Closed Bug 200644 Opened 21 years ago Closed 21 years ago

rework port handling in permissions code

Categories

(Core :: Networking: Cookies, defect)

Product:
Core
Component:
Networking: Cookies
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: dwitte, Assigned: mvl)

References

Details

Attachments

(2 files)

ingore the port
4.14 KB, patch
dwitte
: review+
darin.moz
: superreview+
Details | Diff | Splinter Review
also update the js
3.38 KB, patch
dwitte
: review+
darin.moz
: superreview+
Details | Diff | Splinter Review 
from a discussion in bug 176950, it's evident that the port handling in the
permission backend isn't really implemented properly. so, opening this bug to
figure out what to do about ports. pasted from bug 176950 comment 7, though I've
left out a lot of stuff:

so we could do something like:
1) given a URI e.g. "http://foo.com/", first check the permission list for the
host foo.com on the default http port, which would be "foo.com:80".
2) if no entry was found, then check for foo.com with no port, which would be
"foo.com".

the code to do this is very simple; the only issue that bsmedberg pointed out
was that we now have to do twice the number of hash lookups, but it's the most
flexible and powerful option. if we decide we're okay with assuming a specific
port for everything (i.e. blocking "http://foo.com" will only block port 80,
which would make doug's library example impossible to solve), then we can assume
default ports for unspecified entries, and eliminate step 2. we could also drop
ports altogether, and keep things simple. either of these three options sounds
valid to me.
I suggest to just ignore ports while looking up permissions. When you block
images for domain.com, you most likely also wants to block images when you are
pointed to port 8080 instead of the normal port.
Checking the port would make it confusing for the user. It would also have an
impact on speed, as we need twice as much lookups.
you might be able to store the "block all ports" as the entry port=0...

I don't know if that helps w/ the search optimization or not.

I would like to keep ports, even though I've been told cookies are cross-port
states, and the utility for ad blocking is limited (people want expansive domain
blocking, not more granularity).

The fundamental building block of the IP network is the socket, and that is a
hostip:port in the modern world. If we are careless now and ignore port,
something bad will happen later, I just can't think of an example right now.


the way you store the "block all ports" wildcard doesn't really matter, the
problem is it forces you to do twice the number of lookups. e.g. "foo.com:80"
needs to check if there's an entry for its specific port first (80), then check
if there's an entry for all ports.

it's a nice thing to have... question is, do we want to do it now, or wait until
someone demonstrates a need for it (which may be never)?

i like mvl's suggestion for now. less bloat, more perf :)
if that is what you want. please make it so we can add port support in the
future w/o having to gut everything you put into place now. (aka cookies?)
well, what I think really means nothing until other more-qualified people
approve. ;)

but as regards to adding it in the future, a) we don't have it in a working
state right now, so it's hard to make things worse b) even so, it's quite
trivial to add (in principle, it's just one extra lookup, but in practice we
might want a new hash entryclass and hashing function to store the port as an
integer, like bsmedberg suggested).
*** Bug 69486 has been marked as a duplicate of this bug. ***
cc'ing mstoltz - can you take a look at this and give us your thoughts?
I don't have much to add. I think it would be a nice power-user feature to block
based on prts, but I'm not sure it's all that necessary for the average user.
*** Bug 224606 has been marked as a duplicate of this bug. ***
This discussion has been going on way too long. Just ignore the port, for now,
which is obviously what anyone you would expect as a default. Then, later, if
someone really wants to implement port-based blocking, great. In the meantime,
this is just another place people can point to and say, "See, IE really is better."
so who wants to write the patch?
Attached patch ingore the portSplinter Review 
This patch just makes the permission manager ignore the port.
The downside of it is that current entries with a port are not used anymore. Do
we consider that a problem?
IMO, Since port-based popup blocking was never, AFAIK, advertised to work, it
doesn't seem crucial to worry about breaking it. If anybody complains, then a
new bug could be opened to look at actually implementing one of the various
port-based popup blocking options discussed above.
Attachment #134773 - Flags: review?(dwitte)
Forgot to update the javascript...
Comment on attachment 134773 [details] [diff] [review]
ingore the port

r=me... simple patch ;)
Attachment #134773 - Flags: superreview?(darin)
Attachment #134773 - Flags: review?(dwitte)
Attachment #134773 - Flags: review+
Attachment #134777 - Flags: superreview?(darin)
Attachment #134777 - Flags: review+
Comment on attachment 134773 [details] [diff] [review]
ingore the port

code looks fine.  are there compatibility issues to worry about?  what happens
when someone goes back to an older version of moz?
Attachment #134773 - Flags: superreview?(darin) → superreview+
Attachment #134777 - Flags: superreview?(darin) → superreview+
The only problem can be when someone allow say domain.com:8080 to show popups.
He now has to allow just domain.com. If he leaves the old entry in his
cookperm.txt, nothing bad will happen when he goes back to an old version.
Both patches are checked in.
Leaving the bug open to discuss more advanced port handling.
do we even want more advanced port handling? i think "no ports" is just fine ;)

your call...
If that is the convlusion of the discussion, ok :)
But there were some comments wanting better stuff. I personally think it is ok
as it is now.
then wontfix it, you're the MO :)

<mvl>   don't spam me :)

ok ;)
closing this.
If someone disagree, reopen or file a new bug.
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
QA Contact: core.networking.cookies → benc
Blocks: 224606
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: