Consider removing checks on addon ids related to the SVG context-fill after all existing extensions using it are migrated to the new WebExtensionPolicy.isPrivileged check
Categories
(Core :: SVG, task)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox91 | --- | fixed |
People
(Reporter: rpl, Assigned: rpl)
References
Details
Attachments
(1 file, 1 obsolete file)
This is a follow up task from Bug 1394579.
As mentioned in Bug 1394579 comment 25:
we are going to allow contex-fill behind a separate check for WebExtensionPolicy.isPrivileged but we didn't remove yet the existing checks for @mozilla.com / @mozilla.org addon id suffixes, because we should double-check that the line extension that were leveraging those checks have been signed to be able to use the IsPrivileged condition.
Once we verified there are no other Mozilla extensions that are leveraging the checks on the Mozilla addon id suffixes, we should ideally rip that off and leave only the WebExtensionPolicy.isPrivileged one.
|
Assignee | |
Comment 1•4 years ago
|
||
This patch does change the extension-related special case in SVGContextPaint::IsAllowedForImageFromURI
to check the "internal:svgContextPropertiesAllowed" extension permission, and move the existing
criteria in the Extension class (which takes care of adding the internal permission when those
criteria as met).
This patch does not contain yet a new explicit test case for the new internal permission (which is
part of the patch build on top of this one and attached to the same bugzilla issue), but it does
pass the existing mochitest-chrome (test_chrome_ext_svg_context_fill.html).
|
||
Updated•4 years ago
|
| Comment hidden (obsolete) |
|
|
||
Updated•4 years ago
|
|
||
Comment 4•4 years ago
|
||
| bugherder | ||
Description
•