Closed Bug 891617 Opened 11 years ago Closed 11 years ago

Show compatibility error if an add-on uses URI_SAFE_FOR_UNTRUSTED_CONTENT

Categories

(addons.mozilla.org Graveyard :: Compatibility Tools, defect)

Product:
addons.mozilla.org Graveyard
Component:
Compatibility Tools
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
2013-07-18

People

(Reporter: jorgev, Assigned: basta)

Details

(Whiteboard: [fx23]) 

As explained in bug 851586 (security bug), add-ons that use URI_SAFE_FOR_UNTRUSTED_CONTENT will have some limitations with what they can do with their about: pages. We need to flag all instances of this constant and show an error.

This is a compatibility error, so the add-on should not be upgraded in this case.

Message:

URI_SAFE_FOR_UNTRUSTED_CONTENT can now only be used if your about: page only has unprivileged HTML code. It can't be used with XUL code anymore. We recommend that you stop using the URI_SAFE_FOR_UNTRUSTED_CONTENT flag entirely. See <LINK> for more information.

Link: https://developer.mozilla.org/en-US/docs/XPCOM_Interface_Reference/nsIAboutModule

Affected add-on:

https://addons.mozilla.org/firefox/addon/downthemall/
https://github.com/mozilla/amo-validator/commit/8adf5827ddd81a8ce450e33f79dd2208bc59012c
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.