Closed Bug 1519302 Opened 5 years ago Closed 5 years ago

[BinAST] Add a pref to restrict BinAST file support to specific host

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla66

Tracking Flags:

Tracking

Status

firefox66

---

fixed

People

(Reporter: arai, Assigned: arai)

References

Details

Attachments

(1 file)

Bug 1519302 - Add pref to restrict BinAST feature to specific hosts. r?baku 5 years ago Tooru Fujisawa [:arai] 47 bytes, text/x-phabricator-request		Details \| Review

Tooru Fujisawa [:arai]

Assignee

Description

•

5 years ago

for early test, having a pref to restrict BinAST support to specific domain should reduce the attack surface.

Tooru Fujisawa [:arai]

Assignee

Comment 1

•

5 years ago

Attached file Bug 1519302 - Add pref to restrict BinAST feature to specific hosts. r?baku — Details

To reduce the attack surface in early test for BinAST, add a preference to
restrict the hosts that Firefox accepts BinAST file from.
The preference is turned on by default (BinAST itself is turned off by
default for now), and the list contains hosts which is going to be used in
early test.
For hosts not listed in the list, Firefox doesn't send BinAST MIME-Type in
Accept field, and doesn't handle BinAST file in case the server returns
BinAST file.

Tooru Fujisawa [:arai]

Assignee

Comment 2

•

5 years ago

I updated the hosts list in all.js, can you review that part?
(I'm not sure how I can ask review again there)

Flags: needinfo?(amarchesini)

Andrea Marchesini [:baku]

Updated

•

5 years ago

Flags: needinfo?(amarchesini)

Andrea Marchesini [:baku]

Comment 3

•

5 years ago

Done. See my comments in phabricator.

Pulsebot

Comment 4

•

5 years ago

Pushed by arai_a@mac.com:
https://hg.mozilla.org/integration/autoland/rev/8c88a33dc39f
Add pref to restrict BinAST feature to specific hosts. r=baku

Treeherder Bug Filer

Updated

•

5 years ago

Comment 5

•

5 years ago

Backed out for failing _mozilla/binast/domain-restrict-excluded.https.html

Push with failures https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&classifiedState=unclassified&selectedJob=222238383&revision=d50d152c74c71a2581ecfb373f9efb8255aef4a2

Failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=222238383&repo=autoland&lineNumber=7975

Backout: https://hg.mozilla.org/integration/autoland/rev/7c002ce6b6cc022166693ea200de66dc2ca7b811

Flags: needinfo?(arai.unmht)

Tooru Fujisawa [:arai]

Assignee

Comment 6

•

5 years ago

forgot that tests that don't execute BinAST files pass even we don't enable it.
will fix shortly.

Flags: needinfo?(arai.unmht)

Pulsebot

Comment 7

•

5 years ago

Pushed by arai_a@mac.com:
https://hg.mozilla.org/integration/autoland/rev/671054606438
Add pref to restrict BinAST feature to specific hosts. r=baku

Stefan Hindli [:stefan_hindli]

Comment 8

•

5 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/671054606438

Status: ASSIGNED → RESOLVED

Closed: 5 years ago

status-firefox66: affected → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla66

Comment hidden (Intermittent Failures Robot)

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

[BinAST] Add a pref to restrict BinAST file support to specific host

Categories

(Core :: JavaScript Engine, enhancement)

Tracking

()

People

(Reporter: arai, Assigned: arai)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Updated

Comment 3

Comment 4

Updated

Comment 5

Comment 6

Comment 7

Comment 8

Comment 9

Attachment

General

Description

File Name

Content Type