Closed
Bug 135211
Opened 22 years ago
Closed 22 years ago
Embedding testbeds don't package psm dialogs (xul)
Categories
(Core Graveyard :: Embedding: APIs, defect)
Core Graveyard
Embedding: APIs
Tracking
(Not tracked)
VERIFIED
FIXED
mozilla1.0
People
(Reporter: mikepinkerton, Assigned: mikepinkerton)
References
()
Details
(Keywords: topembed+)
Attachments
(1 file, 1 obsolete file)
6.15 KB,
patch
|
ccarlen
:
review+
alecf
:
superreview+
jesup
:
approval+
|
Details | Diff | Splinter Review |
none of our embedding testbeds copy the psm xul dialogs into embed.jar when psm is turned on so we end up getting errors and empty windows because PSM can't throw certain xul dialogs. at bare minimum, we need a separate jar manifest, akin to xulprefs.mn, that can be run from the packaging phase and bundled into embed.jar if psm is enabled. We may also want to provide a c++ implementation of certain PSM dialogs as an example.
Comment 1•22 years ago
|
||
Can i get a URL/testcase which displays an empty PSM XUL dialog? This will allow me to start figuring out the minimum set we need in an embedding scenario...thanks
Assignee | ||
Comment 2•22 years ago
|
||
i use amazon.com as a good testbed for https. sign in to view your past orders. any banking site would probably work too.
Assignee | ||
Comment 3•22 years ago
|
||
this blocks some of our important embedding clients. adding some keyword luvin.
Keywords: mozilla1.0,
topembed
Comment 4•22 years ago
|
||
We're now packaging some additional xul files etc. into embed.jar as part of fixing a separate bug(sorry, cannot remember the bug#) - the fix got checked in on Friday. With that fix to embed.jar i'm now able to successfully login to amazon.com, add items to shopping the cart, edit items in the shopping cart and proceed to the the checkout page without any issues. I do not see any empty dialogs - all the security dialogs i see now have content in them. Please apply the latest patch and see if that fixes your issue. If it does not, please provide me with the steps needed to reproduce the issue.
Assignee | ||
Comment 5•22 years ago
|
||
are these new files included from a separate jar manifest? they probably should be in case an embedding app wants to override all security dialogs.
Comment 6•22 years ago
|
||
Currenly the only manifest we look at is the embed-jar.mn file. I'm not sure having an extra/separate manifest for security dlgs will matter even if one chooses to override all the security dialogs - MfcEmbed currently overrides all the security/wallet dialogs with the current packaging scheme. Cc:ing Adam.
Comment 7•22 years ago
|
||
> Currenly the only manifest we look at is the embed-jar.mn file.
We also have xulprefs.mn. An embedding app can turn this on in the build if it
wants to use xul prefs UI. If it doesn't, it can be left out. I think the same
should go for the security UI and other things in embed.jar. If xul UI isn't
used, the size of the jar should be able to be smaller.
Comment 8•22 years ago
|
||
Ok, i just noticed the xulprefs.mn file... Even if one were to turn on the xulprefs.mn option when building, how does the code which explicitly overrides the security dialogs etc. know about this option - so it will not set itself up as the dialog provider but let the default XUL dialogs pop up?
Comment 9•22 years ago
|
||
It's not automatic. If somebody implemented native UI for some piece of UI in their embedding app, they would turn off inclusion of that XUL in their build. This is OK if whether to use XUL or native for some UI is determined at build time rather than runtime. Also, as long as there aren't multiple embedding apps per build which want different amounts of chrome in the jar.
Comment 10•22 years ago
|
||
We ship pippki.jar in the embedding dist. Isn't that where these dialogs should be found?
Assignee | ||
Comment 11•22 years ago
|
||
just shipping the jar doesn't help unless there is a mention in installed-chrome.txt of the hierarchies in those jar files. last i tried this on win32 (my gmake build is now on the floor), only embed.jar was there and the installed-chrome.txt file didn't mention anything but. though i could be mistaken.
Comment 12•22 years ago
|
||
Verifying, the installed-chrome.txt looks broken. All the psm references should be pointing to the appropriate jar files but some (e.g. the locale settings) appear to be pointing at embed.jar at the moment.
Comment 13•22 years ago
|
||
Correction, embed.jar does contain some psm locale files. Investigating further. Mike can you say which dialog you're not seeing? On a win32/gmake build, if I go to https://www.fortify.net/ I do see a XUL security dialog though there is some strange behaviour in the PSM code for sure.
Assignee | ||
Comment 14•22 years ago
|
||
using mfcembed, built with psm, if i try to look at my recent orders on amazon.com, i get an error dialog saying: "The file D:/builds/mozilla/dist/Embed/chrome/packages/core/newserver.xul cannot be found. Please check the location and try again" and then it opens a blank window and doesn't load the webpage.
Comment 15•22 years ago
|
||
newserver.xul is in pippki.jar. I will see if I can spot an obvious reason for the error
Assignee | ||
Comment 16•22 years ago
|
||
pippki.jar isn't mentioned in installed-chrome.txt. that's probably a good place to start.
Comment 17•22 years ago
|
||
WFM on trunk. I logged into Amazon and was able to view my account activity with no trouble. I can also load chrome://pippki/content/newserver.xul directly. mozilla/embedding/config/installed-chrome.txt does contain references to pippki and pipnss and this should be copied into dist/Embed/chrome. Mike, can you diff your version of this file? It should contain references to pippki & pipnss. Also, delete and rebuild Embed from scratch to clear out old rdf files which might be lousing things up.
Assignee | ||
Comment 18•22 years ago
|
||
you're right on the installed-chrome front. my eyes must be failing me. it still doesn't work for me, however. trunk build, debug. i can try updating to the tip, though i'm not that far off it.
