Allow WebExtensions to construct a Cu.Sandbox

NEW
Unassigned
(NeedInfo from)

Status

()

Toolkit
WebExtensions: General
21 days ago
8 days ago

People

(Reporter: robwu, Unassigned, NeedInfo)

Tracking

(Blocks: 1 bug)

52 Branch
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

21 days ago
User script managers need to run untrusted code in an isolated context, which
1) protects the script from tampering by the page and
2) protects other scripts from malicious scripts.

I looked at Tampermonkey for Chrome (also a user script manager), and it runs all user scripts in the context of the page, while exposing semi-privileged methods such as GM_xmlhttpRequest to the script. Creating such a sandbox takes lots of efforts (not just development time, but also runtime) and is not guaranteed to be secure.

Since we have Cu.Sandbox in Firefox [1], we should expose this to WebExtensions to allow them to run untrusted scripts.

[1] https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Language_Bindings/Components.utils.Sandbox

Comment 1

8 days ago
adding details for wont fix
Flags: needinfo?(kmaglione+bmo)
You need to log in before you can comment on or make changes to this bug.