Contacts API exposes raw JS objects to content via find

RESOLVED FIXED in mozilla17

Status

()

defect
RESOLVED FIXED
7 years ago
3 months ago

People

(Reporter: bholley, Assigned: bholley)

Tracking

unspecified
mozilla17
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

Assignee

Description

7 years ago
This breaks when we start denying access to chrome objects without __exposedProps__. Patch coming up to fix the issue.
Assignee

Comment 1

7 years ago
Attaching a patch. Gregor, if you're unsatisfied with the performance here, can you take
responsibility for fix the API as necessary so that it works with mandatory __exposedProps__?
I want to land this stuff ASAP before more insecure APIs arrive on m-c.
Attachment #652175 - Flags: review?(anygregor)
Attachment #652175 - Flags: review?(anygregor) → review+
Assignee

Comment 2

7 years ago
Thanks Gregor.

I manually ran the contact tests (since there aren't so many of them) in order to reduce try load. Pushed to m-i:

https://hg.mozilla.org/integration/mozilla-inbound/rev/6d1deb480cfd
I just did the performance test:
loading 500 contacts without this patch: 2.1 - 2.6 sec
with this patch: 3.5 - 4 sec :(
I guess we have to fix it with __exposedProps__
I will file a followup
https://hg.mozilla.org/mozilla-central/rev/6d1deb480cfd
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla17
(In reply to Gregor Wagner [:gwagner] from comment #3)
> I just did the performance test:
> loading 500 contacts without this patch: 2.1 - 2.6 sec
> with this patch: 3.5 - 4 sec :(
> I guess we have to fix it with __exposedProps__
> I will file a followup

Is this still the case? We might be able to shave off a few seconds off the loading time for getAll if we can fix this performance regression.
See Also: → 1103446

Updated

5 years ago
See Also: 1103446
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.