Assignee | ||
Comment 19•22 years ago
|
||
well, for starters, we should not be using the canned installed-chrome.txt in embedding/config. Already this prohibits win and unix from taking advantage of the extra xulprefs.mn manifest. we don't want to be hardcoding the components that go into the jars. we want to build them up from the flags and components the user has selected. As we add more options to embedding builds, we don't wnat to pile all of these things into a canned install file. i think the right solution is to break out the security dialogs into a separate jar manifest and package that into embed.jar like we do with xulprefs. let the generated installed-chrome.txt be the real mccoy.
Comment 20•22 years ago
|
||
I will not be able to work on this bug anytime soon...my main priority right now is to work on some key embedding customer issues which are taking up a lot of my time. So, if this is really important for Mac embedding then someone else should own it...thanks
Comment 21•22 years ago
|
||
This is not a Mac-specific problem. While I need to pull a current build of MFCEmbed, I've seen the errors Mike reported on Windows. I think these two bugs are related: mfcEmbed can't access SSL sites. http://bugzilla.mozilla.org/show_bug.cgi?id=127417 and MFCEmbed can't handle "mismatched" certificates http://bugzilla.mozilla.org/show_bug.cgi?id=127417 I think all are caused by PSM implementation problems.
Comment 22•22 years ago
|
||
amutch : I think these two issues are slightly different. In the test case you talk about in http://bugzilla.mozilla.org/show_bug.cgi?id=127417 the XUL dialogs do show up (actually more than just the one we should be seeing :-)) However, when you choose OK it does not take you to the secure site like it should be. The security folks who've commented in the bug think that it might be a WindowWatcher bug which is not prperly sending the return code back and hence failing to load the URL properly.
Comment 23•22 years ago
|
||
Chak, It would probably help if I include separate bug URLs instead of using the same one for different bugs. :) Here's the bug we're both talking about: MFCEmbed can't handle "mismatched" certificates http://bugzilla.mozilla.org/show_bug.cgi?id=113007 As far as this bug goes, I'm assuming Mike's bug report can be fixed with repackaging but it fails to fix the underlying cause. All 3 are displaying the same behavior and the only "fix" for Mike will be that he gets pretty boxes that don't let him into the site as opposed to empty boxes. The real question is: who's taken the lead for fixing the PSM problem?
Updated•22 years ago
|
Comment 24•22 years ago
|
||
Ok, this bug's completely morphed since it's original posting. Here's where we stand: We have two issues: 1. Mike's having problems viewing PSM dialogs i.e. they do not show up for him - while Adam, amutch, QA and myself have no issues with the dialogs showing up. I'm not sure what's going on here. 2. For those of us who're able to view the PSM dialogs there are still some issues of not being able to successfully navigate to a https site as amutch describes in http://bugzilla.mozilla.org/show_bug.cgi?id=113007 and in http://bugzilla.mozilla.org/show_bug.cgi?id=127417 [I'll start looking at these issue when i can squeeze some time in the next few days.] So, basically this bug boils down to implementing what Mike's talking about in http://bugzilla.mozilla.org/show_bug.cgi?id=135211#c19 If we want to go ahead with this new packaging approach someone else who's more knowledgable in this area should own this. Mike/Adam?
Assignee | ||
Comment 25•22 years ago
|
||
guess i'll take this.
Assignee: chak → pinkerton
Target Milestone: --- → mozilla1.0
Assignee | ||
Comment 26•22 years ago
|
||
- adds a new jar manifest for xul security dialogs - fixes a bug in the packaging where the chrome dir could end up a single file (which conrad was seeing but couldn't explain) needs r/sr
Comment 27•22 years ago
|
||
Comment on attachment 79432 [details] [diff] [review] build changes for xul security r=ccarlen
Attachment #79432 -
Flags: review+
Comment 28•22 years ago
|
||
It might be safer in the long term to package by directory than listing each file individually. This will save us the trouble of fixing this manifest everytime the security people see fit to rename/add/remove chrome.
Assignee | ||
Comment 29•22 years ago
|
||
duh, of course. i forgot you could do that ;) new patch upcoming after lunch!
Assignee | ||
Comment 30•22 years ago
|
||
as adam suggested, this patch replaces xulsecurity.mn with a much reduced version that just pulls the whole directories in, rather than listing individual files. much more future-proof. a good suggestion, thanks! needing r/sr on this new patch
Attachment #79432 -
Attachment is obsolete: true
Comment 31•22 years ago
|
||
Comment on attachment 79468 [details] [diff] [review] pull in security via directory, not individual files That sure will be easier to maintain. r=ccarlenn
Attachment #79468 -
Flags: review+
Comment 32•22 years ago
|
||
Comment on attachment 79468 [details] [diff] [review] pull in security via directory, not individual files sr=alecf
Attachment #79468 -
Flags: superreview+
Assignee | ||
Comment 33•22 years ago
|
||
landed on trunk. asking mom for branch permission. Since we're not smoketesting embed on the trunk, please don't say "let's let this bake a while on the trunk first".
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Comment 34•22 years ago
|
||
marking adt1.0.0. As pinkerton said, there is no point in baking this on the trunk, let's just plus it.
Keywords: adt1.0.0
Comment 35•22 years ago
|
||
Adding adt1.0.0+. Please check into branch asap and add fixed1.0.0 keyword.
Comment 36•22 years ago
|
||
Comment on attachment 79468 [details] [diff] [review] pull in security via directory, not individual files a=rjesup@wgate.com for checkin to branch
Attachment #79468 -
Flags: approval+
Assignee | ||
Updated•22 years ago
|
Keywords: adt1.0.0+ → fixed1.0.0
Updated•5 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•