Closed
Bug 822177
Opened 12 years ago
Closed 9 years ago
Clear History shouldn't execute plugins that are completely disabled
Categories
(Core Graveyard :: Plug-ins, defect, P3)
Tracking
(Not tracked)
RESOLVED
FIXED
mozilla38
People
(Reporter: trialuser7, Assigned: l0p3s222, Mentored)
References
Details
(Whiteboard: [lang=JS])
Attachments
(1 file)
|
956 bytes,
patch
|
benjamin
:
review+
|
Details | Diff | Splinter Review |
disabled flash in add-ons manager, confirmed ff 17.0.1 was killed and no child procs running, restarted ff, confirmed flash disabled and not running, ctrl+shift+del and cleared ("Clear All History"), FlashPlayerPlugin_11_5_502_110.exe (2 of them) launched from ff plugin container
solution: we can clear our history without letting flash know.
other: didn't check where our data is cleared and flash is awakened. it may be possible that: (@sec)
he is able to run away with our data if called before clear is finished
he is able to run away with saved flash data when called this way
|
||
Comment 1•12 years ago
|
||
Flash is launched to delete the flash "supercookies" that are stored inside the flash plugin.
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → INVALID
|
||
Comment 2•12 years ago
|
||
Wait... we probably shouldn't be doing anything to the Flash plugin if the user has disabled it. Is that the actual bug report here?
Status: RESOLVED → UNCONFIRMED
Resolution: INVALID → ---
|
|
||
Updated•12 years ago
|
Flags: needinfo?(trialuser7)
|
||
Comment 3•12 years ago
|
||
Yes. (The reporter and I discussed this on IRC.)
Flags: needinfo?(trialuser7)
Summary: clear-history-plugin bug → Clear History shouldn't execute plugins that are completely disabled
|
|
||
Updated•12 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P3
|
|
||
Updated•10 years ago
|
Whiteboard: [mentor=benjamin@smedbergs.us][lang=JS]
|
|
||
Updated•10 years ago
|
Flags: firefox-backlog+
|
||
Updated•10 years ago
|
Mentor: benjamin
Whiteboard: [mentor=benjamin@smedbergs.us][lang=JS] → [lang=JS]
|
Assignee | |
Comment 5•10 years ago
|
||
First attempt at patch. Prevent disabled addons from being loaded when trying to clear site data.
Attachment #8541356 -
Flags: review?(benjamin)
|
|
Assignee | |
Updated•10 years ago
|
Assignee: nobody → l0p3s222
|
|
||
Comment 6•10 years ago
|
||
I'm on vacation currently: I should be able to provide feedback on Monday 5-Jan.
|
|
||
Comment 7•9 years ago
|
||
Comment on attachment 8541356 [details] [diff] [review] bug-822177.patch Or a week later! Sorry about that. I think this is ok. I was worried that JS callers would fail in unexpected ways, but both sanitize.js and ForgetAboutSite.jsm have try/catch handlers that cover this case.
Attachment #8541356 -
Flags: review?(benjamin) → review+
|
|
||
Comment 8•9 years ago
|
||
Do you need any help doing a try run on this or getting it landed?
Flags: needinfo?(l0p3s222)
|
|
Assignee | |
Comment 9•9 years ago
|
||
I don't have try access so I would appreciate if you would push this for me. Thanks.
Flags: needinfo?(l0p3s222) → needinfo?(benjamin)
|
|
||
Comment 10•9 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=6652331e913b
Flags: needinfo?(benjamin)
|
|
||
Updated•9 years ago
|
Keywords: checkin-needed
|
||
Comment 11•9 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/f29bb4c35c4d
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/f29bb4c35c4d
Status: NEW → RESOLVED
Closed: 12 years ago → 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla38
|
||
Updated•9 years ago
|
Iteration: --- → 38.1 - 26 Jan
Flags: qe-verify?
|
||
Updated•9 years ago
|
QA Whiteboard: [good first verify]
Flags: qe-verify? → qe-verify-
| Comment hidden (spam) |
|
||
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•