Closed Bug 1880988 Opened 7 months ago Closed 6 months ago

The default summary for details doesn't honor spoof English

Categories

(Core :: DOM: Core & HTML, defect, P2)

Product:
Core
Component:
DOM: Core & HTML
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
125 Branch
Tracking Flags:
Tracking Status
firefox-esr115 - wontfix
firefox123 --- wontfix
firefox124 --- wontfix
firefox125 --- fixed

People

(Reporter: pierov, Assigned: pierov)

References

(Regression)

Details

(4 keywords, Whiteboard: [adv-main125-])

Attachments

(1 file)

Bug 1880988 - Apply spoof English to the default detail summary. r?#anti-tracking
48 bytes, text/x-phabricator-request
Details | Review

The <details> element will use a default summary when it doesn't contain a <summary> tag.
This default string is localized in the app language even when spoof English is active.
As far as I can tell this string isn't accessible, but if you set display: inline to the <details> element, you can measure the various localized strings.

I kindly ask you to keep this bug confidential at least for one month, because we plan to include the fix downstream in our next stable release scheduled for around March 19.

This is a minor change so maybe it doesn't really matter, but this looks more like a DOM or Layout change. (It looks like this mechanism was added in bug 1581537.)

Group: core-security → dom-core-security
Component: Privacy: Anti-Tracking → DOM: Core & HTML
Keywords: privacy, regression
Regressed by: 1308080
Keywords: sec-low

Set release status flags based on info from the regressing bug 1308080

status-firefox123: --- → affected
status-firefox124: --- → affected
status-firefox125: --- → affected
status-firefox-esr115: --- → affected

(In reply to Pier Angelo Vendrame from comment #0)

I kindly ask you to keep this bug confidential at least for one month, because we plan to include the fix downstream in our next stable release scheduled for around March 19.

It sounds like we should wait on landing this until Tor is ready to land it.

status-firefox123: affectedwontfix
Whiteboard: [wait for Tor to land]

(In reply to Andrew McCreight [:mccr8] from comment #4)

(In reply to Pier Angelo Vendrame from comment #0)

I kindly ask you to keep this bug confidential at least for one month, because we plan to include the fix downstream in our next stable release scheduled for around March 19.

It sounds like we should wait on landing this until Tor is ready to land it.

Thanks!
I think it'd be fine to land it, because the diff is very small and won't tell many details.
Actually, we already landed it to our nightly channel, we just haven't backported it to our stable channel yet, and we'll wait to lift confidentiality from our ticket until the first stable release that includes the fix.

Thanks, good to know.

Whiteboard: [wait for Tor to land] → [leave closed until Tor backports it]
Severity: -- → S3
Priority: -- → P2

There is an r+ patch which didn't land and no activity in this bug for 2 weeks.
:pierov, could you have a look please?
If you still have some work to do, you can add an action "Plan Changes" in Phabricator.
For more information, please visit BugBot documentation.

Flags: needinfo?(pierov)
Flags: needinfo?(emilio)

I queued it for landing as per the discussion above. A test for this would still be very nice.

Flags: needinfo?(emilio)
Pushed by ealvarez@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/856a612ce3d5
Apply spoof English to the default detail summary. r=emilio

(In reply to Emilio Cobos Álvarez (:emilio) from comment #8)

I queued it for landing as per the discussion above. A test for this would still be very nice.

Thanks.
I'm redirecting the NI to Tom then, to see if he can give me some advice or guidance for this.

Flags: needinfo?(pierov) → needinfo?(tom)

I am not sure. Conceptually, maybe we could create a test that uses a different locale, then use chrome privileges to reach inside the element (I think it's like ShadowRoot or something with hidden sub-elements?), and ensure you don't see english when the pref is one value and do when it is another? But I can't find a clear example of where we're setting a locale for a test like this - I would think it'd require us to test with a full langpack installed and I don't know if we do that. This was maybe the closest I saw.

Flags: needinfo?(tom) → in-testsuite?

https://hg.mozilla.org/mozilla-central/rev/856a612ce3d5

Group: dom-core-security → core-security-release
Status: NEW → RESOLVED
Closed: 6 months ago
status-firefox125: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → 125 Branch

[Tracking Requested - why for this release]: Do we want to backport this to ESR115 or is Tor cherry-picking on their end good enough?

status-firefox124: affectedwontfix
tracking-firefox-esr115: --- → ?
Flags: needinfo?(pierov)

(In reply to Ryan VanderMeulen [:RyanVM] from comment #13)

[Tracking Requested - why for this release]: Do we want to backport this to ESR115 or is Tor cherry-picking on their end good enough?

Cherry-picking on our end is good enough for us, no need backport for us, thanks.

Flags: needinfo?(pierov)
QA Whiteboard: [post-critsmash-triage]
Flags: qe-verify-
Whiteboard: [leave closed until Tor backports it] → [leave closed until Tor backports it][adv-main125-]

We patched all our channels, so this bug can be opened if you want to.
Thanks again!

Group: core-security-release
Whiteboard: [leave closed until Tor backports it][adv-main125-] → [adv-main125-]

Sorry for the burst of bugspam: filter on tinkling-glitter-filtrate
Adding reporter-external keyword to security bugs found by non-employees for accounting reasons

Keywords: reporter-external
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: