Blog Archives

Working around untrusted certificate errors in Express JS


A few very common fatal errors thrown by the request module for express while trying to access data from self-signed web servers are Error: DEPTH_ZERO_SELF_SIGNED_CERT and UNABLE_TO_VERIFY_LEAF_SIGNATURE

This is because of https://github.com/nodejs/node-v0.x-archive/pull/4023 which mandates NodeJS to validate a server’s certificate by default, which needless to say is how things should be in a production environment.

However, more often than none we tend to use self-signed SSL certificates in our development environments or even within internal networks.

Thankfully for such brain-wracking moments, two particular flags come to our rescue. Enter strictSSL and rejectUnauthorized. The way I personally like to use these flags, is to set defaults within my development environments as follows to bypass SSL validation hence, saving the day! 🙂

var request = require('request').defaults({
    strictSSL: false,
    rejectUnauthorized: false
 });

Please do note, that I do not recommend that you ever try this on your production systems without understanding the true implications of what disabling strictSSL and rejectUnauthorized means for you node server. By disabling these, you are essentially telling your server to skip validation of the requested server’s identity, which leaves your application in quite a vulnerable position.

Rebooting the Bugsmith’s Blog


It’s been a long long time since I last posted in this space. I guess I had been a bit too caught up with life and had been overly focused on my job.

Recently, I realized that I have become quite dormant in the open source communities, and it has been quite some time since I made a worthwhile commit on GitHub / Pagure / BitBucket/etc. My GitHub streak now looks mostly empty which means I have been lazy for over a year now.

So, enough with the slacking around for so long. It’s time to reboot the Bugsmith and get back to the groove of things.

It’s time to draw a line and balance out all the imbalances in my current everyday life. This means fixing my office work schedule, being a bit conscious about my health, and most importantly, getting back to doing something worthwhile with my life.

So, here’s the plan:-

  1. I’ll start posting more often about anything and everything.
  2. I’m gonna start sharing as much of my everyday learning related to tech and non-tech using this blog as a medium.
  3. Finish up all of my pending work [mostly personal stuff which I have been ignoring for a long time now].
  4. Get back to contributing more pro-actively to Open Source projects which I find interesting.
  5. Get back to attending tech-meetups in my vicinity and beyond.
  6. Well basically, get my stuff together and get back to being awesome yet again. 😉

Let’s see how I manage to cope up with my self-expectations! 🙂

Installing Firefox Nightly with Australis on Fedora 18 / 19 / 20


Australis Sceenshot

Screenshot of Firefox Nightly with Australis on Fedora 19

Are you a Fedora user who wants to check out the new Australis Theme for Firefox scheduled for release with Firefox 28? However, you are a bit apprehensive of letting go that stable release of Firefox in bundled within your Fedora installation by default, just in case something goes wrong with the nightly beta release.

If this is what defines your current dilemma, fear not. You can have both the stable as well as the nightly beta versions installed simultaneously in your computer in a few simple steps without any trouble at all! Here’s how to do it in case of Firefox Nightly version 28 [the latest release at the time of writing this post]:-

Step 1: Login as Super User:-

$su

Step 2: Get the nightly package:-

Go to http://nightly.mozilla.org to get the latest available nightly build for your system.

Screenshot of Firefox Nightly Webpage

Firefox Nightly Webpage

Alternatively, you can use the command line tool wget to directly download it via the command line as follows:-

#wget http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-trunk/firefox-28.0a1.en-US.linux-x86_64.tar.bz2

Step 3: Extract the contents of the tar ball as follows:-

#tar -xvf firefox-28.0a1.en-US.linux-x86_64.tar.bz2

Step 4: Rename the extracted directory to “nightly”:-

#mv firefox nightly

Step 4: Create an installation directory:-

#mkdir /opt/firefox

Step 5: Move the contents of the “nightly” directory to the installation directory:-

#mv /nightly /opt/firefox/nightly

Step 6: Create a Symbolic link for the Nightly installation:-

#ln -s /opt/firefox/nightly/firefox /usr/local/bin/nightly

Step 7:Run Firefox Nightly by typing the following within the command line or the alt+f2 launcher:-

For command line: $nightly

For alt+f2: nightly

Step 8: Relax and enjoy the Australis awesomeness! 🙂

From Netscape To Firefox: The Story Of Mozilla Firefox


Introduction

The history of Mozilla, upon which Firefox was built, extends all the way back to 1994, when the name was first established as a branding for the “mosaic killer,” Netscape Navigator. Mozilla as a modern day institution found its beginnings in 1998, when Netscape decided to release the source code of its dying browser to the open source community. Even later still, the browser that would become Firefox did not come into existence until 2002. In a sense, Firefox 1.0 came out in 2004 after 10 years of laying its foundations.

Origins

The origins of Firefox can be traced directly to Netscape, a compan­y whose Web browser, Netscape Navigator, was the dominant browser before Microsoft developed Internet Explorer. The internal company name for the browser was Mozilla. Eventually, Netscape released the source code for Navigator under an open source license, meaning anyone could see and use the code. A non­profit group was set up to direct the development of browsers using this code. This group became the Mozilla Foundation in 2003.

However, Firefox is not the browser the Mozilla group would have released if everything had gone as planned. Like Netscape Navigator before it, the Mozilla software was becoming bigger and bigger as more features were added in ­­ a problem in software development known as “feature creep” or “bloat”.

Around this time, the Firefox project was started as an experimental branch of the Mozilla project by Dave Hyatt, Joe Hewitt, Chanial and Blake Ross. Instead of accepting the feature creep, Blake Ross, (a computer enthusiast who first started helping out the Mozilla project as a hobby when he was 14) decided to start developing his own Mozilla­ based browser, focusing on a streamlined and simple version. Software developer Dave Hyatt also played a major role. Ross was joined by Ben Goodger in 2003, and development progressed rapidly from that point.

They believed that the commercial requirements of Netscape’s sponsorship and developer­ driven feature creep compromised the utility of the Mozilla browser. To combat this perceived software bloat[1] of the Mozilla Suite [2] they created a stand­alone browser, with which they intended to replace the Mozilla Suite. On April 3, 2003, the Mozilla Organization announced that they planned to change their focus from the Mozilla Suite to Firefox and Thunderbird.

Although the Mozilla Foundation had intended to make the Mozilla Suite obsolete and replace it with Firefox, the Foundation continued to maintain the suite until April 12, 2006 because it had many corporate users and was bundled with other software. The Mozilla community (as opposed to the Foundation) continues to release new versions of the suite, using the product name SeaMonkey to avoid confusion with the original Mozilla Suite.

On February 5, 2004, business and IT consulting company AMS categorized Mozilla Firefox (then known as Firebird) as a “Tier 1” (“Best of Breed”) open source product, considering it technically strong and virtually risk­-free.

Naming

Phoenix:

The project which became Firefox started as an experimental branch of the Mozilla Suite called m/b (or mozilla/browser), underwent several name changes. After it had been sufficiently developed, binaries (experimental versions) for public testing appeared in September 2002 under the name Phoenix. The Phoenix name was kept until April 14, 2003, when it was changed because of a trademark dispute with the BIOS manufacturer, Phoenix Technologies (which produces a BIOS­ based browser called Phoenix FirstWare Connect).

Manticore:

The foundations of Phoenix progressed along an entirely different development mindset from its parent Mozilla. Instead of focusing on large application suites developed by large development teams headed by senior programmers, Phoenix centered around a small, core development team concentrated exclusively on the web browsing aspect of the Mozilla Suite. The ideas for these small volunteer projects had manifested themselves earlier with David Hyatt and Ben Goodger’s Manticore browser, built on Netscape and Internet Explorer using C# and .NET. However, where Manticore looked to offer basic browsing functions in a lean form factor, Blake Ross and David Hyatt’s Phoenix looked to innovate on the browsing experience, focusing on security and utility as the pillars of the new browser. Unconstrained by the business­ minded Netscape, Ross and Hyatt could develop a browser “completely focused on the end user.”

Firebird:

In April, 2003, Mozilla announced it would call its new browser “Firebird”­­a mythical creature sometimes considered synonymous with the phoenix, an immortal bird that regenerates itself through self­immolation, to avoid the Phoenix conflict. The new name, Firebird, met with mixed reactions, particularly as the Firebird database server already carried the name. It provoked an intense response from the Firebird free database software project. In response, the Mozilla Foundation stated that the browser should always bear the name Mozilla Firebird to avoid confusion with the database software.
Confusingly enough, the sponsor of the Firebird database development group, went by the name of IBPhoenix (no relationship to Phoenix Technologies, which presented the initial trademark challenge to Mozilla). Formed in 1984 by InterBase Software and acquired by Borland Software in 1991, the group had launched the Firebird free database open­ source project in 2000.

Firefox:

Continuing pressure from the Firebird community forced another change, and on February 9, 2004 the project was renamed Mozilla Firefox (or Firefox for short). The name “Firefox” (a reference to the red panda [3]) was chosen for its similarity to “Firebird”, but also for its uniqueness in the computing industry. To ensure that no further name changes would be necessary, the Mozilla Foundation began the process of registering Firefox as a trademark with the United States Patent and Trademark Office in December 2003. This trademark process led to a delay of several months in the release of Firefox 0.8 when the foundation discovered that Firefox had already been registered as a trademark in the UK for Charlton Company software. The situation was resolved when the foundation was given a license to use Charlton’s European trademark.

Versions

The Firefox project went through many versions before 1.0 was released on November 9, 2004. After a series of stability and security fixes, the Mozilla Foundation released its first major update, Firefox version 1.5, on November 29, 2005. Version 2.0 was released on October 24,2006. Firefox 3.0 was released on June 17, 2008, with Version 3.5 and Version 3.6 released on June 30, 2009 and January 21, 2010 respectively. Version 4.0 was released on March 22, 2011. With Version 5.0 onwards the rapid release cycle was realized which envisions a new major version release every six weeks on Tuesday. Firefox 10, was released on January 31, 2012. The latest version, Firefox 10.0.2 was released on February 16, 2012

Key Terms

  1. Software bloat is a process whereby successive versions of a computer program include an increasing proportion of unnecessary features that are not used by end users, or generally use more system resources than necessary, while offering little or no benefit to its users.
  2. Mozilla Suite: Codenamed, internally referred to, and continued by the community as SeaMonkey, which integrated features such as IRC, mail and news, and WYSIWYG HTML editing into one software suite.
  3. A Firefox is another name for the red panda, a red­-furred, endangered mammal related to the giant panda and found in the Himalayas, China and Myanmar.

References

  1. http://en.wikipedia.org/wiki/Firefox
  2. http://en.wikipedia.org/wiki/History_of_Firefox
  3. http://www.foxkeh.com/downloads/history/history­original.pdf
  4. http://news.cnet.com/2100­1032_3­1000146.html
  5. http://web.archive.org/web/20070914035447/http://www.ibphoenix.com/main.nfs?a=ibphoenix&page=ibp_Mozilla0
  6. http://news.cnet.com/2100­7344­5156101.html
  7. http://www.zytrax.com/tech/web/firefox­history.html
  8. http://computer.howstuffworks.com/internet/basics/firefox1.htm
  9. http://www­cs­faculty.stanford.edu/~eroberts/cs201/projects/firefox­market­dynamics/
  10. http://www.andrewturnbull.net/mozilla/historyfx.html
%d bloggers like this: