Closed
Bug 769594
Opened 12 years ago
Closed 12 years ago
Make nsContentUtils and nsObjectLoadingContent use TestPermissionFromPrincipal instead of TestPermission
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
People
(Reporter: mounir, Assigned: mounir)
References
Details
(Whiteboard: [qa-])
Attachments
(1 file, 4 obsolete files)
4.70 KB,
patch
|
jaws
:
review+
jaas
:
review+
|
Details | Diff | Splinter Review |
No description provided.
Attachment #637824 -
Flags: review?(jonas)
Assignee | ||
Comment 1•12 years ago
|
||
Comment on attachment 637824 [details] [diff] [review] Patch I will use that bug for various content/ and dom/ changes.
Attachment #637824 -
Flags: review?(jonas)
Assignee | ||
Comment 2•12 years ago
|
||
Actually, just too...
Summary: Make nsContentUtils use TestPermissionFromPrincipal instead of TestPermission → Make nsContentUtils andnsObjectLoadingContent use TestPermissionFromPrincipal instead of TestPermission
Assignee | ||
Comment 3•12 years ago
|
||
Attachment #637824 -
Attachment is obsolete: true
Attachment #637827 -
Flags: review?(jonas)
Blocks: app-data-jars
Attachment #637827 -
Flags: review?(jonas) → review+
Assignee | ||
Comment 4•12 years ago
|
||
Attachment #637827 -
Attachment is obsolete: true
Attachment #643168 -
Attachment is obsolete: true
Attachment #643217 -
Flags: review?(mounir)
Assignee | ||
Comment 6•12 years ago
|
||
Comment on attachment 643217 [details] [diff] [review] Patch v2 Review of attachment 643217 [details] [diff] [review]: ----------------------------------------------------------------- That means we *never* gives "plugins" permissions to system principal? It might fix the failing test but that seems quite wrong.
Attachment #643217 -
Flags: review?(mounir) → review-
Assignee | ||
Comment 7•12 years ago
|
||
I pushed the nsContentUtils changes given that _they_ pass try obviously: https://hg.mozilla.org/integration/mozilla-inbound/rev/78e6e0765f35
Assignee | ||
Updated•12 years ago
|
Whiteboard: [leave open]
Assignee | ||
Comment 8•12 years ago
|
||
Comment on attachment 643217 [details] [diff] [review] Patch v2 Review of attachment 643217 [details] [diff] [review]: ----------------------------------------------------------------- It seems that the plugin guys actually want that behavior, so r=me. But be careful, only land the changes in nsObjectLoadingContent.cpp ;)
Attachment #643217 -
Flags: review- → review+
I talked with keeler and he gave an ok over irc to go with the current patch since it maintains current behavior. I'll file a followup to figure out a policy for plugins in system-principal documents.
Whiteboard: [leave open]
Attachment #643217 -
Flags: checkin+
Comment on attachment 643217 [details] [diff] [review] Patch v2 This got backed out again
Attachment #643217 -
Flags: checkin+
This seems to pass tests. Keeler: I tried using the http URL for all tests, but some test started throwing due to a missing function, so it seems like some of the tests depend on being loaded as chrome. So I only changed the 12* tests. Does this look ok?
Attachment #643217 -
Attachment is obsolete: true
Attachment #643727 -
Flags: review?(dkeeler)
Whiteboard: [leave open]
Comment on attachment 643727 [details] [diff] [review] Patch v3 The changes to the test look fine to me. The thing is, I'm not actually a reviewer (as far as I know - I'm assuming there's some sort of process or confirmation?), so you'll probably want to ask someone like Jared Wein if you need a formal review. So, I'm just going to clear the review flag.
Attachment #643727 -
Flags: review?(dkeeler)
Comment on attachment 643727 [details] [diff] [review] Patch v3 Jared: Could you have a look at the test changes here.
Attachment #643727 -
Flags: review?(jaws)
Updated•12 years ago
|
Summary: Make nsContentUtils andnsObjectLoadingContent use TestPermissionFromPrincipal instead of TestPermission → Make nsContentUtils and nsObjectLoadingContent use TestPermissionFromPrincipal instead of TestPermission
Comment 15•12 years ago
|
||
Comment on attachment 643727 [details] [diff] [review] Patch v3 Review of attachment 643727 [details] [diff] [review]: ----------------------------------------------------------------- Josh, can you review the nsObjectLoadingContent.cpp changes here? r=me for the test changes, but Josh needs to sign off on this too. ::: content/base/src/nsObjectLoadingContent.cpp @@ +499,5 @@ > > nsCOMPtr<nsIPermissionManager> permissionManager = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv); > NS_ENSURE_SUCCESS(rv, rv); > + bool allowPerm = false; > + if (!nsContentUtils::IsSystemPrincipal(topDoc->NodePrincipal())) { allowPerm will be false for SystemPrincipals, which I think is wrong here. Can you change this to: bool allowPerm = nsContentUtils::IsSystemPrincipal(topDoc->NodePrincipal()); if (!allowPerm) { ... }
Attachment #643727 -
Flags: review?(joshmoz)
Attachment #643727 -
Flags: review?(jaws)
Attachment #643727 -
Flags: review+
Comment 16•12 years ago
|
||
Comment on attachment 643727 [details] [diff] [review] Patch v3 Review of attachment 643727 [details] [diff] [review]: ----------------------------------------------------------------- I'm fine with this, but what :jaws said.
Attachment #643727 -
Flags: review?(joshmoz) → review+
I talked this over with keeler yesterday. The patch currently maintains existing behavior. Right now the code enforces click-to-play for chrome URIs unless someone has somehow managed to get chrome URIs into nsIPermissionManager, which generally shouldn't happen. In fact, we even have tests which depends on nsIPermissionManager not returning ALLOW for these chrome URIs. The way that the principal-aware functions on nsIPermissionManager is that they always return ALLOW for the system principal. However that caused click-to-play tests to fail. I'm happy to change these tests, but I need help if so. I can't find the test in question any more, the tryserver pushes are too old. But I can re-push to get results again. However, is it really worth making plugins not use click-to-play in chrome documents given that it seems like there's agreement that plugins shouldn't work in chrome documents at all?
Comment on attachment 643727 [details] [diff] [review] Patch v3 Review of attachment 643727 [details] [diff] [review]: ----------------------------------------------------------------- re-asking for review. See comment above.
Attachment #643727 -
Flags: review+ → review?(joshmoz)
Comment 19•12 years ago
|
||
Comment on attachment 643727 [details] [diff] [review] Patch v3 I'm fine with not dragging you into changing the existing behavior, but we should get to that sooner rather than later.
Attachment #643727 -
Flags: review?(joshmoz) → review+
Comment 20•12 years ago
|
||
Jonas, can you add a comment to nsObjectLoadingContent.cpp to state why SystemPrincipals default to allow=false?
blocking-basecamp: --- → +
https://hg.mozilla.org/integration/mozilla-inbound/rev/c5cd832d82ef
Whiteboard: [leave open]
Comment 22•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/c5cd832d82ef
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla17
Updated•12 years ago
|
Whiteboard: [qa-]
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•