[RDL]

Note also that:

a) the code must be enclosed within a 'function' declaration, as shown by Springtime, including the opening and closing curly brackets. The parameter interface must be declared as shown but the arguments need not be referenced at all in your code.

b) as you almost certainly already know, just as in Keyconfig, to enter your shortcut, make sure you have your cursor visible in that 'key' box and then simply press your desired combination of keys. Your new facility, as used by Springtime, is that you could also key a sequence of keys (which may, if wished, include one or more combinations).

c) After all that, don't forget to press the 'Apply changes..' button and then 'OK'.


A question for someone clever: Could Keysnail be used to map a plain mouse button 4 click onto a mouse button 3 (middle) click? My mouse is much loved but too old to have more than basic support on Win 7. Logitech has refused to provide up-to-date management software for it. I've looked at AutoHotkey but that's a macro utility which affects all programs and could perhaps be a security risk.

[RDL]

Hmm, also a duplicate. Seems to be a problem with postings apparently hanging when they have actually already gone through.

[Springtime]

A question for someone clever: Could Keysnail be used to map a plain mouse button 4 click onto a mouse button 3 (middle) click? My mouse is much loved but too old to have more than basic support on Win 7. Logitech has refused to provide up-to-date management software for it. I've looked at AutoHotkey but that's a macro utility which affects all programs and could perhaps be a security risk.

Autohotkey is absolutely harmless, and open source. I've used it for years for all kinds of useful mappings and functionality additions. It's definitely the more ideal option for remapping a button.

Such a remapping is easy to add. Right-clicking in Windows, selecting New Autohotkey Script and pasting the following below the default code will remap the mouse button. Save the file and double-click to use. I keep about 4 or so Autohotkey script shortcuts in the Startup directory.

Code: Select all

XButton1::MButton


XButton1 = Mouse button 4 (back button)
MButton = Middle click button

The help file also includes superb documentation, one of the most comprehensive I've seen come with any program.

[RDL]

A question for someone clever: Could Keysnail be used to map a plain mouse button 4 click onto a mouse button 3 (middle) click? My mouse is much loved but too old to have more than basic support on Win 7. Logitech has refused to provide up-to-date management software for it. I've looked at AutoHotkey but that's a macro utility which affects all programs and could perhaps be a security risk.

Autohotkey is absolutely harmless, and open source. I've used it for years for all kinds of useful mappings and functionality additions. It's definitely the more ideal option for remapping a button.

Such a remapping is easy to add. Right-clicking in Windows, selecting New Autohotkey Script and pasting the following below the default code will remap the mouse button. Save the file and double-click to use. I keep about 4 or so Autohotkey script shortcuts in the Startup directory.

Code: Select all

XButton1::MButton


XButton1 = Mouse button 4 (back button)
MButton = Middle click button

The included help file includes superb documentation, one of the most comprehensive I've seen included with any program.

Thanks for your reply.

I had, of course, already at least read the information on how to remap mouse buttons using AutoHotkey and it certainly would meet my need if I decided to use it. My button 4 is a thumb button since this mouse does not have designated back/forward buttons. However, the code you supplied is correct.

I wasn't concerned about the trustworthiness of AutoHotkey itself. The question is whether anything freestanding on your system and permitting such powerful and wide ranging interventions represents a potential vulnerability. Any answer to that has to come from a very competent and paranoid security expert or else it is simply an opinion.

Perhaps compiling the script and using that without retaining AutoHotkey would present a better solution for me.

Meantime, I still wonder if Keysnail might do it.

[RDL]

More news for anyone who is still quietly gnawing off their fingers - someone who is working on getting Keyconfig signed:

The Future of Developing Firefox Add-ons | Mozilla Add-ons Blog

https://blog.mozilla.org/addons/2015/08 ... ent-218845

[Wang Xiao Ming]

Thank you so much

Hi guys.
Anyone knows how to expand the "Australis" (aka Sandwich) Open Menu button in Firefox 29+?

Code: Select all

document.getElementById("PanelUI-menu-button").click();

I know this question may be asked before, but sorry for this post is too long to read it over to find out the answer------
What is the code for 'go to the LAST TAB' and 'go to the FIRST TAB' in firefox? thx~~

Code: Select all

gBrowser.selectTabAtIndex(-1, event);
gBrowser.selectTabAtIndex(0, event);

Open Keyconfig menu. They are there already. Just look for: key_selectTab1, key_selectTab2, ... , key_selectLastTab.

[NoSpoilers]

What would be the method to getting the options I want onto a hotkey?

For example, the about:config entry I want to modify is: "extensions.tabmix.focusTab" with an integer range of 1 to 6. Integer 4 (last viewed tab) and integer 6 (last opened tab) are the options I want.

[t3l0zvxqIiXuzuH0]

What would be the method to getting the options I want onto a hotkey?

For example, the about:config entry I want to modify is: "extensions.tabmix.focusTab" with an integer range of 1 to 6. Integer 4 (last viewed tab) and integer 6 (last opened tab) are the options I want.

Code: Select all

var myPref = "extensions.tabmix.focusTab";
if ( Services.prefs.getIntPref(myPref) == 4 )
 { Services.prefs.setIntPref(myPref,6); }
else
 { Services.prefs.setIntPref(myPref,4); }

[morat]

@RDL

Did you try to upload keyconfig as an unlisted extension on AMO? You would need to change the extension id to a random guid and the target application id to the Firefox guid in the install.rdf file.

Code: Select all

- <id>keyconfig@dorando</id>
+ <id>{00000000-0000-0000-0000-000000000000}</id>

Code: Select all

- <id>toolkit@mozilla.org</id>
- <minVersion>1.9a8</minVersion>
- <maxVersion>2.0.1</maxVersion>
+ <id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</id>
+ <minVersion>4.0</minVersion>
+ <maxVersion>43.*</maxVersion>

Online GUID Generator
https://www.guidgenerator.com/online-gu ... rator.aspx

Valid Application Versions
https://addons.mozilla.org/en-US/firefo ... pversions/

Quick tutorial on signing extensions
http://custombuttons.sourceforge.net/fo ... =10#p10595

[RDL]

@RDL

Did you try to upload keyconfig as an unlisted extension on AMO? ..

Thanks very much for the suggestion, Morat. I have looked at that possibility and might, if no-one more competent publishes first, try it.

However, from what trlkly wrote in that Mozilla Blog article I linked to earlier, it looks as if the existing Keyconfig code wouldn't pass review. She/he seems to be putting substantial work into reforming it so it can pass. I know that I would not have the concentration span or stamina to do the necessary research for that if, as seems likely, it requires serious reworking.

In the end, I will probably just try for an unlisted signing anyway. Last night I started down the submission route just to have a look and, as far as I went, that in itself looks straightforward. However I would be pleasantly surprised if it went through.

I'd much rather see, by anyone's efforts, a public fork on AMO so all could use it.

There is also that other small matter of contacting Dorando for approval. I imagine she/he wouldn't mind but it seems like good manners and the fact that a normally very active and helpful member of Mozine has been silent for so long suggests she/he has more serious problems to think about.

[morat]

@RDL

I got rejected because keyconfig uses the eval() function, but I think the extension would pass on manual review.

I don’t think there are all that many valid uses for the eval() function. Some extensions allow users to enter JavaScript code that will be evaluated. Here eval() is justified though it might still be better create a function using Function() constructor and pass any variables that script might need explicitly as function parameters.

Five wrong reasons to use eval() in an extension
https://adblockplus.org/blog/five-wrong ... -extension

Extension Tests (2 warnings)

1. Access to the `eval` global

Warning: Evaluation of strings as code can lead to security vulnerabilities and performance issues, even in the most innocuous of circumstances. Please avoid using `eval` and the `Function` constructor when at all possible. Alternatives are available for most use cases.

Avoiding using eval in Add-ons
https://developer.mozilla.org/en-US/Add ... in_Add-ons

Severity for automated signing: high

Suggestions for passing automated signing:

Please try to avoid evaluating strings as code wherever possible. Read over the linked document for suggested alternatives. If you are referencing the `Function` constructor without calling it, and cannot avoid continuing to do so, consider alternatives such as calling `Object.getPrototypeOf` on an existing function object.

* components/keyconfig-service.js

Code: Select all

with(this.keyconfig.service) eval(code);

2. on* attribute being set using setAttribute

Warning: To prevent vulnerabilities, event handlers (like 'onclick' and 'onhover') should always be defined using addEventListener.

Severity for automated signing: medium

Suggestions for passing automated signing:

Please use `addEventListener` any place you might otherwise create event listener attributes. Event listener attributes will not be accepted in add-ons submitted for automated signing in any instance where they may be reasonably avoided.

* components/keyconfig-service.js

Code: Select all

node.setAttribute("oncommand",key[3]);

[RDL]

..I got rejected because keyconfig uses the eval() function, but I think the extension would pass on manual review.

Well, thanks for all those pointers. Having changed all the essentials in install.rdf (changing application to Firefox was a helpful warning), I submitted for manual review. I didn't have to change Dorando's 'contract' details lower down but probably should at some stage. Now I just have to wait 11 weeks to see what happens. Meantime I may try to see how Wladimir Palant's article might be used to eliminate eval. The oncommand thing might turn out to be simple if I sort out the difference between oncommand and onclick.

At least 7-Zip makes the editing much simpler than Winzip ever did.

11 weeks might just give me time to get past the amnesiac and stress aversion barriers. Oh, for COBOL and FORTRAN

[morat]

@RDL

These extensions also execute chrome code user scripts.

http://addons.mozilla.org/firefox/addon/2707
http://addons.mozilla.org/firefox/addon/4891
http://addons.mozilla.org/firefox/addon/6366
http://addons.mozilla.org/firefox/addon/67148

The Custom Buttons extension uses the Function() constructor.
The Vimperator extension uses the eval() function.
The FireGestures extension uses the Function() constructor.
The PrefBar extension uses the Components.utils.evalInSandbox() function.

Components.utils.evalInSandbox
https://developer.mozilla.org/en-US/doc ... lInSandbox

P.S.

Here is a fix for the following error in keyconfig 20110522.

Error: TypeError: props is undefined
Source file: chrome://keyconfig/content/keyconfig.js
Line: 420

viewtopic.php?p=14082767#p14082767

[RDL]

..These extensions also execute chrome code user scripts..
..Here is a fix for the following error in keyconfig 20110522..

Many thanks for your further advice.

I've incorporated your fixes for ' following error in keyconfig 20110522' into version 1.0.1 and submitted that. In doing so, in the notes for reviewers, I included some of your examples of extensions which got signed despite things like eval. I added keysnail (not hosted on AMO) as example, since that was recently signed for public release despite failing automatic review for similar reasons. The developer quoted 'The Vimperator' in her/his case.

[Brummelchen]

the eval() function kills nearly all personal add-ons when send for signing.
concerning keyconfig (and more) the setAttribute is easy to replace (same for setTimeout and similar)

for keyconfig just comment out the concerning function (4 lines) - this entry in prefs seems to be empty here and i dont see any relevance to any other function.

the major change would be to transport the settings from "keyconfig.bla" to "extensions.keyconfig.bla" - a first attempt was refused.

I submitted for manual review

without change of eval()) it wont be signed - word. eval() is a must change like other code

at least i miss is the highlighting of doubled keys. i dont know (or forgot) if it was present anytime.
if some need a more sophisticated add-on for this try s3.menu-wizard
viewtopic.php?f=48&t=2828771


HTH