Closed Bug 1893387 Opened 1 year ago Closed 1 year ago

Refactor how required permissions/origins are passed from Gecko to the embedder in `exportExtension()`

Categories

(GeckoView :: Extensions, task)

Product:
GeckoView
Component:
Extensions
Platform:
All
Android
Type:
task

Tracking

(firefox128 fixed)

Status:
RESOLVED FIXED
Milestone:
128 Branch
Tracking Flags:
Tracking Status
firefox128 --- fixed

People

(Reporter: willdurand, Assigned: willdurand)

References

Details

(Whiteboard: [addons-jira])

Attachments

(1 file)

Bug 1893387 - Refactor how required permissions/origins are passed from Gecko to the embedder in `exportExtension()`. r?amejiamarmol!,zmckenney!,rpl!
48 bytes, text/x-phabricator-request
Details | Review

We're passing userPermissions to the embedder when exporting a gecko extension (using exportExtension()) but not always! For instance, we export different permissions when we react to an InstallPrompt event or when there is an add-on update. We're also filtering out some permissions because they aren't "promptable". This isn't very clear, and an Addon instance for an extension might have different permissions/origins depending on what is updating it.

I think we should always pass the userPermissions to the embedder, and explicitly pass the permissions/origins to the prompt delegate methods.

Attachment #9398604 - Attachment description: Bug 1893387 - Only use addon.userPermissions in exported extensions. r?amejiamarmol!,zmckenney!,rpl! → Bug 1893387 - Refactor how required permissions/origins are passed from Gecko to the embedder in `exportExtension()`. r?amejiamarmol!,zmckenney!,rpl!
Whiteboard: [addons-jira]

The proposed change here separates the concept of "what permissions to prompt during install" from the concept "what are the required permissions of this extension". This makes sense because the sets are not always the same. In particular, in a Manifest Version 3 extension, host permissions may be included in the install prompt, but they are fully optional. This was a recent change in bug 1839129 (before that bug, host permissions did not appear in the permission prompt in MV3, but they did in MV2).

I'm also noting that the Android-specific permission comparison logic only accounts for required permissions, not host permissions, at https://searchfox.org/mozilla-central/rev/e69f323af80c357d287fb6314745e75c62eab92a/mobile/android/modules/geckoview/GeckoViewWebExtension.sys.mjs#884-892
This means that if a MV3 extension adds a new "required" host permission, that there is no prompt for it. This behavior is consistent with how Firefox desktop behaves, and improving this flow is part of a follow-up bug, bug 1893232.

See Also: → 1839129, 1893232
Pushed by wdurand@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/14e5c6f0ed74 Refactor how required permissions/origins are passed from Gecko to the embedder in `exportExtension()`. r=amejiamarmol,android-reviewers,robwu,geckoview-reviewers,ohall

https://hg.mozilla.org/mozilla-central/rev/14e5c6f0ed74

Status: NEW → RESOLVED
Closed: 1 year ago
status-firefox128: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 128 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: