Use WEBEXT_URI_WEB_ACCESSIBLE for MV2 extensions
Categories
(WebExtensions :: General, task, P2)
Tracking
(firefox130 fixed)
| Tracking | Status | |
|---|---|---|
| firefox130 | --- | fixed |
People
(Reporter: nika, Assigned: nika)
References
Details
Attachments
(1 file)
Currently there is extra work done for MV2 extensions to use different flags than MV3 extensions or themes. This is unnecessary, as the checks which would be performed if the WEBEXT_URI_WEB_ACCESSIBLE flag is set will also work for MV2 extensions.
This bug is to clean up this extra check for MV2 extensions to use the same codepath for both MV2 and MV3.
|
Assignee | |
Comment 1•1 year ago
|
||
Previously, the WebExtension protocol used dynamic protocol flags which
were based on the WebExtension policy in order to enforce things such as
availability in private browsing and the accessibility of certain
resources.
Since the shift to MV3, these checks have required more complex checks
than what was possible to specify with protocol flags, which required
the addition of WEBEXT_URI_WEB_ACCESSIBLE - a security flag which would
trigger further checks with the EPS to determine if the URI can be
loaded.
This was somewhat inefficient, as fetching the URI flags would require
looking up the policy each time dynamic flags were looked up, as well as
when policy specifics were being checked after loading flags. In
addition, it lead to a number of flags which were very specific to
extension protocols.
This patch changes extensions to no longer have dynamic flags, instead
specifying the static URI_IS_WEBEXTENSION_RESOURCE security flag. When
this flag is specified, security checks are made by querying the
ExtensionPolicyService to ask if the load should be permitted, combining
the specific security checks for Extension resources into a simpler
code-path, and avoids redundant checks.
|
||
Updated•1 year ago
|
|
||
Comment 3•1 year ago
|
||
| bugherder | ||
Description
•