Closed Bug 1377614 Opened 7 years ago Closed 7 years ago

System extensions fail to load in local builds

Categories

(WebExtensions :: Request Handling, enhancement)

Product:
WebExtensions
Component:
Request Handling
Version:
56 Branch
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(firefox56 fixed)

Status:
RESOLVED FIXED
Milestone:
mozilla56
Tracking Flags:
Tracking Status
firefox56 --- fixed

People

(Reporter: haik, Assigned: haik)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

Bug 1377614 - Part 1 - Move IsDevelopmentBuild() to common code.
59 bytes, text/x-review-board-request
Alex_Gaynor
: review+
Details
Bug 1377614 - Part 2 - System extensions fail to load on Mac and Linux local builds.
59 bytes, text/x-review-board-request
jimm
: review+
Details
With the fix for 1334550, system WebExtensions (such as the Screenshot extension) fail to load their moz-extension resources. Verified on Mac and Linux, but Windows is TBD. This is due to symlinks being used in the extension directory. As an example, for the Screenshot extension, the extension directory is $REPO/obj-dbg.noindex/dist/NightlyDebug.app/Contents/Resources/browser/features/screenshots@mozilla.org/webextension which includes icons/icon-starred-32.svg and other icon files which is a symlink to $REPO/browser/extensions/screenshots/webextension/icons/icon-starred-32.svg This is rejected by ExtensionProtocolHandler::NewStream() because it requires that the resource file be within the extension directory to avoid security issues caused by an unpacked extension moz-extension URI leading outside the extension dir. It would be better if system extensions weren't setup using symlinks during the build process, but we can detect this case and workaround it in the browser using ContentChild.cpp:IsDevelopmentBuild() and MOZ_DEVELOPER_REPO_DIR.
Assignee: nobody → haftandilian
Depends on: 1334550
This doesn't affect Windows builds because they don't use symlinks and instead copy files from the repo to the extension directories. For Mac and Linux, I looked into changing just the way extensions are setup to not use symlinks, but didn't see a simple method to do that that wouldn't also affect the full build omni jar. (We do it this way to speed up the build and make the dev/test cycle quicker, but fixing this for extensions shouldn't impose much overhead.) I'll file a follow-up to fix this in the build system. This is similar to the problem we have with automated tests on Mac and Linux that use chrome:// URL's that resolve to files in the object dir that are symlinks to test files in the repo. We workaround this in the sandbox by allowing the content process to access files in the repo when run with certain environment variables/prefs that "mach" sets up. For the fix, I'm going to do something similar for unpacked extension resources. i.e., on dev builds, the resource is allowed if it is in the repo dir. This doesn't weaken the sandbox because the content process is already given read access to the repo dir in dev builds.
Comment on attachment 8883068 [details] Bug 1377614 - Part 1 - Move IsDevelopmentBuild() to common code. https://reviewboard.mozilla.org/r/154026/#review159164
Attachment #8883068 - Flags: review?(agaynor) → review+
Comment on attachment 8883069 [details] Bug 1377614 - Part 2 - System extensions fail to load on Mac and Linux local builds. https://reviewboard.mozilla.org/r/154028/#review159674 ::: netwerk/protocol/res/ExtensionProtocolHandler.cpp:508 (Diff revision 1) > > return NS_OK; > } > > +#if !defined(XP_WIN) > +// The |aRequestedFile| argument must already be Normalize()'d I'd move this comment to the header comment, seems like something callers should know about. ::: netwerk/protocol/res/ExtensionProtocolHandler.cpp:533 (Diff revision 1) > + } > + > + if (mDevRepo) { > + // This is a development build > + bool isFromRepoDir = false; > + NS_TRY(mDevRepo->Contains(aRequestedFile, &isFromRepoDir)); I'd pass aResult to Contains. The compiler is going to optimize isFromRepoDir out anyway so not a big deal, but it'll make your code look cleaner.
Attachment #8883069 - Flags: review?(jmathies) → review+
Comment on attachment 8883069 [details] Bug 1377614 - Part 2 - System extensions fail to load on Mac and Linux local builds. https://reviewboard.mozilla.org/r/154028/#review159674 > I'd move this comment to the header comment, seems like something callers should know about. I added an additional comment in the header file so this should be hard to miss. > I'd pass aResult to Contains. The compiler is going to optimize isFromRepoDir out anyway so not a big deal, but it'll make your code look cleaner. Done.
Pushed by haftandilian@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/9137ed21a66f Part 1 - Move IsDevelopmentBuild() to common code. r=Alex_Gaynor https://hg.mozilla.org/integration/autoland/rev/0de6a6316120 Part 2 - System extensions fail to load on Mac and Linux local builds. r=jimm
The Android and ASAN Linux build failures were hit because use of SandboxSettings.h should be behind an #ifdef MOZ_CONTENT_SANDBOX.
Flags: needinfo?(haftandilian)
Pushed by haftandilian@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/f718dc440c47 Part 1 - Move IsDevelopmentBuild() to common code. r=Alex_Gaynor https://hg.mozilla.org/integration/autoland/rev/ed409a64e47b Part 2 - System extensions fail to load on Mac and Linux local builds. r=jimm
https://hg.mozilla.org/mozilla-central/rev/f718dc440c47 https://hg.mozilla.org/mozilla-central/rev/ed409a64e47b
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox56: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla56
Product: Toolkit → WebExtensions
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: