Closed Bug 1665175 Opened 4 years ago Closed 4 years ago

Theme icons not displayed in multistage welcome

Categories

(Firefox :: Messaging System, defect, P1)

Product:
Firefox
Component:
Messaging System
Type:
defect

Tracking

()

Status:
VERIFIED FIXED
Milestone:
82 Branch
Tracking Flags:
Tracking Status
firefox-esr68 --- unaffected
firefox-esr78 --- unaffected
firefox80 --- unaffected
firefox81 --- unaffected
firefox82 --- verified
firefox83 --- verified

People

(Reporter: pdahiya, Assigned: ckerschb)

References

(Blocks 1 open bug, Regression)

Details

(Keywords: regression)

Attachments

(2 files)

Theme screen with missing icons
389.38 KB, image/png
Details
Bug 1665175: Load aboutwelcome.css using chrome:.
47 bytes, text/x-phabricator-request
Details | Review

STR:

  1. Build latest m-c
  2. Open about:welcome
  3. Navigate to theme screen by clicking 'start setup'

Expected

  1. On theme screen themes icons shows inside respective tiles

Actual
Theme icons are not visible ( See attached) with error in console as "Security Error: Content at resource://activity-stream/aboutwelcome/aboutwelcome.css may not load or link to chrome://mozapps/content/extensions/default-theme.svg"

This appears to be regression caused by bug 1145314. NI Chris to look at it and help with the fix.

Regressed by: 1145314
Has Regression Range: --- → yes
Keywords: regression
Flags: needinfo?(ckerschb)

Hey thanks for reporting and sorry for breaking. FWIW, I pushed to Treeherder applying an additional patch which would throw an assertion if something in our TREE was allowed to load before and not after enforcing the stricter security checks. In turn, that means there is no automated test exercising that code path. Probably worth filing a follow up and adding one?

Anyway, when fixing Bug 1654258 we started loading other css files using chrome: but apparently not aboutwelcome.css which I think is what we should do there. I'll upload a patch in a minute.

Hopefully that does not introduce any other side effects on Treeherder.

If thinks are critical for testing you could flip the pref security.caps.allow_uri_is_ui_resource_in_checkloaduriflags until we have fixed the problem within this bug.

Assignee: nobody → ckerschb
Severity: -- → S1
Status: NEW → ASSIGNED
Flags: needinfo?(ckerschb)
Priority: -- → P1
Flags: in-testsuite?

Ah, we need to list files separately in the jar.mn file:
https://treeherder.mozilla.org/#/jobs?repo=try&revision=a44cc57d2dd096a2340afaacf16cfe8a9073c01f

updated the patch as well.

(In reply to Christoph Kerschbaumer [:ckerschb] from comment #3)

Hey thanks for reporting and sorry for breaking. FWIW, I pushed to Treeherder applying an additional patch which would throw an assertion if something in our TREE was allowed to load before and not after enforcing the stricter security checks. In turn, that means there is no automated test exercising that code path. Probably worth filing a follow up and adding one?

Curious, what automated test should look like. The underlying issue is stricter security checks that caused aboutwelcome.css failing to load image at chrome://mozapps/content/extensions/...svg, where as some chrome url images such as chrome://activity-stream/content/data/content/assets/short-zap.svg loads successfully.

Should the tests be checking for all chrome URL usage outside chrome://activity-stream/content/..??

Anyway, when fixing Bug 1654258 we started loading other css files using chrome: but apparently not aboutwelcome.css which I think is what we should do there. I'll upload a patch in a minute.

+1 , tried attached patch and it does fix the issue reported in bug

(In reply to Punam Dahiya [:pdahiya] from comment #7)

Curious, what automated test should look like. The underlying issue is stricter security checks that caused aboutwelcome.css failing to load image at chrome://mozapps/content/extensions/...svg, where as some chrome url images such as chrome://activity-stream/content/data/content/assets/short-zap.svg loads successfully.

It's not about the security check itself. As far as I can tell there is no test which loads any of the mozapps/content/extensions/...svg in any way - otherwise my assertion would have directed me in that direction.

Put differently, I guess we need a test for about:welcome which would click the start setup button.

Blocks: 1665756

It's not about the security check itself. As far as I can tell there is no test which loads any of the mozapps/content/extensions/...svg in any way - otherwise my assertion would have directed me in that direction.

Put differently, I guess we need a test for about:welcome which would click the start setup button.

Sounds good updated tests in the followup bug 1665756, thanks!

Pushed by pdahiya@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/5d6e247a8dde
Load aboutwelcome.css using chrome:. r=mconley,pdahiya

https://hg.mozilla.org/mozilla-central/rev/5d6e247a8dde

Status: ASSIGNED → RESOLVED
Closed: 4 years ago
status-firefox82: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → 82 Branch

I have managed to reproduce this issue on the Nightly build from 2020-09-15 (BuildID 20200915154719) and have verified that the issue is no longer reproducible on the latest Nightly (83.0a1, 20200922154306) and Beta (82.0b2, 20200922183749) builds using Windows 10, macOS 10.15, and Linux MX 4.19.

Status: RESOLVED → VERIFIED
status-firefox82: fixedverified
status-firefox83: --- → verified
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: