Closed Bug 817674 Opened 12 years ago Closed 6 years ago

Add new Makefile target (checkcsp) to verify CSP compliance

Categories

(Firefox OS Graveyard :: Gaia, enhancement)

ARM
Gonk (Firefox OS)
enhancement
Not set
normal

Tracking

(blocking-basecamp:-)

RESOLVED WONTFIX
blocking-basecamp -

People

(Reporter: macajc, Unassigned)

References

Details

Attachments

(1 file, 1 obsolete file)

A new option must be added to Makefile to check for CSP compliance.
This new option must build a report of the applications that break the policy including the line number where the error is.
Assignee: nobody → macajc
blocking-basecamp: --- → ?
https://github.com/mozilla-b2g/gaia/pull/6788
Status: NEW → ASSIGNED
Component: Builds → Gaia
I think this is an excellent idea for build automation, but I don't think this should block ship for the same reasons why we don't generally block on automation (we only block if an entire automation framework is blocked due to a bug).
Attached file GH PR #6788 (obsolete) —
Attachment #688175 - Flags: review?(fabrice)
Comment on attachment 688175 [details]
GH PR #6788

NOTE: If blocking-basecamp+ is set, just land it for now.

[Approval Request Comment]
Bug caused by (feature/regressing bug #): 
User impact if declined: 
Testing completed: 
Risk to taking this patch (and alternatives if risky):
Attachment #688175 - Flags: approval-gaia-master?(francisco.jordano)
Not a blocker, but something really useful, will take a look to it.
blocking-basecamp: ? → -
Comment on attachment 688175 [details]
GH PR #6788

Since this is not-part-of-build there's no need for approval. Just land when it's ready.
Attachment #688175 - Flags: approval-gaia-v1?(francisco.jordano)
Hm, it looks like Francisco started to review that. Sorry for the lag, but if it's rebased an works I see no reason to not take that.
Hi Fabrice,

we were discussing this with Vivien, he had his concerns about adding another way of checking csp.

For me was looking ok, if we do agree (Vivien manifest!), I'm totally up to include it.

Thanks,
F.
Comment on attachment 688175 [details]
GH PR #6788

Carmen, if you are still interested in doing that, ask :ochameau to review.
Attachment #688175 - Flags: review?(fabrice)
Yes, I'm still interested in doing this. But with the age of this patch, I'm pretty sure it'll have rotted a lot. So I'll un-rot it and submit a new patch. Thanks for reminding me, Fabric
Assignee: cjc → lissyx+mozillians
Blocks: 968907
New PR, proposing a CSP linter step.

Garrett, can you check what is wrong in my code ? I can't trigger any CSP error this way.
Attachment #688175 - Attachment is obsolete: true
Flags: needinfo?(grobinson)
Christoph, I've been told that you may be of help also :).

I've tried adding an observer against csp-on-violate-policy, but no luck either.
Flags: needinfo?(mozilla)
(In reply to Alexandre LISSY :gerard-majax from comment #12)
> Christoph, I've been told that you may be of help also :).
> 
> I've tried adding an observer against csp-on-violate-policy, but no luck
> either.

Talked to Garrett, he will help you on this. I have seen he already commented on the PR. Clearing Needinfo flag.
Flags: needinfo?(mozilla)
Alexandre, I've commented on the pull request, and am clearing needinfo. Feel me free to needinfo me again if you need... more info.
Flags: needinfo?(grobinson)
Garrett, I've updated the PR with some code that should, IMHO, trigger CSP. But it still does not. Any idea what I'm missing?
Flags: needinfo?(grobinson)
Alexandre, I commented on the PR. My guess is mozbrowser is overriding APP_STATUS_CERTIFIED, a confusing behavior that I have encountered elsewhere.
Flags: needinfo?(grobinson)
Alexandre: Are you still hoping to work on this bug, or do we want to set it aside?
Flags: needinfo?(lissyx+mozillians)
I'm not working on this anymore, I got blocked on using csp from gecko, never found my way out. Feel free to steal if you have ideas :)
Flags: needinfo?(lissyx+mozillians)
Assignee: lissyx+mozillians → nobody
Severity: normal → enhancement
Status: ASSIGNED → NEW
Firefox OS is not being worked on
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: