Closed Bug 1544610 Opened 2 years ago Closed 2 years ago

Have cert error captive portal message exchanges happen over RPM

Categories

(Firefox :: Security, enhancement)

Product:
Firefox
Component:
Security
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Firefox 68
Tracking Flags:
Tracking Status
firefox68 --- fixed

People

(Reporter: prathiksha, Assigned: prathiksha)

References

(Blocks 1 open bug)

Details

Attachments

(2 files, 1 obsolete file)

Bug 1544610 - Part 1 - Have certerror captive portal message exchanges happen over RPM. r?johannh
47 bytes, text/x-phabricator-request
Details | Review
patch.txt
2.78 KB, text/plain
Details

We currently addMessageListeners in browser.js[0] to handle cert error events coming from the child/content process. This bug aims to replace this way of handling events by using the remote page manager to sandbox about:certerror events and improve code maintainability.

[0] https://searchfox.org/mozilla-central/rev/1b2636e8517aa48422ed516affe4d28cb7fa220a/browser/base/content/browser.js#3028-3037

Type: defect → enhancement

Have certerror captive portal message exchanges happen over RPM.

Attached file patch.txt

A patch for exposing nsITransportSecurityInfo to unprivileged content.

Flags: needinfo?(jhofmann)
Flags: needinfo?(amarchesini)

The error Prathiksha saw was "Permission denied for <about:certerror> to create wrapper for object of class UnnamedClass".

It seems that it's not possible to use xpcom interfaces for non-chrome code in WebIDL. I think that, the best solution is to expose a webidl dictionary with the data you care, taken from nsIransportSecurityInfo.

Flags: needinfo?(amarchesini)

Just to give an example about how to use a WebIDL dictionary and expose it to content

Here we have the definition of AutocompleteInfo:
https://searchfox.org/mozilla-central/rev/b4e790d05f5a146d186c238bac5601a553581d23/dom/webidl/AutocompleteInfo.webidl

Which is exposed here:
https://searchfox.org/mozilla-central/rev/b4e790d05f5a146d186c238bac5601a553581d23/dom/webidl/HTMLSelectElement.webidl#72

and it's set here:
https://searchfox.org/mozilla-central/rev/b4e790d05f5a146d186c238bac5601a553581d23/dom/base/nsContentUtils.cpp#919-922

But there are many other examples. Important note: a dictionary cannot be exposed as attribute. Just make it as a return type of a method.

Thanks Baku :)

Flags: needinfo?(jhofmann)
Attachment #9061441 - Attachment is obsolete: true
Pushed by prathikshaprasadsuman@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/df46098ba4b5
Part 1 - Have certerror captive portal message exchanges happen over RPM. r=johannh

Changing this bug description to track captive portal message exchanges between content and parent processes over RPM. I will be filing more bugs to track replacing other certerror/neterror message exchanges (see comment 0 [0]) with RPM.

Summary: Have about:certerror use remote page manager for message passing → Have cert error captive portal message exchanges happen over RPM

https://hg.mozilla.org/mozilla-central/rev/df46098ba4b5

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
status-firefox68: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 68
You need to log in before you can comment on or make changes to this bug.