Closed Bug 1681171 Opened 3 years ago Closed 3 years ago

Report sandboxed iframes without navigation capabilities in external protocol handler telemetry

Categories

(Firefox :: Security, task, P3)

Product:
Firefox
Component:
Security
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
86 Branch
Tracking Flags:
Tracking Status
firefox85 --- fixed
firefox86 --- fixed

People

(Reporter: johannh, Assigned: pbz)

References

Details

Attachments

(1 file)

Bug 1681171 - Update external protocol handler telemetry probe to include sandboxed iframes. r=johannh
47 bytes, text/x-phabricator-request
jcristau
: approval-mozilla-beta+
Details | Review

We'd like to make some updates to opening external protocols in iframes, so we should also key external_protocol_handler_dialog_context_scheme by sandboxed iframes without allow-top-navigation, allow-top-navigation-by-user-activation or allow-popups present.

Paul, would you like to take this? :)

Thanks!

Flags: needinfo?(pbz)
Assignee: nobody → pbz
Status: NEW → ASSIGNED
Flags: needinfo?(pbz)
Depends on: 1675046
Blocks: 1675046
No longer depends on: 1675046

We're only extending the probe slightly to get more info about iframe sandbox properties. The data review from Bug 1672344 should cover this: https://bugzilla.mozilla.org/show_bug.cgi?id=1672344#c9

Pushed by pzuhlcke@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/758b008e5ec6
Update external protocol handler telemetry probe to include sandboxed iframes. r=johannh

https://hg.mozilla.org/mozilla-central/rev/758b008e5ec6

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox86: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 86 Branch

Can we get this uplifted? :)

Thanks!

Flags: needinfo?(pbz)

Comment on attachment 9192227 [details]
Bug 1681171 - Update external protocol handler telemetry probe to include sandboxed iframes. r=johannh

Beta/Release Uplift Approval Request

  • User impact if declined: Telemetry code, no direct user impact.
  • Is this code covered by automated tests?: Yes
  • Has the fix been verified in Nightly?: No
  • Needs manual test from QE?: No
  • If yes, steps to reproduce:
  • List of other uplifts needed: None
  • Risk to taking this patch: Low
  • Why is the change risky/not risky? (and alternatives if risky): Doesn't change behavior for users. Small code change. Telemetry code is in a try-catch so we shouldn't break anything even if it throws.
  • String changes made/needed:
Flags: needinfo?(pbz)
Attachment #9192227 - Flags: approval-mozilla-beta?

Can we verify we're getting the expected data from nightly before we uplift?

Flags: needinfo?(pbz)

Sure! We can already see a handful of pings which have it: https://mzl.la/3oYIADW
The new keys are: SUB_SANDBOX_ALLOW and SUB_SANDBOX_NOALLOW.

Flags: needinfo?(pbz)

Comment on attachment 9192227 [details]
Bug 1681171 - Update external protocol handler telemetry probe to include sandboxed iframes. r=johannh

approved for 85.0b3

Attachment #9192227 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: