Closed Bug 1573622 Opened 5 years ago Closed 5 years ago

Update eval() assertions to account for userChrome.css

Categories

(Core :: DOM: Security, enhancement, P2)

Product:
Core
Component:
DOM: Security
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla70
Tracking Flags:
Tracking Status
firefox70 --- fixed

People

(Reporter: tjr, Assigned: tjr)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

Bug 1573622 - Do not enforce eval() assertions if userchrome.css is enabled r?ckerschb
47 bytes, text/x-phabricator-request
Details | Review

Over at https://github.com/nuchi/firefox-quantum-userchromejs someone has demonstrated a way to (ab)use userchrome.css to get javascript to run. It's conceptually the same thing as userChrome.js

I think this is the source of our Nightly telemetry showing eval() usage, so I'm going to land this and hope we don't get more telemetry reports.

Status: NEW → ASSIGNED
Type: defect → enhancement
Priority: -- → P2
Whiteboard: [domsecurity-active]
Pushed by tritter@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/f562fda29d7c
Do not enforce eval() assertions if userchrome.css is enabled r=ckerschb

I'm still a bit confused. Thunderbird has an add-on userChromeJS (https://addons.thunderbird.net/en-GB/thunderbird/addon/userchromejs-2/) which is the successor of one a similar one that the author no longer maintains. So is there a "userChrome" add-on for FF? I though something like that would have been discontinued at FF 57.

(In reply to Jorg K (GMT+2) from comment #3)

I'm still a bit confused. Thunderbird has an add-on userChromeJS (https://addons.thunderbird.net/en-GB/thunderbird/addon/userchromejs-2/) which is the successor of one a similar one that the author no longer maintains. So is there a "userChrome" add-on for FF? I though something like that would have been discontinued at FF 57.

AFAICT: userChrome is a catch-all for user-made modifications to the core app experience.

userchrome.css is a still-mostly-supported feature to apply CSS rules to the browser itself.
userchrome[.]js is a hack that allows you to (ab)use enterprise configuration capabilities to run javascript in a privileged context in the browser and affect the browser in ways we don't support.

I believe userChromeJS evolved from a normal pre-57 style add-on into the current hack it is today to achieve roughly the same goals.

There is no 'userChromeJS' add-on in the sense of an Extension, but you can place files in certain places and then set prefs to abuse functionality to achieve some of the effects of a pre-57 add-on.

https://hg.mozilla.org/mozilla-central/rev/f562fda29d7c

Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox70: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla70
See Also: → 1583314
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: