Closed Bug 1312154 Opened 8 years ago Closed 8 years ago

Stop using nsIDialogParamBlock in downloadcert.(js|xul)

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla52

Tracking Flags:

Tracking

Status

firefox52

---

fixed

People

(Reporter: Cykesiopka, Assigned: Cykesiopka)

Details

(Whiteboard: [psm-assigned])

Attachments

(1 file)

Bug 1312154 – Stop using nsIDialogParamBlock in downloadcert.(js\|xul). 8 years ago :Cykesiopka 58 bytes, text/x-review-board-request	keeler : review+	Details

:Cykesiopka

Assignee

Description

•

8 years ago

nsIDialogParamBlock isn't a great API, and is best avoided.

Comment hidden (mozreview-request)

nsIDialogParamBlock isn't a great API, and is best avoided.

This patch also updates downloadcert.js to match modern PSM style, and adds a
test.

Review commit: https://reviewboard.mozilla.org/r/88994/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/88994/

Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)

Comment 2

•

8 years ago

mozreview-review

Comment on attachment 8805218 [details]
Bug 1312154 – Stop using nsIDialogParamBlock in downloadcert.(js|xul).

https://reviewboard.mozilla.org/r/88994/#review88664

Great - r=me. I don't know if I mentioned this before, but I think this feature is a bit suspect (that is, that any website can serve up a certificate with the right mime type and the browser will say, "hey, did you want to add a new trust anchor?"). I tried to remove it in bug 1024871, but I haven't yet succeeded (one issue is that otherwise there's no way to import a new root certificate on Android (maybe this could be addressed by implementing a "enterprise roots"-like feature on Android)). That all said, it's good to have a test, and the cleanup looks good.

Attachment #8805218 - Flags: review?(dkeeler) → review+

:Cykesiopka

Assignee

Comment 3

•

8 years ago

Thanks!

(In reply to David Keeler [:keeler] (use needinfo?) from comment #2)
> I think this feature is a bit suspect
I agree, FWIW.

> one issue is that otherwise there's no way to import a new root certificate on Android
This UI is also used when importing CA certs in the cert manager on Desktop platforms.

https://treeherder.mozilla.org/#/jobs?repo=try&revision=dc8c9fda24d7337bdb01f18413d3d946f890bf4c

Keywords: checkin-needed

Pulsebot

Comment 4

•

8 years ago

Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/52df9f0848ce
– Stop using nsIDialogParamBlock in downloadcert.(js|xul). r=keeler

Keywords: checkin-needed

Phil Ringnalda (:philor)

Comment 5

•

8 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/52df9f0848ce

Status: ASSIGNED → RESOLVED

Closed: 8 years ago

status-firefox52: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla52

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Stop using nsIDialogParamBlock in downloadcert.(js|xul)

Categories

(Core :: Security: PSM, defect, P1)

Tracking

()

People

(Reporter: Cykesiopka, Assigned: Cykesiopka)

References

Details

(Whiteboard: [psm-assigned])

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Comment 3

Comment 4

Comment 5

Attachment

General

Description

File Name

Content Type