BatteryManager should initialize mScriptContext and mOwner. Not having the right context for event handlers has traditionally caused security problems. (I'm not sure if that situation has changed, or whether we still need to make sure that right JSContext gets pushed to stack.) Also, BatteryManager should probably extend nsDOMEventTargetWrapperCache, not nsDOMEventTargetHelper. (We're trying get those two merged once there are no nsDOMEventTargetHelper users.)
This has led to security problems in the past so let's assume worst case. Either way should fix soon.
Mounir, can you look into this one?
Created attachment 575437 [details] [diff] [review] Patch v1
Comment on attachment 575437 [details] [diff] [review] Patch v1 So if you call navigator.mozBattery twice, you may get an uninitialized BatteryManager. Please assign some value to mBatteryManager only if the initialization succeeded. Also, please make sure *aBattery is set to null if not to a valid BatteryManager.
Created attachment 575452 [details] [diff] [review] Patch v1.1 with a comment
Comment on attachment 575452 [details] [diff] [review] Patch v1.1 with a comment > class BatteryManager : public nsIDOMBatteryManager >- , public nsDOMEventTargetHelper >+ , public nsDOMEventTargetWrapperCache > , public BatteryObserver As I said in some other bug, nsDOMEventTargetWrapperCache should be the first one to inherit.
Comment on attachment 575452 [details] [diff] [review] Patch v1.1 with a comment [triage comment] We don't intend to take this feature on Firefox 10 / aurora so we don't need to take this. Denying approval.
This feature *is* in Firefox 10...
Right, and the intention is to back it out / pref it off I believe.
(In reply to Christian Legnitto [:LegNeato] from comment #10) > Right, and the intention is to back it out / pref it off I believe. It is indeed: there is a patch to pref it off but I believe it's better to have this security bug fixed even if the feature is hidden behind a pref. It doesn't hurt.
Comment on attachment 575452 [details] [diff] [review] Patch v1.1 with a comment [Triage Comment] Per previous agreement, the battery API is pref'd off in 10 (see bug 703568). This bug is fixed in 11 and will therefore be corrected when the pref is on by default. We do not plan to take any further Battery API changes in 10.
This is fixed everywhere where it needs to be fixed now, right? If so, can we close this bug?
(In reply to Johnny Stenback (:jst, firstname.lastname@example.org) from comment #13) > This is fixed everywhere where it needs to be fixed now, right? If so, can > we close this bug? This should have been fixed when I pushed the patch to m-c. Sorry about that.
[Triage comment] This bug is being tracked for landing on ESR branch. Please land patches on http://hg.mozilla.org/releases/mozilla-esr10/by Thursday March 1, 2012 in order to be ready for go-to-build on Friday March 2, 2012. See https://wiki.mozilla.org/Release_Management/ESR_Landing_Process for more information.
(In reply to Lukas Blakk [:lsblakk] from comment #15) > [Triage comment] > > This bug is being tracked for landing on ESR branch. Please land patches on > http://hg.mozilla.org/releases/mozilla-esr10/by Thursday March 1, 2012 in > order to be ready for go-to-build on Friday March 2, 2012. > > See https://wiki.mozilla.org/Release_Management/ESR_Landing_Process for more > information. I do not understand why we want this to be in ESR given that ESR is using Gecko 10 and Gecko 10 doesn't have Battery API enabled by default. I've been told that I shouldn't push that patch to 10 because of that. Why is that different for ESR?
[Triage Comment] Sorry, mass modify - closer examination, you're right we don't need this.
Does this affect Firefox Desktop? Is there anything QA can do to verify this fix?
(In reply to Anthony Hughes, Mozilla QA (irc: ashughes) from comment #18) > Does this affect Firefox Desktop? Yes. > Is there anything QA can do to verify this fix? That, I don't know. Olli, is there any way to reproduce this?
Some über-tricky JS tests
qa- unless someone can find a simpler way to verify this fix. Otherwise, we will rely on someone who is already capable of reproducing the issue to verify the fix.
Isn't this more of a "wontfix" for ESR? the feature is there like on 10, we're just relying on people not turning the pref on. For the actual Fx10 we only have to worry about that for 6 weeks, but for the ESR people could flip the pref anytime in the next year if some cool site insists they have a case for it.