Closed Bug 1553276 Opened 1 year ago Closed 1 year ago

Xrays should call legacycallers without entering the content compartment

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla69
Tracking Flags:
Tracking Status
firefox69 --- fixed

People

(Reporter: bzbarsky, Assigned: bzbarsky)

Details

Attachments

(1 file)

Bug 1553276. Don't enter the content compartment when calling a Web IDL legacycaller over Xrays. r=bholley
47 bytes, text/x-phabricator-request
Details | Review

We no longer have legacycallers on plug-ins, and the other consumers actually want Xray behavior here.

Pushed by bzbarsky@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/4b59d75bb1ff
Don't enter the content compartment when calling a Web IDL legacycaller over Xrays.  r=bholley

https://hg.mozilla.org/mozilla-central/rev/4b59d75bb1ff

Status: NEW → RESOLVED
Closed: 1 year ago
status-firefox69: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla69
Blocks: 1551282

Comment on attachment 9066515 [details]
Bug 1553276. Don't enter the content compartment when calling a Web IDL legacycaller over Xrays. r=bholley

Beta/Release Uplift Approval Request

  • User impact if declined: Can't land bug 1551282 without test failures; see uplift requests there.
  • Is this code covered by automated tests?: Yes
  • Has the fix been verified in Nightly?: No
  • Needs manual test from QE?: No
  • If yes, steps to reproduce:
  • List of other uplifts needed: None
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): This only affects calls via Xrays, and only to three things:
  1. MozQueryInterface. This is used for generateQI implenentations in chrome; I would be extremely surprised if it's ever called over Xrays.
  2. HTMLAllCollection. Arguably this actually fixes a bug, where if you do document.all({ toString: () => "0" }) right now in chrome or extension code it throws; with this fix it will work correctly. There should be no ill effects here.
  3. The new register/sign things I am adding in bug 1551282. This change is needed to make them work when called from chrome; we have tests doing that.

The other option is to disable the relevant u2f tests that are doing register/sign from chrome code and just land bug 1551282 without landing this fix. That does mean that web extensions would also not be able to call the methods, which may well be higher risk than this patch.

  • String changes made/needed:
Attachment #9066515 - Flags: approval-mozilla-release?
Attachment #9066515 - Flags: approval-mozilla-beta?

Comment on attachment 9066515 [details]
Bug 1553276. Don't enter the content compartment when calling a Web IDL legacycaller over Xrays. r=bholley

Looks like we won't need this for bug 1551282.

Attachment #9066515 - Flags: approval-mozilla-release?
Attachment #9066515 - Flags: approval-mozilla-beta?
No longer blocks: 1551282

Hello, adding qe- per comment 4.

Flags: qe-verify-
You need to log in before you can comment on or make changes to this bug.