Nice find, Wladimir. The referrer check being disabled by CSP is a good catch. I don't know of a reason to keep this page around. With add-on signing the functionality we wanted here is pretty much no longer needed. Can anyone think of a reason to keep this around?
(In reply to Wil Clouser [:clouserw] from comment #1) > The referrer check being disabled by CSP is a good catch. It's not like the referrer check makes it any safer - misusing outgoing.mozilla.org as intermediate step is fairly trivial.
The above means: CSP actually makes this better. Without CSP the inline script would run and it could start an installation automatically if the referrer has been manipulated (outgoing.mozilla.org requires URLs to be signed but getting the signature for any URL is trivial and it will never expire). The install service is really a security hazard and I'd love to see it removed.
Moving security bugs to the security component so we can move Administration to the graveyard and we stop getting lots of bug reports that should go on GitHub.
Component: Administration → Add-on Security
This appears to have been resolved? Side-note: I came across bug 718448 where I already mentioned abuse potential of the install service, four years ago.
Sorry, yes, this was merged.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
Given that there is no install.php in production any more, this can be public IMHO.
You need to log in before you can comment on or make changes to this bug.