summaryrefslogtreecommitdiffstats
path: root/toolkit/components/telemetry/docs/data/addons-malware-ping.rst
diff options
context:
space:
mode:
Diffstat (limited to 'toolkit/components/telemetry/docs/data/addons-malware-ping.rst')
-rw-r--r--toolkit/components/telemetry/docs/data/addons-malware-ping.rst42
1 files changed, 42 insertions, 0 deletions
diff --git a/toolkit/components/telemetry/docs/data/addons-malware-ping.rst b/toolkit/components/telemetry/docs/data/addons-malware-ping.rst
new file mode 100644
index 000000000..18502d748
--- /dev/null
+++ b/toolkit/components/telemetry/docs/data/addons-malware-ping.rst
@@ -0,0 +1,42 @@
+
+Add-ons malware ping
+====================
+
+This ping is generated by an add-on created by Mozilla and shipped to users on older versions of Firefox (44-46). The ping contains information about the profile that might have been altered by a third party malicious add-on.
+
+Structure:
+
+.. code-block:: js
+
+ {
+ type: "malware-addon-states",
+ ...
+ clientId: <UUID>,
+ environment: { ... },
+ // Common ping data.
+ payload: {
+ // True if the blocklist was disabled at startup time.
+ blocklistDisabled: <bool>,
+ // True if the malicious add-on exists and is enabled. False if it
+ // exists and is disabled or null if the add-on was not found.
+ mainAddonActive: <bool | null>,
+ // A value of the malicious add-on block list state, or null if the
+ // add-on was not found.
+ mainAddonBlocked: <int | null>,
+ // True if a malicious user.js file was found in the profile.
+ foundUserJS: <bool>,
+ // If a malicious secmodd.db file was found the extension ID that the // file contained..
+ secmoddAddon: <string | null>, .
+ // A list of IDs for extensions which were hidden by malicious CSS.
+ hiddenAddons: [
+ <string>,
+ ...
+ ],
+ // A mapping of installed add-on IDs with known malicious
+ // update URL patterns to their exact update URLs.
+ updateURLs: {
+ <extensionID>: <updateURL>,
+ ...
+ }
+ }
+ }