Closed
Bug 1472228
Opened 6 years ago
Closed 6 years ago
Allow user content to access HybridContentTelemetry event data
Categories
(Toolkit :: Telemetry, enhancement, P1)
Toolkit
Telemetry
Tracking
()
RESOLVED
FIXED
mozilla63
Tracking | Status | |
---|---|---|
firefox63 | --- | fixed |
People
(Reporter: janerik, Assigned: janerik)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
After testing with a local https server (and a permanent exception for the self-signed certificate) as well as tests with a server with a valid certificate revealed this error in the console: Security wrapper denied access to property "toJSON" on privileged Javascript object. Support for exposing privileged objects to untrusted content via __exposedProps__ has been removed - use WebIDL bindings or Components.utils.cloneInto instead. Note that only the first denied property access from a given global object will be reported. This is also reported in bug 1467871. Following the advice we need to copy the event data into a new object, accessible by the content page.
Assignee | ||
Updated•6 years ago
|
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → jrediger
Priority: -- → P1
Assignee | ||
Comment 1•6 years ago
|
||
Previously accessing the "canUpload" attribute in user code was not possible, as it was blocked due to security constraints. By explicitely copying it, the object is accessible in user code and HybridContentTelemetry correctly reads the attribute. Unfortunately the tests in tests/browser/browser_HybridContentTelemetry.js don't have this issue, as apparently their content process runs with higher privileges. This change was tested locally to work as expected. MozReview-Commit-ID: HbNH4wEyOA
Comment 2•6 years ago
|
||
Comment on attachment 8988762 [details] Bug 1472228 - Copy event data to be accessible by user content. Alessio Placitelli [:Dexter] has approved the revision. https://phabricator.services.mozilla.com/D1879
Attachment #8988762 -
Flags: review+
Pushed by jrediger@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/d73fc7a2cf1d Copy event data to be accessible by user content. r=Dexter
Comment 4•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/d73fc7a2cf1d
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox63:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
You need to log in
before you can comment on or make changes to this bug.
Description
•