Synopsis :
python addonParser.py extension.xpi

Description :
A simple python script that lexically analysis Firefox extensions, trying to find any problems. Outputs any problems to the terminal.

Requires :
Python Image Library

Notes :
Writes any .jar files into the $PWD/temp/ directory.

Breakdown of output :
examing chrome/ (13)
examing chrome/content/ (13)
examing chrome/content/botOFF.png (13)
examing chrome/content/botON.png (13)
examing chrome/content/dowint.css (13)
examing chrome/content/dowint.js (13)
examing chrome/content/dowint.xul (13)
        WARNING: http://dowint.net/inc/js.php does not start with chrome:// and not a local file for file chrome/content/dowint.xul (5)
examing chrome/content/logo.gif (13)
        WARNING: Image chrome/content/logo.gif does not match it's extension. Expected GIF, got PNG (2)
examing chrome.manifest (13)
examing install.rdf (13)

Numbers in parentheses at the end of line are just for debugging use only.
Text in square parentheses is often the source of the problem (used when evaluating javascript files)

Types :
Warning – something is wrong or possibly needs some examining
Error – I don’t know how to evaluate this (eg. files that I wasn’t expecting, or files that I don’t know how to properly evaluate)

Quirks (some people call this bugs) :

1. Sometimes it gives you information, but not enough context:
   WARNING: found XMLHttpRequest [var req = new XMLHttpRequest();] in file content/hrtoolbar.js (9)
2. Sometimes the output is extremely long because the js file was minified:
   WARNING: found XMLHttpRequest [var CC=Components.classes;var CI=Components.interfaces;var … ]
3. False positives can be quite common :
   WARNING: found reference to outside source [@namespace url(”http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul”);] in file skin/webwean.css. (8)
   (This is common false positive in CSS files. Though it has found a problem once)

Undecided Issues :

• What to do about .dtd and .properties (should anything be done for these files?)
• Should XHR throw up a warning? It’s fairly common, and we’re really just worried about eval.

Checks and Errors :

File :
Currently available here. Will upload repository later.

Please be advised that this tool is extremely stupid, and not a substitute for careful reviews :)

If you use screen + irssi a lot, you’ll know that sickening feeling when “screen -r” gives you a message that there are no screens to be resume. This happens when the computer is rebooted, and you lose all your screens. To add salt to the wound, you probably had your channels in some very specific window. For example, #seneca could be windows 2 and #developers could be window 6. And you can’t quite remember what was between 2 and 6.

While I can’t solve the computer rebooting problem, I have figured out a way to make connecting back to all your channels painless.

The first thing you have to do is create a network. A network would then contain a list of channels. Here’s the syntax to create a network :
/network add -nick cesar -realname “Cesar Oliveira” -autosendcmd “/^msg nickserv identify password” mozilla
It’s pretty self-explanatory.
-autosendcmd sends a message to the server once you are connected. In my case, I identified myself to nickserv with my cryptographically strong password (The /^msg means I don’t want to see the input. That way it doesn’t open up a new query window in irssi).
The last parameter is just the name of the network, which doesn’t have to be the same name as the server your connecting to (eg. irc.mozilla.org).

Then you add channels:
/channel add -auto #seneca mozilla
/channel add -auto #firefox mozilla
…
/channel add -auto #kittens mozilla
mozilla should correspond to your network. #seneca will be window 2, #firefox will be window 3…

Finally, when you get disconnected, you can connect to the irc server :
/connect -ssl -network mozilla irc.mozilla.org

Enjoy!