Closed
Bug 1126004
Opened 9 years ago
Closed 9 years ago
Make JS callers of ios.newChannel call ios.newChannel2 in toolkit/components/places
Categories
(Core :: DOM: Security, defect)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla38
Tracking | Status | |
---|---|---|
firefox38 | --- | fixed |
People
(Reporter: ckerschb, Assigned: ckerschb)
References
Details
Attachments
(2 files, 2 obsolete files)
3.26 KB,
patch
|
mak
:
review+
|
Details | Diff | Splinter Review |
8.77 KB,
patch
|
ckerschb
:
review+
|
Details | Diff | Splinter Review |
Splitting up Bug 1087744 before it becomes too messy.
Assignee | ||
Comment 1•9 years ago
|
||
Attachment #8554774 -
Flags: review?(mak77)
Assignee | ||
Comment 2•9 years ago
|
||
Attachment #8554775 -
Flags: review?(mak77)
Assignee | ||
Updated•9 years ago
|
Assignee: nobody → mozilla
Status: NEW → ASSIGNED
Comment 3•9 years ago
|
||
Copying over Marco's comment 25 from bug 1087744 so we don't lose context: Comment on attachment 8553427 [details] [diff] [review] [diff] [review] js_15_toolkit_components_places.patch Review of attachment 8553427 [details] [diff] [review] [diff] [review]: ----------------------------------------------------------------- ::: toolkit/components/places/nsLivemarkService.js @@ +671,5 @@ > let loadgroup = Cc["@mozilla.org/network/load-group;1"]. > createInstance(Ci.nsILoadGroup); > + let feedPrincipal = > + secMan.getSimpleCodebasePrincipal(this.feedURI); > + let channel = NetUtil.newChannel2(this.feedURI.spec, how much safe is this? What does getSimpleCodebasePrincipal do? The truth here is that we can't get a principal from a document or such, we just have a feed uri and we want to read its contents. It's effectively loading data from the Web. do we need any additional safety?
Assignee | ||
Comment 5•9 years ago
|
||
(In reply to Tanvi Vyas [:tanvi] from comment #3) > Copying over Marco's comment 25 from bug 1087744 so we don't lose context: > > > Comment on attachment 8553427 [details] [diff] [review] > js_15_toolkit_components_places.patch > > Review of attachment 8553427 [details] [diff] [review]: > ----------------------------------------------------------------- > > ::: toolkit/components/places/nsLivemarkService.js > @@ +671,5 @@ > > let loadgroup = Cc["@mozilla.org/network/load-group;1"]. > > createInstance(Ci.nsILoadGroup); > > + let feedPrincipal = > > + secMan.getSimpleCodebasePrincipal(this.feedURI); > > + let channel = NetUtil.newChannel2(this.feedURI.spec, > > how much safe is this? What does getSimpleCodebasePrincipal do? > The truth here is that we can't get a principal from a document or such, we > just have a feed uri and we want to read its contents. > It's effectively loading data from the Web. do we need any additional safety? Sorry it took as so long to reply. We discussed the scenarios for feeds in our meeting today. Jonas, Tanvi and myself concluded that we should just create a principal from the feed uri using getNoAppCodebasePrincipal(). We know that we don't have a document available. The big difference between getNoAppCodebasePrincipal() and getSimpleCodebasePrincipal() is that getSimpleCodebasePrincipal() uses UNKNOWN_APP_ID whereas getNoAppCodebasePrincipal() uses NO_APP_ID. We should not make any network requests with an unknown appid, so I think the change we incorporated in that patch makes sense.
Attachment #8554774 -
Attachment is obsolete: true
Attachment #8554774 -
Flags: review?(mak77)
Flags: needinfo?(mozilla)
Attachment #8559521 -
Flags: review?(mak77)
Comment 6•9 years ago
|
||
Comment on attachment 8554775 [details] [diff] [review] js_15_toolkit_components_places_tests.patch Review of attachment 8554775 [details] [diff] [review]: ----------------------------------------------------------------- ::: toolkit/components/places/tests/favicons/test_moz-anno_favicon_mime_type.js @@ +95,5 @@ > + null, // aLoadingNode > + Services.scriptSecurityManager.getSystemPrincipal(), > + null, // aTriggeringPrincipal > + Ci.nsILoadInfo.SEC_NORMAL, > + Ci.nsIContentPolicy.TYPE_OTHER); why not TYPE_IMAGE?
Attachment #8554775 -
Flags: review?(mak77) → review+
Updated•9 years ago
|
Attachment #8559521 -
Flags: review?(mak77) → review+
Assignee | ||
Comment 7•9 years ago
|
||
(In reply to Marco Bonardo [::mak] (needinfo? me) from comment #6) > Comment on attachment 8554775 [details] [diff] [review] > js_15_toolkit_components_places_tests.patch > > + Ci.nsIContentPolicy.TYPE_OTHER); > > why not TYPE_IMAGE? TYPE_IMAGE it is obviously - thanks!
Attachment #8554775 -
Attachment is obsolete: true
Attachment #8560566 -
Flags: review+
Assignee | ||
Comment 8•9 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/ea852054980a https://hg.mozilla.org/integration/mozilla-inbound/rev/a62c7b38ad6b
Target Milestone: --- → mozilla38
Comment 9•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/ea852054980a https://hg.mozilla.org/mozilla-central/rev/a62c7b38ad6b
You need to log in
before you can comment on or make changes to this bug.
Description
•