Debian Bug report logs - #618475
ITP: xul-ext-requestpolicy -- extension that gives you control over cross-site requests

version graph

Package: wnpp; Maintainer for wnpp is wnpp@debian.org;

Reported by: Bertrand Marc <beberking@gmail.com>

Date: Tue, 15 Mar 2011 14:24:05 UTC

Owned by: Fabrizio Regalli <fabreg@fabreg.it>

Severity: wishlist

Merged with 636057

Fixed in version requestpolicy/0.5.22-1

Done: Fabrizio Regalli <fabreg@fabreg.it>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, wnpp@debian.org:
Bug#618475; Package wnpp. (Tue, 15 Mar 2011 14:24:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Bertrand Marc <beberking@gmail.com>:
New Bug report received and forwarded. Copy sent to wnpp@debian.org. (Tue, 15 Mar 2011 14:24:08 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Bertrand Marc <beberking@gmail.com>
To: submit@bugs.debian.org
Subject: RFP: xul-ext-request-policy -- Mozilla extension that gives you control over cross-site requests.
Date: Tue, 15 Mar 2011 15:20:59 +0100
[Message part 1 (text/plain, inline)]
Package: wnpp
Severity: wishlist

Package name : xul-ext-request-policy
Version : 0.5.20
Upstream Author : Justin Samuel <support@requestpolicy.com>
URL : http://www.requestpolicy.com
License : GPL v.3.0
Description :
RequestPolicy is an extension that improves the privacy and security of your
browsing by giving you control over when cross-site requests are allowed by
webpages you visit.

Cross-site requests are requests that your browser is told to make by a
website you are visiting to a completely different website. Though usually
legitimate requests, they often result in advertising companies and other
websites knowing your browsing habits, including specific pages you view
throughout the day. Among the attacks that cross-site requests are used in,
they are particularly dangerous with Cross-Site Request Forgery (CSRF)
attacks where your browser is told to make a request to another website and
that other website thinks you (the person) meant to make the request.

With RequestPolicy, the default for any cross-site request is to deny it.
Users are notified when requests on the current page have been blocked (the
status bar flag icon at the bottom right of your browser turns red).
Clicking on this status bar flag icon gives you a menu where you can view
and modify which requests are blocked and allowed. You can whitelist
requests you approve of by origin site, destination site, or specific
origin-to-destination.
[Message part 2 (text/html, inline)]

Changed Bug title to 'ITP: xul-ext-request-policy -- Mozilla extension that' from 'RFP: xul-ext-request-policy -- Mozilla extension that gives you control over cross-site requests.' Request was from Fabrizio Regalli <fabreg@fabreg.it> to control@bugs.debian.org. (Tue, 12 Apr 2011 14:39:14 GMT) Full text and rfc822 format available.

Owner recorded as Fabrizio Regalli. Request was from Fabrizio Regalli <fabreg@fabreg.it> to control@bugs.debian.org. (Tue, 12 Apr 2011 14:39:14 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, wnpp@debian.org, Fabrizio Regalli:
Bug#618475; Package wnpp. (Tue, 12 Apr 2011 14:45:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Fabrizio Regalli <fabreg@fabreg.it>:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org, Fabrizio Regalli. (Tue, 12 Apr 2011 14:45:03 GMT) Full text and rfc822 format available.

Message #14 received at 618475@bugs.debian.org (full text, mbox):

From: Fabrizio Regalli <fabreg@fabreg.it>
To: Bertrand Marc <beberking@gmail.com>
Cc: 618475@bugs.debian.org
Subject: Re: RFP: xul-ext-request-policy -- Mozilla extension that gives you control over cross-site requests.
Date: Tue, 12 Apr 2011 16:39:11 +0200
[Message part 1 (text/plain, inline)]
Hello,

I'm starting to package this software.

Cheers,
Fabrizio


On Tue, 2011-03-15 at 15:20 +0100, Bertrand Marc wrote:
> Package: wnpp
> Severity: wishlist
> 
> Package name : xul-ext-request-policy
> Version : 0.5.20
> Upstream Author : Justin Samuel <support@requestpolicy.com>
> URL : http://www.requestpolicy.com
> License : GPL v.3.0
> Description :
> RequestPolicy is an extension that improves the privacy and security
> of your browsing by giving you control over when cross-site requests
> are allowed by webpages you visit.
> 
> Cross-site requests are requests that your browser is told to make by
> a website you are visiting to a completely different website. Though
> usually legitimate requests, they often result in advertising
> companies and other websites knowing your browsing habits, including
> specific pages you view throughout the day. Among the attacks that
> cross-site requests are used in, they are particularly dangerous with
> Cross-Site Request Forgery (CSRF) attacks where your browser is told
> to make a request to another website and that other website thinks you
> (the person) meant to make the request.
> 
> With RequestPolicy, the default for any cross-site request is to deny
> it. Users are notified when requests on the current page have been
> blocked (the status bar flag icon at the bottom right of your browser
> turns red). Clicking on this status bar flag icon gives you a menu
> where you can view and modify which requests are blocked and allowed.
> You can whitelist requests you approve of by origin site, destination
> site, or specific origin-to-destination.

[signature.asc (application/pgp-signature, inline)]

Changed Bug title to 'RFP: xul-ext-request-policy -- Mozilla extension that gives you control over cross-site requests.' from 'ITP: xul-ext-request-policy -- Mozilla extension that' Request was from Fabrizio Regalli <fabreg@fabreg.it> to control@bugs.debian.org. (Tue, 12 Apr 2011 15:00:03 GMT) Full text and rfc822 format available.

Changed Bug title to 'ITP: xul-ext-request-policy -- Mozilla extension that gives you control over cross-site requests.' from 'RFP: xul-ext-request-policy -- Mozilla extension that gives you control over cross-site requests.' Request was from Fabrizio Regalli <fabreg@fabreg.it> to control@bugs.debian.org. (Tue, 12 Apr 2011 15:06:03 GMT) Full text and rfc822 format available.

Owner changed from Fabrizio Regalli to Fabrizio Regalli <fabreg@fabreg.it>. Request was from Fabrizio Regalli <fabreg@fabreg.it> to control@bugs.debian.org. (Tue, 19 Apr 2011 15:57:05 GMT) Full text and rfc822 format available.

Forcibly Merged 618475 636057. Request was from Fabrizio Regalli <fabreg@fabreg.it> to control@bugs.debian.org. (Mon, 01 Aug 2011 14:57:03 GMT) Full text and rfc822 format available.

Changed Bug title to 'ITP: xul-ext-requestpolicy -- extension that gives you control over cross-site requests' from 'ITP: xul-ext-request-policy -- Mozilla extension that gives you control over cross-site requests.' Request was from Fabrizio Regalli <fabreg@fabreg.it> to control@bugs.debian.org. (Thu, 04 Aug 2011 15:30:06 GMT) Full text and rfc822 format available.

Owner recorded as Fabrizio Regalli <fabreg@fabreg.it>. Request was from Fabrizio Regalli <fabreg@fabreg.it> to control@bugs.debian.org. (Thu, 04 Aug 2011 15:33:10 GMT) Full text and rfc822 format available.

Added tag(s) pending. Request was from Anibal Monsalve Salazar <anibal@debian.org> to control@bugs.debian.org. (Fri, 16 Sep 2011 20:06:22 GMT) Full text and rfc822 format available.

Reply sent to Fabrizio Regalli <fabreg@fabreg.it>:
You have taken responsibility. (Fri, 16 Sep 2011 21:49:28 GMT) Full text and rfc822 format available.

Notification sent to Bertrand Marc <beberking@gmail.com>:
Bug acknowledged by developer. (Fri, 16 Sep 2011 21:49:28 GMT) Full text and rfc822 format available.

Message #33 received at 618475-close@bugs.debian.org (full text, mbox):

From: Fabrizio Regalli <fabreg@fabreg.it>
To: 618475-close@bugs.debian.org
Subject: Bug#618475: fixed in requestpolicy 0.5.22-1
Date: Fri, 16 Sep 2011 21:48:03 +0000
Source: requestpolicy
Source-Version: 0.5.22-1

We believe that the bug you reported is fixed in the latest version of
requestpolicy, which is due to be installed in the Debian FTP archive:

requestpolicy_0.5.22-1.debian.tar.gz
  to main/r/requestpolicy/requestpolicy_0.5.22-1.debian.tar.gz
requestpolicy_0.5.22-1.dsc
  to main/r/requestpolicy/requestpolicy_0.5.22-1.dsc
requestpolicy_0.5.22.orig.tar.gz
  to main/r/requestpolicy/requestpolicy_0.5.22.orig.tar.gz
xul-ext-requestpolicy_0.5.22-1_all.deb
  to main/r/requestpolicy/xul-ext-requestpolicy_0.5.22-1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 618475@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Fabrizio Regalli <fabreg@fabreg.it> (supplier of updated requestpolicy package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 13 Apr 2011 10:14:03 +0200
Source: requestpolicy
Binary: xul-ext-requestpolicy
Architecture: source all
Version: 0.5.22-1
Distribution: unstable
Urgency: low
Maintainer: Debian Mozilla Extension Maintainers <pkg-mozext-maintainers@lists.alioth.debian.org>
Changed-By: Fabrizio Regalli <fabreg@fabreg.it>
Description: 
 xul-ext-requestpolicy - improve your browsing: more private, more secure
Closes: 618475
Changes: 
 requestpolicy (0.5.22-1) unstable; urgency=low
 .
   * Initial release (Closes: #618475).
Checksums-Sha1: 
 e4b491709492213076b2d55280ff2089658b99b4 2010 requestpolicy_0.5.22-1.dsc
 5bd9fb0adaded59e663ce139c0c2312ca08a53d3 123275 requestpolicy_0.5.22.orig.tar.gz
 9f6c22be0afdf033e938455171120fa14fd65afb 11325 requestpolicy_0.5.22-1.debian.tar.gz
 8c3de0b0354ee57c4ada4a9fe83ec1fc1d06f32f 155226 xul-ext-requestpolicy_0.5.22-1_all.deb
Checksums-Sha256: 
 56b48325d081cda37083915d8c39747425daec3ad771b73afd6c109166ddf81c 2010 requestpolicy_0.5.22-1.dsc
 2418e01cc805003ff4da690b5999d269260eb3e01791f3eeea4d1fa55bd6be06 123275 requestpolicy_0.5.22.orig.tar.gz
 4ddfb90424898d146328a7134eaf4dfe655f786026d26a3cb665b5b08fc12fa7 11325 requestpolicy_0.5.22-1.debian.tar.gz
 c63ba8245379c5d370b4e1452a7eed94b02512cdbb125b9d4c5bbd217e917bb8 155226 xul-ext-requestpolicy_0.5.22-1_all.deb
Files: 
 25b5e61370d5362ffd9d91b932ffcefb 2010 web optional requestpolicy_0.5.22-1.dsc
 b2ae91599f22ca1633e33653cc8ce98d 123275 web optional requestpolicy_0.5.22.orig.tar.gz
 fcf44f8ddbaa38a85ae929691388e245 11325 web optional requestpolicy_0.5.22-1.debian.tar.gz
 43908c15aacff28e01d5fbdbb40aeae0 155226 web optional xul-ext-requestpolicy_0.5.22-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJOc1PkAAoJENqGIq6T6/bYUEAQALQNTUsoFNyKKypE3VvqR6gv
uYFsXfL26BHdTWnQzL1v8YgfapM0vuSQlFB8XG835nAz2u1sOY21fxu5YxtXt/fO
7IZ5jsTDerR9jH1meAIysSjDuiANacVzbi7bqVnLSqzVrrvICp+z1GkwTvMDB6r3
vF7RG3hmG61b6GwtE/wtfmxEKa8pAQQfSs96nWSpPzf89/zeJj3DllchB1sSqh5l
H3lSssxwOvtEde1T7FlU2+4BNNBNrbQUh0yYiBtvMIKSgRqIETJAWzultYt3DpqR
rxUHSJ9PIynOQ7+wYFOXPO4wjgDzYv018GwO7AtuszjQOuiqB9406kYbiLTaMzir
C9PSq6AX+OQ3tL0leIaVngzYvj8/N7l0tDiFRoX1IGIeCnBIQdBG4/oZQGfFeIP7
9bBQRrJLjyjSUguhyQ8zFwUvDHe5ZqY6Kmnqw7U2tRym63Keh1xJ5iTq8AP9YOi9
DarBjmRBrcslU9wbGWa4PgWXpN/hlYiehr+m5rQ1spHke9TQ49mhKi12IaMbtxAw
ajVRxioPAt7bIKajF/FNRxSyMUmMkYMkYcpmfkgaSuoIg4o89dxhV15UrE6E+x+P
QyiKyeqYbeojcOFB6c0qavvKMPfgZmwELCE0i7qx1Y7HtyglAQhPz58JXEVon1bw
NnXoBzWa7jclEb5L8NP0
=JIB3
-----END PGP SIGNATURE-----





Reply sent to Fabrizio Regalli <fabreg@fabreg.it>:
You have taken responsibility. (Fri, 16 Sep 2011 21:49:29 GMT) Full text and rfc822 format available.

Notification sent to Francois Marier <francois@debian.org>:
Bug acknowledged by developer. (Fri, 16 Sep 2011 21:49:30 GMT) Full text and rfc822 format available.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 15 Oct 2011 07:36:36 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 21:19:24 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.