Use the Sanitizer.sanitize API instead of invoking cleaners directly
Categories
(WebExtensions :: General, task, P3)
Tracking
(Not tracked)
People
(Reporter: mak, Unassigned)
References
Details
ExtensionBrowsingData.jsm is directly invoking the single cleaners in Sanitizer:
https://searchfox.org/mozilla-central/rev/ce78234f5e653a5d3916813ff990f053510227bc/browser/components/extensions/ExtensionBrowsingData.jsm#39-43
While that's not a big deal in itself, it's not the official API that the Sanitizer would like consumers to use, and it's limiting the possibilities to change the Sanitizer internals. I suspect the Sanitizer.items property should be private and an implementation detail.
The only other use of .items. out of the Sanitizer is to get the list of all the cleaners in Sync, for which a dedicated API could be exposed.
https://searchfox.org/mozilla-central/search?q=sanit.*%5C.items%5B%5Ea-z%5D&path=&case=false®exp=true
I found this because In https://phabricator.services.mozilla.com/D163352 I'm making an additional argument to the cleaners mandatory, and the test here started failing.
I will put in a workaround for now (that likely one of you will review).
|
||
Comment 1•3 years ago
|
||
The Bugbug bot thinks this bug should belong to the 'Core::DOM: Security' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.
|
||
Updated•3 years ago
|
|
||
Comment 3•3 years ago
|
||
(In reply to Marco Bonardo [:mak] from comment #0)
ExtensionBrowsingData.jsm is directly invoking the single cleaners in Sanitizer:
https://searchfox.org/mozilla-central/rev/ce78234f5e653a5d3916813ff990f053510227bc/browser/components/extensions/ExtensionBrowsingData.jsm#39-43
In https://phabricator.services.mozilla.com/D162721 I added another workaround in the sanitizer for the same reason. I marked it with a comment so we don't foreget to remove it once this bug is fixed.
|
||
Updated•3 years ago
|
Description
•