Closed
Bug 784233
Opened 12 years ago
Closed 12 years ago
Relax mandatory __exposedProps__ for jetpack until we can automatically repack
Categories
(Core :: XPConnect, defect)
Core
XPConnect
Tracking
()
RESOLVED
FIXED
mozilla17
People
(Reporter: bholley, Assigned: bholley)
Details
Attachments
(1 file, 1 obsolete file)
It sounds like we should ameliorate the situation with jetpack post bug 553102 until SDK repacks are automatic. My thinking is to revert to the old behavior when the global of the object being wrapped is a sandbox. Gabor, Blake, does this sound like a reasonable heuristic for detecting jetpack?
Assignee | ||
Comment 1•12 years ago
|
||
Attachment #653622 -
Flags: review?(gal)
Comment 2•12 years ago
|
||
Comment on attachment 653622 [details] [diff] [review] Relax __exposedProps__ check for sandboxes until we can repack AMO addons. v1 Review of attachment 653622 [details] [diff] [review]: ----------------------------------------------------------------- This is pretty magical code. There might be other sandboxes around. I guess its good enough for a temporary hack though.
Attachment #653622 -
Flags: review?(gal) → review+
Assignee | ||
Comment 3•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/61e9eaf9aae2
Assignee | ||
Comment 4•12 years ago
|
||
crap. I thought I tested it but I realized I didn't link the build, so the push is busted. Hopefully it gets coalesced with the backout: https://hg.mozilla.org/integration/mozilla-inbound/rev/ee70e70fb7f8
Assignee | ||
Comment 5•12 years ago
|
||
Enter a compartment this time.
Attachment #653622 -
Attachment is obsolete: true
Attachment #653663 -
Flags: review?(gal)
Updated•12 years ago
|
Attachment #653663 -
Flags: review?(gal) → review+
Assignee | ||
Comment 6•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/6f955c140b60
Comment 7•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/6f955c140b60
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla17
Assignee | ||
Comment 8•12 years ago
|
||
Alex, gabor - what's the status on addon repacking? I'd really like to close this security footgun up for good.
Comment 9•12 years ago
|
||
(In reply to Bobby Holley (:bholley) from comment #8) > Alex, gabor - what's the status on addon repacking? I'd really like to close > this security footgun up for good. The state of re-packing is that we're trying to figure out if we can re-pack and replace the add-ons we know we can reliably re-pack. This requires some co-ordination with the AMO team. We'll also need to work with them to identify and re-set the compatibility of a large number of add-ons so that they cannot be installed into whatever version this fix goes into.
Assignee | ||
Comment 10•12 years ago
|
||
Thanks for the update. :-) Is there a bug I can follow?
You need to log in
before you can comment on or make changes to this bug.
Description
•