Disable Feature Policy for FF73
Categories
(Core :: DOM: Security, defect, P1)
Tracking
()
People
(Reporter: ckerschb, Assigned: johannh)
References
(Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-active])
Attachments
(2 files)
|
47 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta+
|
Details | Review |
|
47 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-release+
|
Details | Review |
Given the regression of Bug 1609973 we should just disable FP for FF73 and re-evaluate what to do for FF74.
|
||
Updated•6 years ago
|
|
Reporter | |
Updated•6 years ago
|
|
|
Reporter | |
Comment 1•6 years ago
|
||
|
||
Updated•6 years ago
|
|
|
Reporter | |
Comment 2•6 years ago
|
||
Comment on attachment 9122322 [details]
Bug 1610572: Disable Feature Policy for FF73. r=johannh
Beta/Release Uplift Approval Request
- User impact if declined: We recently regressed Feature Policy (e.g. within Bug 1609973) and are worried to face similar regressions. After careful considerations (Thomas, Johann, ckerschb) we decided to postpone shipping Feature Policy by one release. For now we are going to disable FP in FF73 and then re-evaluate what to do for FF74 soon.
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): The risk is low because we haven't yet shipped Feature Policy. We are going to pref it off.
- String changes made/needed: no
|
|
||
Comment 4•6 years ago
|
||
Comment on attachment 9122322 [details]
Bug 1610572: Disable Feature Policy for FF73. r=johannh
Disables Feature Policy for Fx73. Approved for 73.0b9.
|
||
Comment 5•6 years ago
|
||
| bugherder uplift | ||
|
||
Comment 6•6 years ago
|
||
| bugherder | ||
|
||
Comment 7•6 years ago
|
||
From bug 1609973 comment 12 it looks like comment 5 disables feature policy for 73 release but not 73 beta. Shouldn't we be beta-testing this?
|
|
||
Updated•6 years ago
|
|
||
Updated•6 years ago
|
|
Assignee | |
Comment 8•6 years ago
|
||
You mean shouldn't we be Beta testing the disabling? I'm not sure there's any point to doing that now that we'll be in late beta soon anyway. We've always operated under the assumption that you can just pref-off things last minute and they'd continue to work then, which I agree is a bit of a risk, but, either way, that's the system.
|
|
||
Comment 10•6 years ago
|
||
See bug 1609973 comment 15. The patch that landed here didn't touch firefox.js.
|
|
Assignee | |
Updated•6 years ago
|
|
|
Assignee | |
Comment 11•6 years ago
|
||
This pref was only defined in firefox.js in Beta, so it wasn't considered in the disable patch for Nightly.
Seems like we can safely remove it as it was always unnecessary.
|
|
||
Comment 12•6 years ago
|
||
Comment on attachment 9124068 [details]
Bug 1610572 - Only for Beta uplift - Remove feature policy pref in firefox.js. r=ckerschb
Follow-up fix to the already-approved patch. Approved for 73.0RC1.
|
|
||
Updated•6 years ago
|
|
|
||
Comment 13•6 years ago
|
||
| bugherder uplift | ||
|
|
||
Updated•6 years ago
|
|
|
||
Comment 14•6 years ago
|
||
Bug 1603674 removed the duplication in 74.
|
||
Updated•6 years ago
|
|
||
Comment 15•6 years ago
|
||
Hello! Reproduced the issue with Firefox 73.0b11 (20200128001646) on Windows 10x64, using STR from 1609973#c0. Also dom.security.featurePolicy.enabled pref was set on true on 73.0b11.
Verified fixed with Firefox 73.0RC1 (20200203203546) on Windows 10x64, macOS 10.15 and Ubuntu 18.04. The dom.security.featurePolicy.enabled pref is set on false.
|
|
Assignee | |
Updated•6 years ago
|
|
||
Comment 16•5 years ago
|
||
Please specify a root cause for this bug. See :tmaity for more information.
|
||
Updated•5 years ago
|
Description
•