Closed
Bug 822535
Opened 11 years ago
Closed 11 years ago
User-Oriented Labels in Data Manager for "sts/use" and "sts/subd"
Categories
(SeaMonkey :: Passwords & Permissions, defect)
Tracking
(seamonkey2.18 fixed)
RESOLVED
FIXED
seamonkey2.18
Tracking | Status | |
---|---|---|
seamonkey2.18 | --- | fixed |
People
(Reporter: david, Assigned: philip.chee)
Details
Attachments
(2 files)
2.23 KB,
patch
|
kairo
:
feedback+
|
Details | Diff | Splinter Review |
5.63 KB,
patch
|
kairo
:
review+
|
Details | Diff | Splinter Review |
SeaMonkey 2.14.1 When I open the Data Manager and view Permissions, I sometimes see "sts/use" and "sts/subd". These labels are not user-oriented and should be replaced with labels that are. Note that implementation of bug #607124 in Core/Networking relative to these two permissions might require changes to the Data Manager.
Assignee | ||
Comment 1•11 years ago
|
||
Putting up this WIP for feedback.
Attachment #695196 -
Flags: feedback?(kairo)
Comment 2•11 years ago
|
||
Comment on attachment 695196 [details] [diff] [review] WIP v0.1 Well, those parts look OK but I'm very much inclined to not accept any more patches to dataman without tests. We are already missing some tests, IIRC, I don't want to let that grow.
Attachment #695196 -
Flags: feedback?(kairo) → feedback+
Assignee | ||
Comment 3•11 years ago
|
||
> Well, those parts look OK but I'm very much inclined to
> not accept any more patches to dataman without tests
I've added a test. I've no idea if this is the correct way of testing STS.
Comment 4•11 years ago
|
||
Comment on attachment 702280 [details] [diff] [review] Patch v1.1 with tests. Have you actually run the test? I wonder slightly if the / in the .properties keys works fine - but the test should show that. ;-) That said, please also check if sts/subd actually means "Use STS" by itself, or if it needs sts/use set at the same time and only means "Apply STS to subdomains (as well)". From the labels you have on there, it sounds right now that sts/subd would mean you don't need sts/use at the same time, as it would be redundant.
Attachment #702280 -
Flags: review?(kairo) → review+
Assignee | ||
Comment 5•11 years ago
|
||
> Have you actually run the test? But of course! > That said, please also check if sts/subd actually means "Use STS" by itself, or if it > needs sts/use set at the same time and only means "Apply STS to subdomains (as well)". > From the labels you have on there, it sounds right now that sts/subd would mean you > don't need sts/use at the same time, as it would be redundant. After looking at the source code: http://mxr.mozilla.org/mozilla-central/source/security/manager/boot/src/nsStrictTransportSecurityService.cpp and at the specs: http://tools.ietf.org/html/draft-hodges-strict-transport-sec-02 It looks like the includeSubdomains is a flag in the STS header so yeah sts/subd means that sts/use is already included. 644 // AddPermission() will be called twice if the STS header encountered has 645 // includeSubdomains (first for the main permission and second for the 646 // subdomains permission). If AddPermission() gets called a second time 647 // with the STS_SUBDOMAIN_PERMISSION, we just have to flip that bit in 648 // the nsSTSHostEntry. So sts/subd implies sts/use but is implemented as two separate permissions. Also removing the sts/use permission causes the sts/subd permission to be removed as well. So do the strings need any changes?
Flags: needinfo?(kairo)
Comment 6•11 years ago
|
||
(In reply to Philip Chee from comment #5) > > Have you actually run the test? > But of course! OK, then we have verified that this stuff in .properties works, that was always my fear with those. > So sts/subd implies sts/use but is implemented as two separate permissions. > Also removing the sts/use permission causes the sts/subd permission to be > removed as well. > > So do the strings need any changes? Yes, I think it may be a good idea to label sts/subd as "Apply Strict Transport Security to subdomains".
Flags: needinfo?(kairo)
Assignee | ||
Comment 7•11 years ago
|
||
> Yes, I think it may be a good idea to label sts/subd as "Apply Strict Transport > Security to subdomains". Pushed to comm-central with string changed to "Apply Strict Transport Security to subdomains" http://hg.mozilla.org/comm-central/rev/14e3af5ff3f8
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
status-seamonkey2.18:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → seamonkey2.18
You need to log in
before you can comment on or make changes to this bug.
Description
•