Enable eval security and let it ride the trains
Categories
(Core :: DOM: Security, task)
Tracking
()
People
(Reporter: tjr, Assigned: tjr)
References
Details
(Whiteboard: [domsecurity-active])
Attachments
(1 file)
47 bytes,
text/x-phabricator-request
|
pascalc
:
approval-mozilla-beta+
|
Details | Review |
The intent here was to collect telemetry from 70 (with no enforcement) and then 71 would enforce it and it would ride up the trains one behind the other.
But in Bug 1579495 I forgot we had Nightly guards on the function call so we were not calling the function on Beta or sending in Telemetry. That got fixed and uplifted.
But then I discovered/remembered that we had also guarded the pref with a Nightly guard. So I'm removing that in Nightly and requesting it be uplifted to Beta so we can really get the Telemetry.
Assignee | ||
Comment 1•5 years ago
|
||
Assignee | ||
Comment 2•5 years ago
|
||
Comment on attachment 9093666 [details]
Bug 1582229 - Unrestrict the eval() preferences from Nightly r?ckerschb
Beta/Release Uplift Approval Request
- User impact if declined: We will need to wait another cycle before enforcing security defense in depth restrictions.
- Is this code covered by automated tests?: No
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): As from Bug 1579495 we're calling a new codepath that submits telemetry events. It's possible an unexpected environment difference between beta and Nightly could lead to getting flooded with telemetry.
- String changes made/needed:
Updated•5 years ago
|
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Pushed by tritter@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/ccef24674019 Unrestrict the eval() preferences from Nightly r=ckerschb
Comment 4•5 years ago
|
||
bugherder |
Comment 5•5 years ago
|
||
Comment on attachment 9093666 [details]
Bug 1582229 - Unrestrict the eval() preferences from Nightly r?ckerschb
Allow collecting telemetry in beta by removing a Nightly onmy guard, landed on Nightly and looks safe, uplift approved for 70 beta 9, thanks.
Comment 6•5 years ago
|
||
bugherder uplift |
Description
•