Closed
Bug 1519302
Opened 5 years ago
Closed 5 years ago
[BinAST] Add a pref to restrict BinAST file support to specific host
Categories
(Core :: JavaScript Engine, enhancement)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
mozilla66
Tracking | Status | |
---|---|---|
firefox66 | --- | fixed |
People
(Reporter: arai, Assigned: arai)
References
Details
Attachments
(1 file)
for early test, having a pref to restrict BinAST support to specific domain should reduce the attack surface.
Assignee | ||
Comment 1•5 years ago
|
||
To reduce the attack surface in early test for BinAST, add a preference to restrict the hosts that Firefox accepts BinAST file from. The preference is turned on by default (BinAST itself is turned off by default for now), and the list contains hosts which is going to be used in early test. For hosts not listed in the list, Firefox doesn't send BinAST MIME-Type in Accept field, and doesn't handle BinAST file in case the server returns BinAST file.
Assignee | ||
Comment 2•5 years ago
|
||
I updated the hosts list in all.js, can you review that part?
(I'm not sure how I can ask review again there)
Flags: needinfo?(amarchesini)
Updated•5 years ago
|
Flags: needinfo?(amarchesini)
Comment 3•5 years ago
|
||
Done. See my comments in phabricator.
Pushed by arai_a@mac.com: https://hg.mozilla.org/integration/autoland/rev/8c88a33dc39f Add pref to restrict BinAST feature to specific hosts. r=baku
Comment 5•5 years ago
|
||
Backed out for failing _mozilla/binast/domain-restrict-excluded.https.html
Failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=222238383&repo=autoland&lineNumber=7975
Backout: https://hg.mozilla.org/integration/autoland/rev/7c002ce6b6cc022166693ea200de66dc2ca7b811
Flags: needinfo?(arai.unmht)
Assignee | ||
Comment 6•5 years ago
|
||
forgot that tests that don't execute BinAST files pass even we don't enable it.
will fix shortly.
Flags: needinfo?(arai.unmht)
Pushed by arai_a@mac.com: https://hg.mozilla.org/integration/autoland/rev/671054606438 Add pref to restrict BinAST feature to specific hosts. r=baku
Comment 8•5 years ago
|
||
bugherder |
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla66
Comment hidden (Intermittent Failures Robot) |
You need to log in
before you can comment on or make changes to this bug.
Description
•