Closed
Bug 1125289
Opened 9 years ago
Closed 9 years ago
KidFox: Restricted profiles - Hide all add-ons and apps installation/removal features and related UI
Categories
(Firefox for Android Graveyard :: Profile Handling, defect)
Tracking
(firefox42 verified)
VERIFIED
FIXED
Firefox 42
Tracking | Status | |
---|---|---|
firefox42 | --- | verified |
People
(Reporter: jchaulk, Assigned: sebastian)
References
Details
Attachments
(2 files)
6.24 KB,
patch
|
ally
:
review+
|
Details | Diff | Splinter Review |
2.06 KB,
patch
|
Margaret
:
review+
Margaret
:
feedback+
|
Details | Diff | Splinter Review |
No description provided.
Updated•9 years ago
|
OS: Windows 8.1 → Android
Hardware: x86_64 → All
Version: unspecified → Trunk
Assignee | ||
Updated•9 years ago
|
Assignee: nobody → s.kaspari
Status: NEW → ASSIGNED
Assignee | ||
Comment 1•9 years ago
|
||
This patch and the following build up on the changes made in bug 1180653. Part 1: Disallow installation of add-ons and apps.
Assignee | ||
Comment 2•9 years ago
|
||
Part 2: Disallow browsing about:addons if DISALLOW_INSTALL_EXTENSION restriction is enforced.
Assignee | ||
Updated•9 years ago
|
Attachment #8637908 -
Flags: review?(ally)
Assignee | ||
Updated•9 years ago
|
Attachment #8637940 -
Flags: review?(ally)
Comment 3•9 years ago
|
||
Comment on attachment 8637908 [details] [diff] [review] 1125289-part1-disallow.patch Review of attachment 8637908 [details] [diff] [review]: ----------------------------------------------------------------- This is so much nicer to read. :)
Attachment #8637908 -
Flags: review?(ally) → review+
Comment 4•9 years ago
|
||
Comment on attachment 8637940 [details] [diff] [review] 1125289-part2-about_addons.patch Review of attachment 8637940 [details] [diff] [review]: ----------------------------------------------------------------- So, this seems to work, and we could probably land this for v1 without suffering too much. That said, I am concerned that this is not the best approach. I would have though AboutRedirector.java would be a better place as it controls the access to the about: urls. Margaret, thoughts?
Attachment #8637940 -
Flags: review?(ally) → feedback?(margaret.leibovic)
Comment 5•9 years ago
|
||
Comment on attachment 8637940 [details] [diff] [review] 1125289-part2-about_addons.patch Review of attachment 8637940 [details] [diff] [review]: ----------------------------------------------------------------- ::: mobile/android/base/RestrictedProfiles.java @@ +277,5 @@ > + if (restriction == Restriction.DISALLOW_BROWSE_FILES > + && url.toLowerCase().startsWith(ABOUT_ADDONS) > + && !isAllowed(context, Restriction.DISALLOW_INSTALL_EXTENSION)) { > + return false; > + } This seems fine to me. Does this also catch URLs opened from JS? If it doesn't I suppose that means we have bigger problems to deal with.
Attachment #8637940 -
Flags: feedback?(margaret.leibovic) → feedback+
Assignee | ||
Comment 6•9 years ago
|
||
url: https://hg.mozilla.org/integration/fx-team/rev/2b241cb3d78832537aca9d72c5b933dcdb55eff7 changeset: 2b241cb3d78832537aca9d72c5b933dcdb55eff7 user: Sebastian Kaspari <s.kaspari@gmail.com> date: Tue Jul 28 13:40:37 2015 +0200 description: Bug 1125289 - (Part 1) Disallow installing add-ons and apps. r=ally
Assignee | ||
Comment 7•9 years ago
|
||
Added 'leave-open' because I only landed part 1 so far. (In reply to :Margaret Leibovic from comment #5) > Does this also catch URLs opened from JS? If it doesn't I suppose that means > we have bigger problems to deal with. Yeah, I tried redirecting using window.location='..' and for guest/restricted profiles this method is called. @Ally: Do we want to land part 2 as-is for v1?
Flags: needinfo?(ally)
Keywords: leave-open
Comment 8•9 years ago
|
||
Comment on attachment 8637940 [details] [diff] [review] 1125289-part2-about_addons.patch Drive-by r+ :)
Attachment #8637940 -
Flags: review+
Comment 10•9 years ago
|
||
sounds like margaret has given you an r+ to land as is. go for it.
Flags: needinfo?(ally)
Assignee | ||
Comment 11•9 years ago
|
||
url: https://hg.mozilla.org/integration/fx-team/rev/ae3706a5cb96da2f5a645f3b6867652f7b451311 changeset: ae3706a5cb96da2f5a645f3b6867652f7b451311 user: Sebastian Kaspari <s.kaspari@gmail.com> date: Tue Jul 28 14:20:51 2015 +0200 description: Bug 1125289 - Restricted profiles: Disallow browsing about:addons. r=margaret
Assignee | ||
Updated•9 years ago
|
Keywords: leave-open
Comment 12•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/ae3706a5cb96
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox42:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 42
Updated•3 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•