Open
Bug 1456531
Opened 7 years ago
Updated 4 years ago
cloneScope.Promise is unreliable in content scripts
Categories
(WebExtensions :: General, task, P3)
Tracking
(Not tracked)
NEW
People
(Reporter: robwu, Unassigned)
References
(Depends on 1 open bug)
Details
cloneScope.Promise is used with the assumption that it's always a Promise.
Extensions can overwrite Promise and break the internal implementation (e.g. as reported at https://github.com/mozilla/webextension-polyfill/issues/105#issuecomment-383880324 ).
STR: Test case to run in a CONTENT SCRIPT
Promise = null;
browser.runtime.sendMessage('msg', function() {});
// Result: "this.cloneScope.Promise is not a constructor" error in ExtensionCommon.jsm
// in https://searchfox.org/mozilla-central/rev/8f06c1b9a080b84435a2906e420fe102e1ed780b/toolkit/components/extensions/ExtensionCommon.jsm#450
cloneScope.Promise is also used at https://searchfox.org/mozilla-central/rev/8f06c1b9a080b84435a2906e420fe102e1ed780b/toolkit/components/extensions/ExtensionChild.jsm#461
(perhaps this can be replaced with a thenable check?)
Similarly for the storage API, run from a CONTENT SCRIPT:
Object = null
browser.storage.local.get(null);
// TypeError: context.cloneScope.Object is not a constructor
// in https://searchfox.org/mozilla-central/rev/8f06c1b9a080b84435a2906e420fe102e1ed780b/toolkit/components/extensions/child/ext-storage.js#54
... and potentially other APIs that access properties of cloneScope: https://searchfox.org/mozilla-central/search?q=cloneScope.&case=false®exp=false&path=
|
||
Comment 1•7 years ago
|
||
We briefly discussed about this during the triage meeting, and one strategy that we have been discussing was to retrieve from the content scripts sandbox the globals that we are going to use internally (like Promise and Object mentioned above) before that the extension code is actually executed in that sandbox.
I'm marking it as a P2 as we agreed.
Priority: -- → P2
|
||
Updated•7 years ago
|
Product: Toolkit → WebExtensions
|
Reporter | |
Comment 2•6 years ago
|
||
Some of the issues here have been fixed by the first patch of bug 1437864 - https://hg.mozilla.org/mozilla-central/rev/7488bfbbaf8d
Depends on: 1437864
|
||
Comment 3•5 years ago
|
||
Hey Rob, curious about the status on this and the parent. Should we downgrade these bugs to P3 or keep them prioritized?
Flags: needinfo?(rob)
|
|
Reporter | |
Comment 4•5 years ago
|
||
I just checked, and currently every use of cloneScope. is not affected by this bug, because none of the occurrences are available to content scripts.
This is still a hazard that we should fix.
P3 might be fine, but I'd like to briefly discuss this with other team members.
We're now doing weekly P2 triage, oldest to newest, so by posting a comment here the bug will be triaged last ;)
Flags: needinfo?(rob)
|
||
Updated•4 years ago
|
Severity: normal → N/A
Type: defect → task
Priority: P2 → P3
You need to log in
before you can comment on or make changes to this bug.
Description
•