Prevent private messagehandler commands from being called via the WebSocket connection
Categories
(Remote Protocol :: WebDriver BiDi, task, P2)
Tracking
(firefox99 fixed)
Tracking | Status | |
---|---|---|
firefox99 | --- | fixed |
People
(Reporter: jdescottes, Assigned: whimboo, Mentored)
References
(Blocks 1 open bug)
Details
(Whiteboard: [bidi-m3-mvp][lang=js])
Attachments
(1 file)
MessageHandler modules might expose commands which are only meant to be used internally (mostly by other MessageHandler modules): for instance _subscribeEvent
on the the log module: https://searchfox.org/mozilla-central/rev/bc5e79f3ae0f42cb4a6ebd05fc32f48a3829059d/remote/webdriver-bidi/modules/windowglobal/log.jsm#36
All those commands start with an "_", but other than this, they are identical to public commands which are supposed to be called by a WebDriver BiDi client over websocket.
Before we get an actual schema validation, we should prevent BiDi clients to directly call internal commands. For instance, this check could be performed at https://searchfox.org/mozilla-central/rev/bc5e79f3ae0f42cb4a6ebd05fc32f48a3829059d/remote/webdriver-bidi/WebDriverBiDiConnection.jsm#156
Reporter | ||
Comment 1•2 years ago
|
||
This should be relatively easy to implement, setting as mentored. I imagine we would test this via a wdspec test.
Not for milestone 2 though.
Reporter | ||
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Reporter | ||
Updated•2 years ago
|
Assignee | ||
Comment 2•2 years ago
|
||
Updated•2 years ago
|
Pushed by hskupin@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/1aa2d8683e52 [webdriver-bidi] Prevent internal methods from being called via the WebSocket connection. r=webdriver-reviewers,jdescottes
Updated•2 years ago
|
Comment 4•2 years ago
|
||
bugherder |
Description
•