Last Comment Bug 668030 - Warn when enablePrivilege is used
: Warn when enablePrivilege is used
Status: VERIFIED FIXED
:
Product: Core
Classification: Components
Component: DOM (show other bugs)
: Trunk
: x86 Mac OS X
: P1 normal (vote)
: mozilla7
Assigned To: Boris Zbarsky [:bz] (still a bit busy)
:
:
Mentors:
Depends on:
Blocks: 546848
  Show dependency treegraph
 
Reported: 2011-06-28 14:17 PDT by Boris Zbarsky [:bz] (still a bit busy)
Modified: 2011-09-05 07:31 PDT (History)
12 users (show)
bzbarsky: in‑testsuite?
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
Warn when enablePrivilege is used. (4.84 KB, patch)
2011-06-28 17:55 PDT, Boris Zbarsky [:bz] (still a bit busy)
jonas: review+
Details | Diff | Splinter Review
test case (778 bytes, text/html)
2011-09-05 07:25 PDT, Ioana (away)
no flags Details
The enablePrivilege warning in the Web and Error consoles (665.84 KB, image/png)
2011-09-05 07:31 PDT, Ioana (away)
no flags Details

Description Boris Zbarsky [:bz] (still a bit busy) 2011-06-28 14:17:35 PDT

    
Comment 1 Boris Zbarsky [:bz] (still a bit busy) 2011-06-28 17:55:04 PDT
Created attachment 542694 [details] [diff] [review]
Warn when enablePrivilege is used.
Comment 2 Boris Zbarsky [:bz] (still a bit busy) 2011-06-28 18:08:27 PDT
http://hg.mozilla.org/integration/mozilla-inbound/rev/2cb11a5daaf5
Comment 3 Marco Bonardo [::mak] 2011-06-29 02:24:54 PDT
http://hg.mozilla.org/mozilla-central/rev/2cb11a5daaf5
Comment 4 Josh Matthews [:jdm] 2011-06-29 10:37:28 PDT
Can we get this into aurora?
Comment 5 Boris Zbarsky [:bz] (still a bit busy) 2011-06-29 10:49:42 PDT
It would need a totally different patch, because the WarnOnceAbout infrastructure is not there.  So we would be warning on every use, most likely.  If that's ok, I can probably write an aurora patch for this....
Comment 6 Francesco Lodolo [:flod] 2011-06-29 21:56:07 PDT
Could you explain to a non programmer (or rephrase in other words) what "runs with the system principal" mean?
Comment 7 :Gavin Sharp [email: gavin@gavinsharp.com] 2011-06-29 22:14:27 PDT
It means "privileged code", essentially, or "runs with the same privileges as Firefox". I agree that it's somewhat confusing to mention that in the warning, "use an extension" is really the useful advice.
Comment 8 Boris Zbarsky [:bz] (still a bit busy) 2011-06-29 22:19:16 PDT
I'm happy for someone else to wordsmith as desired here...

But yes, the upshot is "use an extension or get your code checked into the browser UI".
Comment 9 Francesco Lodolo [:flod] 2011-06-29 22:32:16 PDT
Thanks. So something like "Please use code that runs with the same priviliges of the application (e.g. an extension) instead." can be considered a fitting equivalent?
Comment 10 Boris Zbarsky [:bz] (still a bit busy) 2011-06-29 22:35:49 PDT
"Please use code that runs with the same privileges as the application itself (e.g. an extension) instead", yeah.
Comment 11 vb4guy 2011-07-25 17:30:46 PDT
But if I don't use enablePrivilege, then I get an error saying that permission is denied?  What is the correct way of calling script that uses UniversalXPConnect???
Comment 12 Boris Zbarsky [:bz] (still a bit busy) 2011-07-25 18:19:04 PDT
The entire old Java-like privilege system is deprecated.  The correct way to do a script that needs privileges like that is to do an extension.
Comment 13 vb4guy 2011-08-02 08:04:15 PDT
Is there someone other way that I can access UniversalXPConnect without writing an extension?  The issue is that I have a website that reads/writes into a log that uses different technologies for each browser (IE, Chrome, Firefox).  But removing this functionality, my website won't be able to support Firefox.
Comment 14 Boris Zbarsky [:bz] (still a bit busy) 2011-08-02 08:16:24 PDT
> Is there someone other way that I can access UniversalXPConnect without writing
> an extension? 

No.

How, exactly, are you making this work in Chrome in a way that doesn't work in Gecko?
Comment 15 vb4guy 2011-08-02 10:50:10 PDT
For Chrome, I use window.requestFileSystem (see: http://www.html5rocks.com/en/tutorials/file/filesystem/)

For IE, I use Scripting.FileSystemObject (see: http://css.dzone.com/tips/javascript-how-read-and-write)

and for FF, I use nsIFile and nsILocalFile (see: https://developer.mozilla.org/en/Code_snippets/File_I%2F%2FO)
Comment 16 Boris Zbarsky [:bz] (still a bit busy) 2011-08-02 11:12:09 PDT
Seems like we should implement filesystem API or equivalent (which is in the plans anyway as I understand) before dropping enablePrivilege support and that would handle your usecase, right?
Comment 17 Boris Zbarsky [:bz] (still a bit busy) 2011-08-02 11:12:36 PDT
And to be clear, all this bug changed was add a warning.  There was no behavior change so far.
Comment 18 Kyle Huey [:khuey] (Exited; not receiving bugmail, email if necessary) 2011-08-02 11:13:42 PDT
Why do you need a physical on-disk file?  We have no plans to implement the filesystem API as is.

If you just need to store large amounts of data offline, we're working on that.
Comment 19 Jonas Sicking (:sicking) No longer reading bugmail consistently 2011-08-02 11:52:21 PDT
Yes, I have the same question. Do you need to access data from the users "private" files, like files from the desktop/Documents/Music/Picutes folders?

Or are you just storing data that you've generated or downloaded from somewhere so that you can retrieve it later?
Comment 20 vb4guy 2011-08-02 16:29:01 PDT
I am storing log information that is in a format that is generated from my server which generates the client side javascript dynamically depending on the cleint's browers.  The data could get large over time (100 MB or more).

The location is in the users' home or documents folder.
Comment 21 Jonas Sicking (:sicking) No longer reading bugmail consistently 2011-08-02 17:25:49 PDT
Ok, so you are getting the data on your own server and downloading it using javascript (and XHR?). Then you are currently using nsILocalFile to store that data on the users computer and load it back in when needed?

If that is correct, you should soon be able to use IndexedDB to store Blob objects and retrive them as needed. This will work without requiring any extended privileges and simply using web standards!
Comment 22 vb4guy 2011-08-02 20:06:44 PDT
Jonas, that is correct.

But the issue here is that I want to right to a simple log file (text file) that can be read/written to using any browser.  If I use the IndexedDB, it won't be a cross browser solution.

There has to be a better way!
Comment 23 Ioana (away) 2011-09-05 00:46:03 PDT
Verfied on:
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0) Gecko/20100101 Firefox/7.0

When running a script that uses enablePrivilege I receive the following warning:
"A script from "file://" is requesting enhanced abilities that are UNSAFE and could be used to compromise your machine or data:

Read program settings

Allow these abilities only if you trust this source to be free of viruses or malicious programs."

Then, even if I click on the "Allow" button, the permission those privileges were supposed to grant me is denied.

Is this the correct behavior? If not, please let me know what warning I should get.

Thank you
Comment 24 Boris Zbarsky [:bz] (still a bit busy) 2011-09-05 07:04:00 PDT
You should get a warning in the Web Console and Error Console.

The popup window you see has nothing to do with this bug.
Comment 25 Ioana (away) 2011-09-05 07:25:13 PDT
Created attachment 558279 [details]
test case
Comment 26 Ioana (away) 2011-09-05 07:28:23 PDT
Verfied fixed on:
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.0) Gecko/20100101 Firefox/7.0

Steps:
 1. Open the Web Console.
 2. Open the test case attached in the previous comment.
 3. Tap on the "Home Page?" button.

The "Use of enablePrivilege is deprecated.  Please use code that runs with the system principal (e.g. an extension) instead." warning is displayed both in the Web console and in the Error console.
Comment 27 Ioana (away) 2011-09-05 07:31:10 PDT
Created attachment 558282 [details]
The enablePrivilege warning in the Web and Error consoles

Note You need to log in before you can comment on or make changes to this bug.