Closed Bug 1094825 Opened 10 years ago Closed 9 years ago

Log use of window.crypto.signText in web console

Categories

(DevTools :: Console, defect)

Product:
DevTools
Component:
Console
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: mgoodwin, Assigned: mgoodwin)

References

Details

Attachments

(1 file, 1 obsolete file)

Bug1094825_console_message.patch
4.88 KB, patch
past
: review+
lmandel
: approval-mozilla-beta-
Details | Diff | Splinter Review 
window.crypto.signText is going away soon.

Let's let developers know about this (and what to do instead) in the web console.
Attached patch Bug1094825_console_message.patch (obsolete) — Splinter Review 
This is the deprecation warning for signText for Fx34.
Attachment #8521499 - Flags: review?(dkeeler)
Comment on attachment 8521499 [details] [diff] [review]
Bug1094825_console_message.patch

Review of attachment 8521499 [details] [diff] [review]:
-----------------------------------------------------------------

r=jcj

Looks straightforward and safe.
Comment on attachment 8521499 [details] [diff] [review]
Bug1094825_console_message.patch

Review of attachment 8521499 [details] [diff] [review]:
-----------------------------------------------------------------

Looks good. r=me with comments addressed.

::: security/manager/ssl/src/nsCrypto.cpp
@@ +2458,5 @@
> +  nsCOMPtr<nsIDocument> document;
> +  GetDocumentFromContext(aContext, getter_AddRefs(document));
> +  if (!document) {
> +    aReturn.Append(internalError);
> +

nit: probably don't need this blank line (oh, I see - it was like that already. Well, go ahead and remove the blank lines anyway.)

@@ +2463,5 @@
> +    return;
> +  }
> +
> +  nsIURI* uri = document->GetDocumentURI();
> +

nit: same

@@ +2466,5 @@
> +  nsIURI* uri = document->GetDocumentURI();
> +
> +  if (!uri) {
> +    aReturn.Append(internalError);
> +

nit: same

@@ +2470,5 @@
> +
> +    return;
> +  }
> +
> +  nsContentUtils::ReportToConsoleNonLocalized(NS_LITERAL_STRING("window.crypto.signText is deprecated and will soon be removed."),

Maybe make a named literal string instead of having this line be long. Also, should we provide a link to documentation on this?

@@ +2471,5 @@
> +    return;
> +  }
> +
> +  nsContentUtils::ReportToConsoleNonLocalized(NS_LITERAL_STRING("window.crypto.signText is deprecated and will soon be removed."),
> +                                          nsIScriptError::errorFlag,

The indentation here should match up with the ( on the previous line.

@@ +2480,1 @@
>    aReturn.Truncate();

This should go before any uses of aReturn, I believe.
Attachment #8521499 - Flags: review?(dkeeler) → review+
(In reply to David Keeler (:keeler) [use needinfo?] from comment #3)
> >    aReturn.Truncate();
> 
> This should go before any uses of aReturn, I believe.

I think the intent was for internalError and the truncation of aReturn to be together - but the latter looks misplaced with my additions in between. I think the right thing to do here is to move aReturn.Truncate() above my additions. Agreed?
Flags: needinfo?(dkeeler)
Sorry to be a pain, Panos, but Keeler suggested a '[learn more]'.

The Devtoolsy bit is now a hefty 5 lines...
Attachment #8521499 - Attachment is obsolete: true
Flags: needinfo?(dkeeler)
Attachment #8521679 - Flags: review?(past)
See Also: → 1097974
Attachment #8521679 - Flags: review?(past) → review+
Comment on attachment 8521679 [details] [diff] [review]
Bug1094825_console_message.patch

Approval Request Comment
[Feature/regressing bug #]:
Bug 1094825. See also https://bugzilla.mozilla.org/show_bug.cgi?id=1083118#c20

[User impact if declined]:
Developers will have no warning of impending removal of window.crypto.signText

[Describe test coverage new/current, TBPL]:
Current test coverage is adequate for devtools changes. There is no current or new coverage of window.crypto.signText (this is a deprecation warning for this function)

[Risks and why]: 
Low risk; there's a minimal change to nsCrypto.cpp (of local significance) and an even smaller change to webconsole.js which has good test coverage.

[String/UUID change made/needed]:
No String or UUID changes. There is a (non-localized) web console message warning of deprecation and a link to MDN content for more info.
Attachment #8521679 - Flags: approval-mozilla-beta?
Comment on attachment 8521679 [details] [diff] [review]
Bug1094825_console_message.patch

I understand the reasoning behind this but without knowing whether this will be effective or not it seems too late in Beta to take this change. People should already have been alerted to the fact that crypto.signText() is going away by our disabling the feature in Firefox 33. We will also be talking about this and need to ensure people know about our migration path after the 34 release. How about adding the warning to the dev browser (currently 35), which is what we are suggesting developers use?
Attachment #8521679 - Flags: approval-mozilla-beta? → approval-mozilla-beta-
(In reply to Lawrence Mandel [:lmandel] (use needinfo) from comment #8)
> How about adding the warning to the dev browser (currently 35),
> which is what we are suggesting developers use?

My understanding is that the plan was for this to be gone (again) in 35.

Is that correct, Richard?
Flags: needinfo?(rlb)
signText is gone in 35 - this isn't necessary anymore.
Status: NEW → RESOLVED
Closed: 9 years ago
Flags: needinfo?(rlb)
Resolution: --- → WONTFIX
Product: Firefox → DevTools
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: