Closed Bug 1296004 Opened 3 years ago Closed 3 years ago

Disable bug 1186948 (via pref)

Categories

(Core :: Plug-ins, defect, P1)

defect

Tracking

()

RESOLVED FIXED
mozilla51
Tracking Status
firefox49 --- unaffected
firefox50 blocking fixed
firefox51 blocking fixed

People

(Reporter: benjamin, Assigned: benjamin)

References

Details

Attachments

(1 file)

Bug 1186948 is not ready to ship: we're seeing both false-negatives, bug 1294341, as well as false positives, bug 1295984, and I believe the risk of shipping this is high because it could make it difficult for us to release vulnerable plugin blocks.

We're going to keep evaluating and experimenting, but turn this off by default for now.
Assignee: nobody → benjamin
https://hg.mozilla.org/mozilla-central/rev/ee6036f333ed
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla51
I believe we want to uplift this, no? Bug 1186948 landed in 50 and rode the trains up.
Flags: needinfo?(benjamin)
Bug 1186948 also causes the Plugin Check page to fail detecting Flash when set to click-to-play. I assume this is expected but shouldn’t it be considered a security risk?
Target Milestone: mozilla51 → ---
Oops sorry (cached page).
Target Milestone: --- → mozilla51
Comment on attachment 8782107 [details]
Bug 1296004 - Disable bug 1186948 via a new pref,

Approval Request Comment
[Feature/regressing bug #]: bug 1186948
[User impact if declined]: Inability to confidently deploy plugin blocklist; potentially worse experience for users who have Flash marked ask-to-activate.
[Describe test coverage new/current, TreeHerder]: Landed to m-c, manual testing that we have properly reverted to the old behavior
[Risks and why]: Reversion to previous behavior by adding a pref, not reverting the code altogether. Fairly low risk, but not as low as a straight-up backout.
[String/UUID change made/needed]: None
Flags: needinfo?(benjamin)
Attachment #8782107 - Flags: approval-mozilla-aurora?
Comment on attachment 8782107 [details]
Bug 1296004 - Disable bug 1186948 via a new pref,

Makes sense, Aurora50+
Attachment #8782107 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Hello Wes, just fyi, this was approved 2 days back and hasn't bee uplift to Aurora yet. Thanks!
Flags: needinfo?(wkocher)
Flags: needinfo?(wkocher)
Quick note from docs team: this wasn’t marked dev-doc-needed but I found it anyway, which is good. :)

Please remember to add dev-doc-needed to the bug that enables this by default. Thanks!
You need to log in before you can comment on or make changes to this bug.