1795338 - getSitePermsAddonInstallForWebpage should account for a NullPrincipal aInstallingPrincipal due to permission requested from a sandboxed subframe

Status: RESOLVED FIXED

(WebExtensions :: General, defect)

Description

[Luca Greco [:rpl] [:luca] [:lgreco]]

This corner case is currently throwing from the call to aBrowser.contentPrincipal.isThirdPartyPrincipal(aInstallingPrincipal), we should instead check explicitly if aInstallingPrincipal is a NullPrincipal and reject the request explicitly (so that we can also provide a better error message logged in the console to help the webapp developer to understand why the request has been rejected).

STR (with already SitePermsAddonProvider enabled through pref):

• open a tab and load https://cdpn.io/k88hudson/fullpage/LYmBNGQ
• open the Browser Console and look for the rejection originated from AddonManager installSitePermsAddonFromWebpage method.

Expected behavior:

• An explicit reason for rejecting the request (e.g. "SitePermsAddons install is disallowed from sandboxed subframes")

(and Bug 1792993 will improve how we surface that to webapp developers by making sure it is going to be visible in the DevTools webconsole panel associated to the tab that is triggering the error).

Comment 1

[Luca Greco [:rpl] [:luca] [:lgreco]]

Attachment: Bug 1795338 - getSitePermsAddonInstallForWebpage should account for a NullPrincipal aInstallingPrincipal. r?willdurand,nchevobbe

Comment 2

[Pulsebot]

Pushed by luca.greco@alcacoop.it:
https://hg.mozilla.org/integration/autoland/rev/890fc7c13d31
getSitePermsAddonInstallForWebpage should account for a NullPrincipal aInstallingPrincipal. r=willdurand,nchevobbe

Comment 3

[Sandor Molnar[:smolnar]]

https://hg.mozilla.org/mozilla-central/rev/890fc7c13d31