Tabbed browser should use favicon sevice in a privacy-aware way

RESOLVED FIXED in seamonkey2.20

Status

defect
RESOLVED FIXED
6 years ago
6 years ago

People

(Reporter: neil, Assigned: neil)

Tracking

(Blocks 1 bug)

unspecified
seamonkey2.20
Dependency tree / graph

SeaMonkey Tracking Flags

(seamonkey2.18 fixed, seamonkey2.19 fixed)

Details

Attachments

(1 attachment)

Not exactly sure what it achieves but it probably avoids storing cookies for instance.

Compare bug 856322.
Assignee: nobody → neil
Status: NEW → ASSIGNED
Attachment #731624 - Flags: review?(philip.chee)
Comment on attachment 731624 [details] [diff] [review]
Possible patch

> -      <field name="mMissedIconCache">
> -        null
Good catch!

>       <field name="mFaviconService" readonly="true">
>         Components.classes["@mozilla.org/browser/favicon-service;1"]
>                   .getService(Components.interfaces.nsIFaviconService)
>                   .QueryInterface(Components.interfaces.mozIAsyncFavicons);
>       </field>

While you're at it, get rid of the QI and getService(mozIAsyncFavicons) directly. I think mozIAsyncFavicons/nsIFaviconService have ClassInfo because when I inspect mozIAsyncFavicons, I get:

> [xpconnect wrapped (nsISupports, nsIFaviconService, mozIAsyncFavicons, nsITimerCallback)]

r=me from code inspection.
Attachment #731624 - Flags: review?(philip.chee) → review+
Pushed comm-central changeset 04bd0d8809c9.
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → seamonkey2.20
Comment on attachment 731624 [details] [diff] [review]
Possible patch

[Approval Request Comment]
Regression caused by (bug #): 
User impact if declined: Potential favicon information leak
Testing completed (on m-c, etc.): None
Risk to taking this patch (and alternatives if risky): 
String changes made by this patch: None
Attachment #731624 - Flags: approval-comm-beta?
Attachment #731624 - Flags: approval-comm-aurora?
Attachment #731624 - Flags: approval-comm-beta?
Attachment #731624 - Flags: approval-comm-beta+
Attachment #731624 - Flags: approval-comm-aurora?
Attachment #731624 - Flags: approval-comm-aurora+
(In reply to Philip Chee from comment #2)
> (From update of attachment 731624 [details] [diff] [review])
> >       <field name="mFaviconService" readonly="true">
> >         Components.classes["@mozilla.org/browser/favicon-service;1"]
> >                   .getService(Components.interfaces.nsIFaviconService)
> >                   .QueryInterface(Components.interfaces.mozIAsyncFavicons);
> >       </field>
> 
> While you're at it, get rid of the QI and getService(mozIAsyncFavicons)
> directly. I think mozIAsyncFavicons/nsIFaviconService have ClassInfo because
> when I inspect mozIAsyncFavicons, I get:
> 
> > [xpconnect wrapped (nsISupports, nsIFaviconService, mozIAsyncFavicons, nsITimerCallback)]
> 
> r=me from code inspection.

Sorry, I forgot about this. (But I should get the constants from Components.interfaces.nsIFaviconService at the same time.)
You need to log in before you can comment on or make changes to this bug.