc or twitter

Journey as an FSA

Hello Readers

This is akhil from Hyderabad institute of Technology and Management pursuring the batchelor's degree in computer science stream..I'm a Tech enthusiast and a gadget freak love to explore new things and cutting edge technologies ...I joined Mozilla as it was different from other student ambassador programme which helped me learn new things and have hands-on experience on various mozilla products which helped me increase my knowledge...As an FSA i like the areas of contribution such as HIVE,ARMY OF AWESOME, BUGZILLA and i love contributing to these areas..After joining Mozilla i strongly believed that internet is a free public resource and mozilla is making the web a safe and secure place for the access of public resource..

Today looking back as a mozillian i can share lot of things and memories which helped me grow a lot in the last one year..Firstly i Thank a lot of persons who helped me and motivated me a lot for the contribution in mozilla and the open source platforms..

Then this was the 1st when i have attended the mozilla hyderabad community collab house on a 

sunday that was the 1st tym when i was making something useful thing in mozilla community and i was first asked to do some stuff on oneanddone and on the same day i was thought about how to use webmaker by santosh vishwanatham (anna)..i didn't remember the date but i remember that was the friendship day in the year 2014

That was the day were we gained the knowledge on some mozilla stuff and i was much intersted to gain knowledge and the possiblites to of contribution in mozilla and did some work at home and discovered all the possible ways of contrubtion..then i found out this was not the same as the rest of the student ambassadors program's..after a few days we thought of giving this knowledge to all our fellow members in college make them accessible to  various thing spresent in FSA.Then there came our college firefox club known as "HITAM FIREFOX CLUB"..then the mozilla rep sai charan reddy came into the picture and with his a firefox club was launched in the college.Thank's sai charan reddy (anna) for making a successful launch of firefox club in our college with out you dis would not have been possible

Afterwards i got interset to know things and explore much deeper about FSA from there i became a regular attende for collab house and gained knowledge about various things like

1) Firefox os:-Firefox OS (project name: Boot to Gecko, also known as B2G) is a Linux kernel-based open source os for smartphones,tabletcomputers and smart tv's developed by mozilla
2) Rust:-Rust is a general purpose compiled programming language developed by mozilla research
3)marketplace:-The firefox marketplace is the source for apps developed by mozilla contributor's across the globe for firefox os
4)Bugzilla:-Bugzilla is a web-based general-purpose bugtracker and testing tool originally developed and used by the Mozilla project

 also i learned about other things like WEBMAKER,FIREFOX HELLO,THUNDERBIRD,PERSONA etc..

And from collab house along with knowledge i also gained lot of cool friends who are like minded people like me and were contributing to the mozilla..they helped me a lot in all the possible ways they and they are really good friends and we got a wonderful hyderabad team contributors from there a lot of knowledge,fun were exchanged between us in between we got connected with other area contributors like Dinesh(Tirupathi community) , Psv ramaraju(Vizag community) ,Jayesh(Taminadu community)

Afterwards when Deepak upendra, U.M.K Dikshit, Harsha Bandaru,Sai charan reddy,Akhilesh reddy were busy in spreading hte word mozilla in other areas of the state by launching a firefox club at JNTU Kakinda ..I met this wonderful public speaker and Mozilla guy "Akshay Tiwari" who for the 1st time thought me how to make an app for the firefox marketplace by conducting a firefox appathon event at 91spring board's (jayabheri towers) that was the 1st time i came to know why should i use web technologies(HTML5,CSS3,JS) for making an app for market place and how to install the emulator of firefox os and test the app and the procedure of how to push the app for marketplace..

There at this place i also met another wonderful person Ram Dayal Gurumukhi who said me about things like Gaia,Gecko,Gonk,Bugzilla and Fixing some good first bugs that was another wonderful place were i gained lot of knowledge on a single day

And from there i done lot of things in FSA programme and utilized it for the best for gaining knowledge and helping the people around me. presently i am contributing in the areas of moztrap ,firefox tv apps  ..inspired by the story?? want to contribute for FSA Programme  (open source) ?? DOn't know  were to start here are some useful links for all the people like you guys have a look

FSA Registration Link:fsa.mozilla.org
Mozillian Profile:www.mozillians.org
Marketplace:marketplace.firefox.org
Webmaker: www.webmaker.org/ 
https://teach.mozilla.org 
https://webmaker.org/en-US/explore 
https://blog.webmaker.org/badges 
Resources: https://teach.mozilla.org/teach-like-mozilla/web-literacy/ 
Web Technology for Developers: https://developer.mozilla.org/en-US/docs/Web 
SUMO : https://support.mozilla.org/en-US/ 
Bugzilla:
What?:https://www.bugzilla.org/about/
Buzilla Articles:https://developer.mozilla.org/en-US/docs/tag/Bugzilla
Keywords: https://bugzilla.mozilla.org/describekeywords.cgi
APP Development:https://developer.mozilla.org/en-US/Apps
Reference apps: https://developer.mozilla.org/en-US/Apps/Reference_apps 
Reference API's:https://developer.mozilla.org/en-US/Apps/Reference
List of API’s:https://developer.mozilla.org/en-US/docs/Web/API
FIREFOX OS BOOKS:http://firefoxosbooks.org/ 
MDN Contribution:https://developer.mozilla.org/en-US/docs/MDN/Getting_started
https://developer.mozilla.org/en-US/docs/Introduction 
Links for contributors to learn how to get started with contributing:
https://wiki.mozilla.org/Main_Page 
https://wiki.mozilla.org/Contribute/ 
https://www.mozilla.org/en-US/contribute/ 
https://www.mozilla.org/en-US/contribute/signup/ 
https://developer.mozilla.org/en-US/docs/Introduction 
http://codefirefox.com/ 
http://www.whatcanidoformozilla.org/#!/progornoprog/advocate 
https://developer.mozilla.org/en-US/Firefox 
https://developer.mozilla.org/en-US/Firefox_OS 

That's all for today guys hope u also gained some knowledge here's ur AKHIl logging out for today have a great day bye bye...........          

Securing Web The ZAP project

Welcome to

All The Reader's

This is Akhil from "MOZILLA HYDERABAD" community today we gonna discuss about
the "ZAP" project.. The project is about the securing the web ..the project has gone for about 5weeks
on every saturday for about 6days...the event was a very different from the regular things were lots of new things were learnt by the participants

sorry reader's i didnt attend day 1 in this zap project..so let me gonna start with day2

Day 2:-

on the day 2 the event was started by our speaker cum trainer sumanth damarla at th Firefox community space "COLLAB HOUSE"...

The event started by the trainer sumanth  where he has given introuction to the zap and he has covered the topics such as:

    UI
    Intercepting
    Fuzzing concepts
    Proxy concepts
    Testing web application

    participants had a hands on session for testing the web application on which they have tested on a demo site called
http://demo.testfire.net/

And today participants learnt about ZAP and the concepts regarding it , and they felt great when they were  testing a web application for the first time , and the people around us  were so curious to learn and the day was ended by distributing work sheet of Securing Web @ZAP day-2 , which was pretty interesting…!!

                                       
                                                And finally the Day1 got ended up

Day 3:
The day 3 has started in a little different way as the participants had got an overview of the ZAP project they were curious to know the further things that are the part of the training..while the speaker sumanth has started about the discussion of day 2 worksheet and expalined the main terms present on it

The key terms which are present in the worksheet are as follows

• Click jacking
• X-ray frame option
• Port 80 & Port 443
• HTTP & HTTPS
• Privilege level
• Third party API function
• Blacklisting
• Whitelisting

1) Clickjacking is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages.

2) X-Frame Options which offered a partial protection against clickjacking. There are three possible values for X-Frame-Options:-> Deny: The page cannot be displayed in a frame, regardless of the site attempting to do so.-> Sameorigin:The page can only be displayed in a frame on the same origin as the page itself.-> Allow-from uri:The page can only be displayed in a frame on the specified origin. 


3) Port 80 & Port 443:
 Port 80 is the port that the server "listens to" or expects to receive from a Web client, assuming that the default was taken when the server was configured or set up.
 Port 443 is for SSL. Since SSL is "opaque" to outsiders, firewalls cannot see what is going inside it, and cannot do some transparent proxying.

4) Http & Https – The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed hypermedia information systems, and it is foundation of data communication for the World Wide Web. Https – it is everywhere a browser like Firefox & Chrome and it is  extension where  it encrypts our communications with many websites, making your browsing more secure.
5) Privilege level – A privilege level in the x86 instruction it sets the control where the access of program is currently running on the processor to resources such as memory regions and special instructions.
6) Third party API function –  We can build our own cloud code module and by integrating with third-party APIs

7) Blacklisting – Its just a method to ignore the script or data contents where we do not enter into any applications.
8) Whitelisting – Its just a method of validation where we verify the given input is correct or not.
9) Input Validation can be used to detect unauthorized input before it is processed by the application.    A Whitelist is testing a desired input against a list of possible correct input's. To do this you would compile a list of all the good input values/conditions, then verify that the input received IS one of this correct conditions.

DAY4 
After  3Days also participants were not fed up as a long as the day inscreased the enthusisam has also increased rapidly..so finally day3 participation and collobration also started..this week some more things were learnt by the participants


    Bodgeit
    User Interface of ZAP

BodgeIt: The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.

    Open source
    Easy to install - just requires Java and a Servlet engine, e.g. Tomcat
    Cross platform

The Bodge It Store include the following significant vulnerabilities:

    Cross Site Scripting
    Application logic vulnerabilities
    Cross Site Request Forgery
    Debug code

Bodget store instillation:-
https://www.youtube.com/watch?v=DJmEwkz6DN0

2.User Interface of ZAP: Under User Interface of ZAP ,  one of the concept is Swing explorer it is used for the concept GUI programming, which is hard and it is a graphical tool , that lets us to inspect the internal structure , where it can help us to understand that how a user interface is composed.

 

For more info follow this links:

 https://code.google.com/p/bodgeit/

https://github.com/zaproxy/zaproxy/wiki/UiStartDevelopment 

http://www.swingexplorer.com/ 

DAY5:
After gaining a lots of knowledge through all this days of very long journey on the open web security unknowingly we have reached the day5

The day5 started by the discussion about the concepts of ZAP extensions and ZAP extensions into add-ons

ZAP EXTENSIONS:-

Zap extensions are java packages that extend the existing functionality within OWASP ZAP. This concept could be called the “Extension Mechanism” which provides a standard way to create custom features or API’s to Java applications. 

 ZAP extensions can be done in five steps :

    Download source code and Build ZAP
    Create new extension
    Define message.properties files(s)
    Refresh and Run
    Add New Libraries


ZAP extensions into add-ons:

Now that we have the example extension ready, you can proceed to make this extension and add on.Any new add on can be considered in the first development stage‘Alpha’ . There are indeed 3 development stages

    alpha
    beta
    final(trunk)

DAY6:-
finally entered the 6th day of the zap project which is the final day of the zap project ....after  a lot of hard work across all this days through the journey and after learning a hell of new things finally eagerly waiting to complete the mission

The day started by the discussion about the concepts of Internationalization-Crowdin .

 Internationalization-Crowdin:

The Internationalization-Crowdin was described by Sanjay and  it is a localization project management platform and translation tool for developers and website owners. It makes easy to work with content being translated.

Technical documentation:

The technical documentation was described by Sumanth damarla ,  as the part of Internationalization-Crowdin , we all made a task that is , translating English to Hindi ( जैप का नाया रुप !! ) , and it was a good experience for us

Brainstorming session :

After completing technical documentation , we had a  brain storming session by  the speaker and participants  about the previous sessions of ZAP

Hope You like this article Thank You Readers Thts all for today have a good day :) :) :)

 THE ZAP PROJECT #OWASP #ZAP #FSA #MOZILLA #OPENWEB #SECURING THE WEB