Open Bug 1558075 Opened 5 years ago Updated 2 years ago

Add unit tests for visibility of inline options with "internal:privateBrowsingAllowed" permission and incognito:not_allowed

Categories

(Toolkit :: Add-ons Manager, task, P3)

Product:
Toolkit
Component:
Add-ons Manager
Type:
task

Tracking

()

People

(Reporter: robwu, Assigned: robwu)

References

Details

When an add-on has the "internal:privateBrowsingAllowed" permission, and is then updated to have incognito: "not_allowed" in its manifest.json, then the permission is still there, and not correctly enforced, at least at the XUL about:addons. I fixed this in HTML about:addons as a part of a different bug, but there are no unit tests for this specific scenario.

STR:

  1. Create an the following manifest.json file:
{
  "name": "xxx",
  "incognito": "spanning",
  "options_ui": {"page": "manifest.json"},
  "version": "1",
  "manifest_version": 2
}
  1. Visit about:debugging and load the extension (i.e. select the above manifest.json).
  2. Visit about:addons and set "Run In Private Windows" to "Allow".
  3. Open a private browsing window, and open about:addons, and view the details of the add-on that you loaded.
  4. Edit manifest.json, and change "incognito": "spanning" to "incognito": "not_allowed".
  5. Reload the add-on.
  6. Look at about:addons of the private browsing window.
  7. Reload once to rule out other bugs (such as bug 1557175).
  8. Repeat step 7.

Expected:

  • At step 5, the inline "Preferences" should be shown.
  • At step 7, the inline "Preferences" should be hidden.
  • At step 9, the inline "Preferences" should be hidden.

Actual:

  • Step 5 is as expected.
  • At step 7, the inline "Preferences" is visible.
  • At step 9, the inline "Preferences" is still visible.

I've fixed the issue of step 8 in HTML about:addons (in https://phabricator.services.mozilla.com/D34277), but a test is missing.
We should:

  1. Add unit tests for this behavior (i.e. load add-on, allow privateBrowsing, then load with incognito:not_allowed)
  2. Check if there are other places in our code where there the "internal:privateBrowsingAllowed" permission is not correctly enforced.
Priority: -- → P3
See Also: → 1566585
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.