Closed Bug 191380 Opened 22 years ago Closed 21 years ago

Rewrite permission code (for cookies, images etc)

Categories

(Core :: Networking: Cookies, defect)

Product:
Core
Component:
Networking: Cookies
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: mvl, Assigned: mvl)

References

Details

Attachments

(10 files, 6 obsolete files)

review comments
26.25 KB, text/plain
Details
review questions for darin
5.44 KB, text/plain
Details
review answers
4.46 KB, text/plain
Details
response to "review questions for darin"
7.86 KB, text/plain
Details
interdiff between v3 and v4
28.33 KB, text/plain
Details
interdiff between v4 and v5
12.33 KB, text/plain
Details
Phase 1, version 6
117.35 KB, patch
mvl
: review+
mvl
: superreview+
Details | Diff | Splinter Review
patch to remove nsUtils from makefiles
3.31 KB, patch
Details | Diff | Splinter Review
patch to remove dead code
47.70 KB, patch
Details | Diff | Splinter Review
Attempt to fix Camino bustage
1.59 KB, patch
Details | Diff | Splinter Review 
The current code for managing permission for cookies, images and popups is all
in the cookies code. And it is not very clean.
It should be removed form extensions/cookie and made be more generic.

Also, a more clean UI is needed.

This is related to bug 187304.

This bug is for tracking that.
-> me
Adding people to CC
Assignee: riceman+bmo → mvl
Attached patch phase 1, version 1 (obsolete) — Splinter Review 
Attaching the first version to clean up the permission code.

It's functions:

Move stuff from nsPermissions.cpp to nsPermissionManager.cpp
Create seperate handlers for each consumer (cookies, images, popup)
Clean up some code
Prepare for moving out of extensions/cookie (so that cookies can go into necko)

No new functionality, but prepare for whitelisting

Also see http://yellow.exedo.nl/~michiel/permissions.html for what the next
steps should be.
Attachment #116200 - Flags: superreview?(darin)
Attachment #116200 - Flags: review?(dwitte)
Comment on attachment 116200 [details] [diff] [review]
phase 1, version 1

i might not get to this until next week.  sorry!
Attached file review comments 
review comments - mostly nits, a couple more cleanup requests, and that's about
it. looking good! can't wait for this to get in the tree :)

hopefully darin will get to look at this tomorrow or early next week, so we can
get it in before the freeze.

there are some specific questions I have for darin regarding parts of the
patch, I'll post them separately for convenience.
uhh, sorry for all the questions ;)

they're all taken from the main review attachment, so if you lose context, you
can find them in there.
Attachment #116200 - Flags: review?(dwitte) → review-
freeze? what freeze?

get more sleep, dwitte.
Attached patch phase1, version 2 (obsolete) — Splinter Review 
Changed according to most of dwitte's comments, plus as bonus making profile
switching work again. dwitte, thanks for the review!
Attachment #116200 - Attachment is obsolete: true
Attached file review answers 
Answers to comments I didn't address in the patch, and why.
Things I left out here are fixed.
Attachment #117231 - Flags: superreview?(darin)
Attachment #117231 - Flags: review?(dwitte)
Attachment #116200 - Flags: superreview?(darin)
Attached patch mac stuff (obsolete) — Splinter Review 
Mac build stuff.
Is this still needed? Anyway, as a seperate patch, because i forgot it before.
Attached patch phase 1, version 3 (obsolete) — Splinter Review 
I introduced a crash, when opening the media tab in page properties. Attaching
updated patch. Sorry for all the spam.

Changes since previous patch:
--- extensions/cookie/nsImgManager.cpp	14 Mar 2003 18:59:52 -0000
+++ extensions/cookie/nsImgManager.cpp	14 Mar 2003 22:03:14 -0000
@@ -148,10 +148,10 @@
     NS_ASSERTION(content, "no content available");
     if (content) {
       rv = content->GetDocument(*getter_AddRefs(doc));
-      if (NS_FAILED(rv)) return rv;
+      if (NS_FAILED(rv) || !doc) return rv;
 
       rv = doc->GetBaseURL(*getter_AddRefs(baseURI));
-      if (NS_FAILED(rv)) return rv;
+      if (NS_FAILED(rv) || !baseURI) return rv;
Attachment #117231 - Attachment is obsolete: true
Attachment #117248 - Flags: superreview?(darin)
Attachment #117248 - Flags: review?(dwitte)
Attachment #117231 - Flags: superreview?(darin)
Attachment #117231 - Flags: review?(dwitte)
instead of this:

static const char kHeader[] = "# HTTP Permission File\n#
http://www.netscape.com/newsref/std/cookie_spec.html\n# This is a generated
file!  Do not edit.\n\n";

try this:

static const char kHeader[] =
    "# HTTP Permission File\n"                            
    "# http://www.netscape.com/newsref/std/cookie_spec.html\n"
    "# This is a generated file!  Do not edit.\n\n";

it just reads better.

i haven't given this a completely thorough review yet.  overall, it looks solid.
 i'll try to finish my review shortly.
Attached patch Phase 1, version 4 (obsolete) — Splinter Review 
Updated patch, now includes mac build changes.
Addresses more of dwitte's comments (the nsVoidArray comments, the order of
arguments to Add(), some comments), and things darin mentioned.
Attachment #117241 - Attachment is obsolete: true
Attachment #117248 - Attachment is obsolete: true
for reviewers, changes between v3 and v4
Attachment #117248 - Flags: superreview?(darin)
Attachment #117248 - Flags: review?(dwitte)
Comment on attachment 117318 [details] [diff] [review]
Phase 1, version 4

r=dwitte

looks good!

thx for the response to those review questions, darin. also, that multiple-line
kHeader thing is neat, I didn't know you could do that.

btw, about the 'deleting permissionfile on shutdown-cleanse' thing, I didn't
catch your answer... are you unsure, or did you want us to change those?
Attachment #117318 - Flags: superreview?(darin)
Attachment #117318 - Flags: review+
I forgot to mention that this patch removes the need for nsImages.cpp and
nsPermissions.cpp. They can be removed.
oh, one more note. Once this patch and my cookie patch (bug 195908) land, we'll
have removed all dependencies on nsUtils.h and nsUtils.cpp - we can cvs remove them.

can we get r/sr for the makefile changes and cvs remove of those two files in
advance?

(so when both patches land I can whip up a makefile patch, and get whoever lands
them to take care of it at the same time)
> btw, about the 'deleting permissionfile on shutdown-cleanse' thing, I didn't
> catch your answer... are you unsure, or did you want us to change those?

i would address this particular problem in a different bug.  i'm not exactly
sure what we want to do, and others might have some good input.  it's probably
not an urgent issue, so i'm fine if you guys want to punt on it for now.
>i would address this particular problem in a different bug.  i'm not exactly
>sure what we want to do, and others might have some good input.  it's probably
>not an urgent issue, so i'm fine if you guys want to punt on it for now.

heh, i was thinking the same thing. i'll go file a bug against conrad to check
(though i suspect his answer will be "leave it the way it is")
Comment on attachment 117318 [details] [diff] [review]
Phase 1, version 4

>Index: extensions/cookie/nsCookiePermission.cpp

>+const PRUint32 kDefaultPolicy = nsIPermissionManager::ALLOW_ACTION;

declare this static.

>+nsCookiePermission::Init()
>+{
>+  nsresult rv;
>+  // Continue on an error. We can do a few things without a permission manager
>+  mPermissionManager = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv);
>+  return NS_OK;
>+}

then no need to capture |rv|.  use simpler do_GetService(ContractID) form.


>Index: extensions/cookie/nsCookiePromptService.cpp
>Index: extensions/cookie/nsCookies.cpp
>Index: extensions/cookie/nsICookiePermission.idl
>Index: extensions/cookie/nsICookiePromptService.idl
>Index: extensions/cookie/nsIImgManager.idl
>Index: extensions/cookie/nsIPermission.idl
>Index: extensions/cookie/nsIPermissionManager.idl
>Index: extensions/cookie/nsImgManager.cpp

>+  // On error, just don't use the host based lookup anymore. We can do the
>+  // other things, like mailnews blocking
>+  mPermissionManager = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv);

another case where you don't need to capture |rv|.


>+  if (NS_FAILED(rv)) {
>+    NS_WARNING("Error occured reading image preferences");
>+  }

NS_ASSERTION(NS_SUCCEEDED(rv), "...");

although the optimizer will probably have no trouble eliminating this
branch in optimized code.  i'm undecided... take your pick.


>+    // Search for two dots, starting at the end.
>+    // If there are no two dots found, ++dot will turn to zero,
>+    // that will return the entire string.
>+    PRInt32 dot = currentHost.RFindChar('.');
>+    dot = currentHost.RFindChar('.', dot-1);
>+    ++dot;

hmm... ok, you're depending on RFindChar to always return -1 on failure and to
accept -2 as an offset.  possibly a bit fragile, but seems to be ok.  anything
else would require more code... alright.


>+  // check the topic, and the cached prefservice
>+  if (!mPrefBranch) {
>+    return NS_ERROR_FAILURE;
>+  }

under what conditions is this the case?  do we want to spit out a warning?
NS_ENSURE_TRUE?  or should this indeed be silent?


>+    nsCAutoString pref = NS_ConvertUCS2toUTF8(aData);

      NS_ConvertUCS2toUTF8 pref(aData); // NS_ConvertUCS2toUTF8 is-a
nsCAutoString


>+  // check the prefservice is cached
>+  if (!mPrefBranch) {
>+    return NS_ERROR_FAILURE;
>+  }

same 'warning' question here?


