Closed Bug 894938 Opened 11 years ago Closed 11 years ago

Content permission prompts don't work when prompt requestor is an iframe

Categories

(Firefox for Android Graveyard :: General, defect)

Product:
Firefox for Android Graveyard
Component:
General
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(firefox24 verified, firefox25 verified, firefox26 verified)

Status:
VERIFIED FIXED
Milestone:
Firefox 25
Tracking Flags:
Tracking Status
firefox24 --- verified
firefox25 --- verified
firefox26 --- verified

People

(Reporter: mfinkle, Assigned: gcp)

References

(
URL
)

Details

(Whiteboard: [parity-ffos][parity-desktop])

Attachments

(1 file)

Patch 1. Use window.top
1.11 KB, patch
mfinkle
: review+
bajaj
: approval-mozilla-aurora+
Details | Diff | Splinter Review 
The given URL requests permission for geolocation and notifications from an iframe, but neither display. Using the iframe URL itself (http://sjeng.org/mozilla/geo.html), both prompts display.

I think the issue is here:
http://mxr.mozilla.org/mozilla-central/source/mobile/android/components/ContentPermissionPrompt.js#61

We use request.window, which is the iframe in this case. But the lookup for the tab assumes the window is the top level DOM window. We shold use request.window.top

Testing a patch now.
Blocks: 885768
Whiteboard: [parity-ffos][parity-desktop]

        Attachment #777155 -
        Flags: review?(mark.finkle)

        Attachment #777155 -
        Flags: review?(mark.finkle) → review+

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/0126c6d7c95a
Assignee: nobody → gpascutto
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 25

    
    

    
  
Comment on attachment 777155 [details] [diff] [review]
Patch 1. Use window.top

[Approval Request Comment]
Bug caused by (feature/regressing bug #): We've had this for ages.
User impact if declined: Features which require user permission won't work in iframes.
Testing completed (on m-c, etc.): Landed on m-c a few days ago.
Risk to taking this patch (and alternatives if risky): Content permission prompts might break in other situations. Given how long this bug has existed, it's not critical.

        Attachment #777155 -
        Flags: approval-mozilla-aurora?

    
    

    
  
[I'll request holding off landing Bug 885768, given the below comments are resolved]

(In reply to Gian-Carlo Pascutto (:gcp) from comment #4)
> Comment on attachment 777155 [details] [diff] [review]
> Patch 1. Use window.top
> 
> [Approval Request Comment]
> Bug caused by (feature/regressing bug #): We've had this for ages.
> User impact if declined: Features which require user permission won't work
> in iframes.
> Testing completed (on m-c, etc.): Landed on m-c a few days ago.
> Risk to taking this patch (and alternatives if risky): Content permission
> prompts might break in other situations.
If we can identify the situations and help QA with a test plan then I think this is OK to uplift with that confidence.Else looks like there is a chance we may regress something more important than this once this lands given the risk here ? Can you help identify those cases ? Else this should ride the trains given how long this bug has been there as you suggest.
> Given how long this bug has
> existed, it's not critical.

    
    

    
  
>If we can identify the situations and help QA with a test plan then I think this is OK to uplift with that confidence.

I don't know of any such situations - if I did I would've fixed them in the first place! I simply tried to identify the worst possible outcome here. So to clarify: to the best of our knowledge this patch fixes something without breaking anything. However, we're known to be fallible so the worst possible thing that could happen is...

    
    

    
  
needinfo'ing finkle to get his insight here :

mfinkle I was considering this as this blocks 885768, but given the risk based on comment#5/6, how do you feel about landing these on trains given they are edge-casey based on my read of the bugs or is there a product push to have them which would be the only reason for consideration ?
Flags: needinfo?(mark.finkle)

    
    

    
  
bhavana - I think the risk with this patch is really low. I feel comfortable with taking it on Aurora. I have a hard time coming up with possible regressions. It might be possible that the fix is not 100% complete (although I think this fixes all cases I can think of right now), but I can't see how this would make the current functionality any worse.

You have my blessing for uplift.
Flags: needinfo?(mark.finkle)

        Attachment #777155 -
        Flags: approval-mozilla-aurora? → approval-mozilla-aurora+

    
    

    
  
verified on:
Galaxy Nexus - Android 4.3
Firefox 24.0b2
Firefox 25.0a2 
Firefox  26.0a1

          status-firefox24:
          fixedverified

          status-firefox25:
          fixedverified

          status-firefox26:
          --- → verified

    
  
Status: RESOLVED → VERIFIED
Product: Firefox for Android → Firefox for Android Graveyard

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: