Firefox DLP scans the pasted content multiple times in Google/OneDrive Documents
Categories
(Firefox :: Data Loss Prevention, defect)
Tracking
()
People
(Reporter: bhidecuti, Assigned: gstoll)
References
(Blocks 3 open bugs)
Details
(Whiteboard: [fidefe-quality-foundation?])
Attachments
(5 files)
2.45 MB,
video/mp4
|
Details | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
Details | Review | |
48 bytes,
text/x-phabricator-request
|
phab-bot
:
approval-mozilla-esr128+
|
Details | Review |
48 bytes,
text/x-phabricator-request
|
phab-bot
:
approval-mozilla-esr128+
|
Details | Review |
Found in
- 130.0b2
Affected versions
- 131.0a1 (2024-08-08)
- 130.0b2
- 128.1.0esr
Preconditions
- Download the DLP test assets from https://drive.google.com/file/d/1yjqVRuxdKV3WnO7D2wzMgDXBuYBxUgVw/view
- Create a distribution folder inside the Firefox folder and paste the policies-1.json to it and then rename it to policies.json
- Run the DLP agent in CMD using: .\content_analysis_sdk_agent.exe --user --toblock=.\d{3}-?\d{2}-?\d{4}. --towarn=.warn. --delays=10
Tested platforms
- Affected platforms: Windows 10/11
- Unaffected platforms: Ubuntu, macOS
Steps to reproduce
- Go to https://drive.google.com/drive/home and sign in
- Open up a document in an external program (for example Notepad) and type “ok text” into it and copy it (or copy any text from a random website)
- Go back to Google Drive and open any Google Docs/Sheets/Slides
- Paste the copied text from step 2
- Observe the behavior
Expected result
- The pasted content is scanned only once
Actual result
- The pasted content is scanned 2-3 times consecutively
Regression range
- This is not a regression as this is a new feature
Additional notes
- See the attached video
- Also reproducing when pasting a blocked content (e.g. "123456789") ->the "Blocked" message is displayed twice (as the scan is performed twice as well)
- Also reproducing if the sample agent is not running -> the “Warn” message is displayed 2 times when pasting the text in Google Documents (tested with policies-2.json)
- Also reproducing for One Drive Documents (Word/PowerPoint/OneNote docs)
- Not reproducing for the upload operation
- Adding the [fidefe-quality-foundation?] tag, as scanning the content multiple times creates a poor user experience, especially on high-traffic platforms like Google Drive or OneDrive. Also, the issue persists both with and without the agent running.
Updated•2 months ago
|
Assignee | ||
Comment 1•2 months ago
|
||
I'll paste the call stacks for the two requests below (when pasting into a Google Doc, anyway), but it seems like the JS is getting the clipboard data twice - the DataTransferItem
is different in the two call stacks. Perhaps we could remember the last DLP request and if it matches exactly, skip it and return the same result?
first request:
- > xul.dll!nsClipboardProxy::GetData(nsITransferable * aTransferable=0x0000016f529b24c0, nsIClipboard::ClipboardType aWhichClipboard=kGlobalClipboard, mozilla::dom::WindowContext * aWindowContext=0x0000016f4def9d00) Line 89 C++
- xul.dll!mozilla::dom::DataTransferItem::FillInExternalData() Line 188 C++
- xul.dll!mozilla::dom::DataTransferItem::DataNoSecurityCheck() Line 529 C++
- xul.dll!mozilla::dom::DataTransferItem::Data(nsIPrincipal * aPrincipal=0x0000016f44bbf2e0, mozilla::ErrorResult & aRv={...}) Line 549 C++
- xul.dll!mozilla::dom::DataTransfer::GetDataAtInternal(const nsTSubstring<char16_t> & aFormat={...}, unsigned int aIndex=0x00000000, nsIPrincipal * aSubjectPrincipal=0x0000016f44bbf2e0, nsIVariant * * aData=0x0000001ba27e6268) Line 543 C++
- xul.dll!mozilla::dom::DataTransfer::GetData(const nsTSubstring<char16_t> & aFormat={...}, nsTSubstring<char16_t> & aData={...}, nsIPrincipal & aSubjectPrincipal={...}, mozilla::ErrorResult & aRv={...}) Line 351 C++
- xul.dll!mozilla::dom::DataTransfer_Binding::getData(JSContext * cx=0x0000016f44a3b200, JS::Handle<JSObject *> obj={...}, void * void_self=0x0000016f551bdaf0, const JSJitMethodCallArgs & args={...}) Line 420 C++
second request:
- > xul.dll!nsClipboardProxy::GetData(nsITransferable * aTransferable=0x0000016f529b2640, nsIClipboard::ClipboardType aWhichClipboard=kGlobalClipboard, mozilla::dom::WindowContext * aWindowContext=0x0000016f4def9d00) Line 89 C++
- xul.dll!mozilla::dom::DataTransferItem::FillInExternalData() Line 188 C++
- xul.dll!mozilla::dom::DataTransferItem::DataNoSecurityCheck() Line 529 C++
- xul.dll!mozilla::dom::DataTransferItem::Data(nsIPrincipal * aPrincipal=0x0000016f44bbf2e0, mozilla::ErrorResult & aRv={...}) Line 549 C++
- xul.dll!mozilla::dom::DataTransfer::GetDataAtInternal(const nsTSubstring<char16_t> & aFormat={...}, unsigned int aIndex=0x00000000, nsIPrincipal * aSubjectPrincipal=0x0000016f44bbf2e0, nsIVariant * * aData=0x0000001ba27e7408) Line 543 C++
- xul.dll!mozilla::dom::DataTransfer::GetData(const nsTSubstring<char16_t> & aFormat={...}, nsTSubstring<char16_t> & aData={...}, nsIPrincipal & aSubjectPrincipal={...}, mozilla::ErrorResult & aRv={...}) Line 351 C++
- xul.dll!mozilla::dom::TextEvent::GetData(nsTSubstring<char16_t> & aData={...}, nsIPrincipal & aSubjectPrincipal={...}) Line 54 C++
- xul.dll!mozilla::dom::TextEvent_Binding::get_data(JSContext * cx=0x0000016f44a3b200, JS::Handle<JSObject *> obj={...}, void * void_self=0x0000016f560a8d30, JSJitGetterCallArgs args={...}) Line 64 C++
Assignee | ||
Comment 2•2 months ago
|
||
I would also note that it's possible that the agent may cache requests and so the second request might be fast. We won't know this until we try with a real agent, though.
Assignee | ||
Updated•2 months ago
|
Assignee | ||
Comment 3•2 months ago
|
||
I dove into Google Doc's JS a bit but it's very obfuscated. The first call is to DataTransfer.getData(), which is a way to get the clipboard contents, and makes sense. The second call is to TextEvent.data
, which is a property Firefox added (presumably for webcompat) in Fx 129, and this explains why this wasn't a problem when I tested with Google Docs a while ago.
I think adding a time-limited cache of just the last text request sent to the DLP agent is the best approach here. It's relatively safe and is likely to workaround issues like this as they arrive in the future.
Assignee | ||
Comment 4•2 months ago
|
||
This is a bit of a bandaid fix, but it's straightforward and
less brittle than trying to fix the various ways of getting
the clipboard contents.
I added a relatively short timeout to the cached data to
ensure we don't have to worry about DLP settings in the agent
changing or anything like that. In all the cases of double
calls I've seen, the calls come very very close to each other
in time.
Updated•1 month ago
|
Assignee | ||
Comment 5•1 month ago
|
||
For BLOCKED text, if we do two requests in quick succession, we will now
return a cached result for the second request. This patch avoids showing
the BLOCK dialog more than once. (also works for WARN)
Comment 7•1 month ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/21c0482d0f97
https://hg.mozilla.org/mozilla-central/rev/d906de157f37
Comment 8•1 month ago
|
||
The patch landed in nightly and beta is affected.
:gstoll, is this bug important enough to require an uplift?
- If yes, please nominate the patch for beta approval.
- If no, please set
status-firefox130
towontfix
.
For more information, please visit BugBot documentation.
Assignee | ||
Updated•1 month ago
|
Reporter | ||
Comment 9•1 month ago
|
||
Verified as fixed on Firefox Nightly 131.0a1 (2024-08-26), using Windows 10/11.
Firefox DLP scans the pasted content only once in Google/OneDrive Documents when it was copied from an external app (e.g. Notepad) while the agent is running.
However, the following behavior from the notes is still reproducing:
Also reproducing if the sample agent is not running -> the “Warn” message is displayed 2 times when pasting the text in Google Documents (tested with policies-2.json)
@Greg, should we reopen this bug for the above behavior or file a new one? Thanks in advance!
Also, if pasting a text content from a random website (e.g. from Wikipedia) or from another Gdoc/OndeDrive Doc, the content is still scanned multiple times. We logged a separate ticket for this - bug 1915351.
Assignee | ||
Comment 10•1 month ago
|
||
Go ahead and file a new bug for the "warn" message being displayed twice. Thanks!
Reporter | ||
Comment 11•1 month ago
|
||
Thanks for the response. Logged bug 1915536 for the "warn" message being displayed twice when the agent is not running.
Based on Comment 9 I am marking this verified as fixed on Firefox 131.0a1.
Assignee | ||
Comment 12•25 days ago
|
||
This is a bit of a bandaid fix, but it's straightforward and
less brittle than trying to fix the various ways of getting
the clipboard contents.
I added a relatively short timeout to the cached data to
ensure we don't have to worry about DLP settings in the agent
changing or anything like that. In all the cases of double
calls I've seen, the calls come very very close to each other
in time.
Original Revision: https://phabricator.services.mozilla.com/D219291
Updated•25 days ago
|
Assignee | ||
Comment 13•25 days ago
|
||
For BLOCKED text, if we do two requests in quick succession, we will now
return a cached result for the second request. This patch avoids showing
the BLOCK dialog more than once. (also works for WARN)
Original Revision: https://phabricator.services.mozilla.com/D219496
Updated•25 days ago
|
Assignee | ||
Comment 14•24 days ago
|
||
esr128 Uplift Approval Request
- User impact if declined: DLP agent may be called more times than is necessary, which is irritating for the user
- Code covered by automated testing: yes
- Fix verified in Nightly: yes
- Needs manual QE test: no
- Steps to reproduce for manual QE testing: n/a
- Risk associated with taking this patch: low
- Explanation of risk level: only affects DLP
- String changes made/needed: no
- Is Android affected?: no
Updated•24 days ago
|
Updated•24 days ago
|
Comment 15•24 days ago
|
||
uplift |
Updated•24 days ago
|
Reporter | ||
Comment 16•19 days ago
|
||
Verified as fixed on Firefox 128.3.0esr, build ID 20240911002735 (from Treeherder), using Windows 10/11. Firefox DLP scans the pasted content only once in Google/OneDrive Documents when it was copied from an external app (e.g. Notepad) while the agent is running.
Description
•