>Index: extensions/cookie/nsPermissionManager.cpp

>+    nsVoidArray *mPermissionList;
>+};

>+  mPermissionList = new nsVoidArray();

why do you need to heap allocate the nsVoidArray?  it is a very
lightweight container by itself.  seems like you could save yourself
some trouble and just allocate it inline as a member var.


>+  nsCAutoString host(aHost);
...
>+  if (NS_SUCCEEDED(rv)) {
>+    uri->GetHostPort(host);
>+    if (host.IsEmpty())
>+      return NS_ERROR_FAILURE;
>+  }

better to only copy |aHost| into |host| if NS_NewURI fails, right?


>+  if (!permissionEnum) {
>+    *aEnum = nsnull;
>+    return NS_ERROR_OUT_OF_MEMORY;
>+  }

FWIW, you are not required to assign out params on failure.  however,
a lot of code doesn't check return values, so take care if you wish
to eliminate |*aEnum = nsnull|.


>+    for (PRInt32 typeIndex = typeCount-1; typeIndex >= 0; --typeIndex) {
>+      hostStruct->permissionList.RemoveElementAt(typeIndex);
>+    }
>+    // no more types are present, remove the entry
>+    mPermissionList->RemoveElementAt(hostIndex);
>+    delete hostStruct;

i must have overlooked this part when reading the patch, but if you
are simply removing elements from the list, where do you delete those
elements?  aren't you leaking memory here?


>Index: extensions/cookie/nsPermissionManager.h

>+  nsVoidArray                 *mPermissionList;

another candidate for not being dynamically allocated.


>Index: extensions/cookie/nsPopupWindowManager.cpp

>+  nsCAutoString pref = NS_ConvertUCS2toUTF8(aData);

    NS_ConvertUCS2toUTF8 pref(aData);


address these issues and sr=darin.  sorry it took me so long to review your
patch!
i'm not going to be available until sunday night or monday, so unless you need
to
discuss something with me... i think you're good to go.
Attachment #117318 - Flags: superreview?(darin) → superreview-
Attached patch Phase 1, version 5 (obsolete) — Splinter Review 
Updated to darins and dwittes comments. Thanks for the reviews!
Attachment #117318 - Attachment is obsolete: true
Comment on attachment 118073 [details] [diff] [review]
Phase 1, version 5

nice changes. asked for a few more optimizations as well.

r=dwitte
Attachment #118073 - Flags: review+
Diff between v4 and v5. Interdiff was chocking, so this might not apply, but is
shows the changes.
Fixed a problem where the tools->cookie manager items showed up as always
disabled.
And made it apply again.
Attachment #118073 - Attachment is obsolete: true
Comment on attachment 118112 [details] [diff] [review]
Phase 1, version 6

Carrying over r=dwitte and sr=darin (per comment #20)
Attachment #118112 - Flags: superreview+
Attachment #118112 - Flags: review+
checked in, thx bz!

since bug 195908 and this one are fixed, we can cvs remove nsImages.{cpp,h},
nsPermissions.{cpp,h}, and nsUtils.{cpp,h}. waiting for a few build cycles
before we go ahead and do this...
removes nsUtils from the makefiles; so it's ready for cvs removal
nsIPermission changed from char ** to nsACstring, and from PRBool to PRUint32
for permission. I missed camino. Hope this will fix it.
Attachment #118131 - Flags: superreview?(bryner)
Attachment #118131 - Flags: review?(dwitte)
Comment on attachment 118131 [details] [diff] [review]
Attempt to fix Camino bustage

>       if ( [[aTableColumn identifier] isEqualToString:@"Website"] ) {
>         // website url column
>-        nsXPIDLCString host;
>-        perm->GetHost(getter_Copies(host));
>+        nsCAutoString host;
>+        perm->GetHost(host);
>         retVal = [NSString stringWithCString:host];

I just checked this patch in, although I suspect that might need to be
|host.get()| on the last line there rather than just |host|.  We'll see what
tinderbox says.
Comment on attachment 118131 [details] [diff] [review]
Attempt to fix Camino bustage

I changed it to host.get() after looking at some other files.
Blocks: 198941
Attachment #118131 - Flags: superreview?(bryner)
closing this one out (see bug 195908 comment 37). great work mvl!
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Attachment #118131 - Flags: review?(dwitte)
Comment on attachment 118112 [details] [diff] [review]
Phase 1, version 6

>           // but cancel if it's an unsuitable URL
>           const PM = Components.classes["@mozilla.org/PopupWindowManager;1"]
>                      .getService(CI.nsIPopupWindowManager);
>-          if (!PM.testSuitability(this.popupURL))
>-            this.popupURL = null;
>         }
Um, yes, really useful change here... plus you forgot to update all of the rest of the callers in this file. I guess nobody uses this, since there doesn't seem to be a bug filed on the regression...
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: