For the past 6 months, I have been at CDOT as Mike Hoye's cronie, and along with scott and annasob, I have been working towards creating an enterprise version of Mozilla's Firefox. Bespoke IO, mhoye's company, will be selling the software that lets administrators customize Firefox and produces the MSI that makes deployment across a network easier. It will also be offering Sync services. If you are not familiar with that, Sync lets you store your browsing history in a server--your own or Mozilla's--so that you can you can access your browsing history, passwords, and bookmarks across several different devices. I will leave the elevator pitch for the boss.
As far as I know, an enterprise version of Firefox conflicts with Mozilla's philosophies about freedom on the web. (To illustrate what "freedom on the web" means, an example: if a user wants to watch a video on YouTube, s/he should just be able to click on a link and the video will play instead of being told that s/he needs a plugin.) That is why Mozilla has not produced the product themselves, and an opportunity for my co-op position was available.
Since Mozilla is open source, it was a matter of taking the existing Build Your Own Browser code and customizing it (with a lot of guidance from kev and lorchard!). The first screenshot is what our BYOB was near the beginning of the project. The first thing I added was the Homepage tab. The second screenshot is what the latest version looks like. The administrator can now choose to lock some things, like the homepage, proxy settings, and which updates are allowed.
Wading through code
It was a mess :s As mhoye put it, he threw me under a bus. Although the framework BYOB was built on was documented (Kohana), for me, there was no way to actually understand what was happening in BYOB unless I did a million printouts and walkthroughs. I realized only much later that the code was exactly what they taught Seneca students in the SYS courses. You have your views, controllers, and models, and then the database.
mhoye had me started on letting an admin choose what the homepage was. Where do I begin? My coding bff since then has been the Multi-file Search option in Textwrangler. I searched for all instances of General, then Locales, then Collections in the hopes that I could trace what happened whenever these words popped up. The problem was that General was useless and Locales was coded differently from little prefs like homepage and proxy settings.
Luckily, kev and lorchard were kind enough to point me in the right direction. But then, it was like giving me a clue as opposed to telling me exactly what to do, which was better in the end. Teach a man how to fish and all that.
Since then, I have gotten to know BYOB really well, but I still learn something everyday, whether it's coding in PHP or bits of Firefox itself. (I dabble in Python every other month, too, but I avoid that part of the code as much as possible.) So far, I can lock down the homepage, proxy settings, and updates. End users cannot change them. Administrators can also add certificates and specify what server they want to use with Sync (if they want it to be used at all).
Challenges
Mozilla's goal is to give the user the best web experience possible; mine is to cramp the user's style just a little bit.
The last great roadblock I had was both a coding problem and a Firefox issue: how do I get BYOB to upload certificates and then add them to the list of certificates in Firefox right from the beginning?
The frustrating thing about coding with Kohana was that I didn't grasp the idea of routes right away. There is a special file in the framework that says, if your url is like this: http://myapp.com/fnName/randomText/moreRandom/, then you should be accessing the first file with function fnName in it (there could be more than one!), and pass it the "*[Rr]andom*" arguments.
I also came up with what I believe to be a rather inelegant solution to adding certificates to Firefox... only to find out that unless I find a way to make the certificate window read-only/disappear, a user can delete any certificate in it. That's problem # 2.
Problem # 1 is bookmarks. Adding bookmarks to a Firefox build was something that Moz's BYOB already did, but how do I lock those bookmarks so that users can't delete them? I know of places.sqlite, bookmarks.html,and the bookmarkbackups folder... But how do I fiddle with those three so that my bookmarks can't be deleted? Right now, I can create a file with json-formatted bookmarks data in it and name it so that Firefox will always load those bookmarks when the browser starts. But that prevents any bookmarks the user will add from loading. Not very user-friendly.
Problem # 3 is preventing the user from deleting addons. Right now, addons are locked so that a user can disable them, but not delete them. From the reading I've done, there is a file called userChrome.css that I can write myself; it prevents the addon manager from appearing at all. I could insert that file into the depths of the Firefox application directory. Is there a better way?
What's next?
Sometime in the summer semester, I believe mhoye is looking for beta testers, so a deadline is tentatively set. My goal for the next week is to leave some good documentation (so that I don't curse myself when I come back from the semester break) and get the bookmarks locked. Still not sure what to do... If you have any answers, please share :D
