Closed Bug 1766822 Opened 3 years ago Closed 3 years ago

Optional permission changes are not propagated to prelaunched processes

Categories

(WebExtensions :: General, defect, P1)

Product:
WebExtensions
Component:
General
Type:
defect
Points:
2

Tracking

(firefox102 fixed)

Status:
RESOLVED FIXED
Milestone:
102 Branch
Tracking Flags:
Tracking Status
firefox102 --- fixed

People

(Reporter: robwu, Assigned: robwu)

References

Details

(Whiteboard: [addons-jira])

Attachments

(3 files)

Bug 1766822 - Add a test case to reveal the bug. r?robwu!
48 bytes, text/x-phabricator-request
Details | Review
Bug 1766822 - Refactor, introduce updateAllowedOrigins
48 bytes, text/x-phabricator-request
Details | Review
Bug 1766822 - Decouple WebExtensionPolicy update from BrowserExtensionContent
48 bytes, text/x-phabricator-request
Details | Review

Correct propagation of (optional) permissions is very important to ensure that content scripts can run when the user approves an optional permission (bug 1745819). This was previously not done correctly for new processes, which got addressed in bug 1760526. The fix is not complete, however:

When a test was added that opened multiple tabs (described in this review comment, implemented in D144811 as toolkit/components/extensions/test/mochitest/test_ext_scripting_permissions.html as part of bug 1760451, the test failed unexpectedly: the test got stuck because the registered content script did not run after granting an optional permission.

Setting dom.ipc.processPrelaunch.enabled to false is a work-around to the issue.

The issue is caused by the fact that we rely on BrowserExtensionContent to update policy.allowedOrigins, after the construction of WebExtensionPolicy from sharedData in ExtensionProcessScript, but the BrowserExtensionContent instance is lazily instantiated, via one of the extensions.get(policy) calls. In case of prelaunched processes, there is the possibility that the permission got updated before the construction of BrowserExtensionContent, and consequently the bookkeeping of policy.allowedOrigins goes wrong.

Severity: -- → S2

This new test file contains a test case that exposes an issue described
in Bug 1766822. This test file hangs after having loaded example.org
with no particular CLI flag passed to mach test.

Note that when we pass --disable-fission, the test file passes in most
cases but not all the time with --verify, which is why I didn't enable
more prefs (e.g., dom.ipc.processPrelaunch.enabled).

Introduce common updateAllowedOrigins helper to avoid repetition of
policy.allowedOrigins-updating logic in four places.

While there are no user-visible behavioral changes, the patch does fix a
small issue: previously policy.allowedOrigins could have multiple
MatchPattern instances with exactly the same pattern due to the
implementation in ExtensionChild, now the helper ensures that all
patterns are unique.

This ensures that WebExtensionPolicy is properly initialized even when
ExtensionProcessScript has not instantiated BrowserExtensionContent yet.

Pushed by rob@robwu.nl: https://hg.mozilla.org/integration/autoland/rev/4d2c16b03c1f Add a test case to reveal the bug. r=robwu https://hg.mozilla.org/integration/autoland/rev/23866e9385ac Refactor, introduce updateAllowedOrigins r=willdurand https://hg.mozilla.org/integration/autoland/rev/6b15391a53cf Decouple WebExtensionPolicy update from BrowserExtensionContent r=willdurand,zombie

https://hg.mozilla.org/mozilla-central/rev/4d2c16b03c1f
https://hg.mozilla.org/mozilla-central/rev/23866e9385ac
https://hg.mozilla.org/mozilla-central/rev/6b15391a53cf

Status: NEW → RESOLVED
Closed: 3 years ago
status-firefox102: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 102 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: