Closed Bug 911573 Opened 11 years ago Closed 10 years ago

Remove UniversalXPConnect exemption from the access check for Components

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: emk, Assigned: emk)

References

(Blocks 1 open bug)

Details

Attachments

(5 files)

Mochitest fixup
275.70 KB, patch
bholley
: review+
Details | Diff | Splinter Review
Enable and use specialpowers in jsreftest
5.44 KB, patch
terrence
: review+
bholley
: review+
Details | Diff | Splinter Review
Stablize the pointerlock test
2.15 KB, patch
smaug
: review+
Details | Diff | Splinter Review
The main patch
937 bytes, patch
bholley
: review+
Details | Diff | Splinter Review
Not yet landed part (passwordmgr/prompt)
36.49 KB, patch
Details | Diff | Splinter Review
Attached patch Mochitest fixupSplinter Review
I'm astonished so many tests still depend on Components-in-content.
Attachment #798292 - Flags: review?(bobbyholley+bmo)
Attachment #798293 - Flags: review?(terrence)
On OS X, mousemove events are somehow fired twice before the pointer lock is granted.
Attachment #798294 - Flags: review?(bugs)
Attached patch The main patchSplinter Review
Try results: https://tbpl.mozilla.org/?tree=Try&rev=d4b2a9b609df https://tbpl.mozilla.org/?tree=Try&rev=8b0eb89d2108
Assignee: nobody → VYV03354
Status: NEW → ASSIGNED
Attachment #798295 - Flags: review?(bobbyholley+bmo)
Attachment #798294 - Flags: review?(bugs) → review+
Depends on: 641829
Depends on: 715588
Comment on attachment 798293 [details] [diff] [review] Enable and use specialpowers in jsreftest Review of attachment 798293 [details] [diff] [review]: ----------------------------------------------------------------- Thank you for doing this, it looks like a nice improvement! But, I have no idea at all how this should work, or even who would know how it should work, so I'm going to punt on reviewing the semantics of the change. It's browser security related, so I'm guessing Bobby will at least know who to send this to. For what it's worth, I can't see any non-semantics issues with it, so r=me on that.
Attachment #798293 - Flags: review?(terrence)
Attachment #798293 - Flags: review?(bobbyholley+bmo)
Attachment #798293 - Flags: review+
Comment on attachment 798292 [details] [diff] [review] Mochitest fixup Review of attachment 798292 [details] [diff] [review]: ----------------------------------------------------------------- Holy Cow! This is incredible. As someone who's spent countless hours removing this crap from our test suite, I'm extremely impressed and appreciative. It must have been a ton of work. ::: content/base/test/test_bug424359-1.html @@ +49,5 @@ > message); > } > > function testHtmlSerializer_1 () { > + const de = SpecialPowers.Ci.nsIDocumentEncoder Needs a |;|, though to be fair the issue was pre-existing. ::: content/base/test/test_bug424359-2.html @@ +49,5 @@ > message); > } > > function testHtmlSerializer_1 () { > + const de = SpecialPowers.Ci.nsIDocumentEncoder same. ::: content/base/test/test_bug498433.html @@ +48,5 @@ > message); > } > > function testHtmlSerializer_1 () { > + const de = SpecialPowers.Ci.nsIDocumentEncoder same ::: content/base/test/test_bug541937.html @@ +20,5 @@ > <pre id="test"> > <script class="testbody" type="text/javascript"> > > function testSerializer () { > + const de = SpecialPowers.Ci.nsIDocumentEncoder same ::: toolkit/components/passwordmgr/test/test_basic_form_observer_autocomplete.html @@ +91,5 @@ > is($_(2, "uname").value, "testuser", "Checking for filled username 2"); > is($_(2, "pword").value, "testpass", "Checking for filled password 2"); > > // Remove the observer > + //os.removeObserver(TestObserver, "passwordmgr-found-form"); Hm, why do we stop removing the observer here? Won't that cause us to leak? ::: toolkit/components/passwordmgr/test/test_basic_form_observer_autofillForms.html @@ +95,5 @@ > SpecialPowers.setBoolPref("signon.autofillForms", true); > > // Remove the observer > + //os.removeObserver(TestObserver, "passwordmgr-found-form"); > + //os.removeObserver(TestObserver, "passwordmgr-found-logins"); same here. ::: toolkit/components/passwordmgr/test/test_basic_form_observer_foundLogins.html @@ +174,5 @@ > // was set to false (didntFillReason == noAutofillForms) is done in > // test_basic_form_observer_autofillForms.html. > > // Remove the observer > + //os.removeObserver(TestObserver, "passwordmgr-found-logins"); and here. ::: toolkit/components/prompts/test/test_bug620145.html @@ +76,5 @@ > e = document.createEvent("MouseEvent"); > e.initEvent(type, false, false, win, 0, 1, 1, 1, 1, > false, false, false, false, 0, null); > var utils = SpecialPowers.getDOMWindowUtils(win); > + netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect'); Hm, why do we need this?
Attachment #798292 - Flags: review?(bobbyholley+bmo) → review+
Attachment #798293 - Flags: review?(bobbyholley+bmo) → review+
Comment on attachment 798295 [details] [diff] [review] The main patch Review of attachment 798295 [details] [diff] [review]: ----------------------------------------------------------------- \o/
Attachment #798295 - Flags: review?(bobbyholley+bmo) → review+
How many calls to enablePrivilege does the first patch remove, btw? I'm curious how far this takes us towards eliminating it entirely.
(In reply to Bobby Holley (:bholley) from comment #5) > ::: > toolkit/components/passwordmgr/test/test_basic_form_observer_autocomplete. > html > @@ +91,5 @@ > > is($_(2, "uname").value, "testuser", "Checking for filled username 2"); > > is($_(2, "pword").value, "testpass", "Checking for filled password 2"); > > > > // Remove the observer > > + //os.removeObserver(TestObserver, "passwordmgr-found-form"); > > Hm, why do we stop removing the observer here? Won't that cause us to leak? removeObserver threw a cryptic error when I replaced enablePrivilege with SpecialPowers. > ::: toolkit/components/prompts/test/test_bug620145.html > @@ +76,5 @@ > > e = document.createEvent("MouseEvent"); > > e.initEvent(type, false, false, win, 0, 1, 1, 1, 1, > > false, false, false, false, 0, null); > > var utils = SpecialPowers.getDOMWindowUtils(win); > > + netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect'); > > Hm, why do we need this? The test couldn't press the button in the alert without adding this. (Looks like the timeout handler was not executed at all during the alert.) I'll remove passwordmgr and prompt changes for now, beause I can't land the final patch anyway until Talos is fixed. It would be meaningful to reduce the copy & paste source. (In reply to Bobby Holley (:bholley) from comment #7) > How many calls to enablePrivilege does the first patch remove, btw? I'm > curious how far this takes us towards eliminating it entirely. Removed 174 enablePrivilege calls :), added one call :( (The count may be inaccurate because I counted it manually.)
(In reply to Masatoshi Kimura [:emk] from comment #8) > (In reply to Bobby Holley (:bholley) from comment #5) > > ::: > > toolkit/components/passwordmgr/test/test_basic_form_observer_autocomplete. > > html > > @@ +91,5 @@ > > > is($_(2, "uname").value, "testuser", "Checking for filled username 2"); > > > is($_(2, "pword").value, "testpass", "Checking for filled password 2"); > > > > > > // Remove the observer > > > + //os.removeObserver(TestObserver, "passwordmgr-found-form"); > > > > Hm, why do we stop removing the observer here? Won't that cause us to leak? > > removeObserver threw a cryptic error when I replaced enablePrivilege with > SpecialPowers. I think we should figure that out before landing. As it stands, this change will cause us to leak this dom window for the entire test run. > > > ::: toolkit/components/prompts/test/test_bug620145.html > > @@ +76,5 @@ > > > e = document.createEvent("MouseEvent"); > > > e.initEvent(type, false, false, win, 0, 1, 1, 1, 1, > > > false, false, false, false, 0, null); > > > var utils = SpecialPowers.getDOMWindowUtils(win); > > > + netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect'); > > > > Hm, why do we need this? > > The test couldn't press the button in the alert without adding this. (Looks > like the timeout handler was not executed at all during the alert.) Hm, you could try using a different API to simulate the activity. I think we have a couple of different ways of doing this. > (In reply to Bobby Holley (:bholley) from comment #7) > Removed 174 enablePrivilege calls :), added one call :( > (The count may be inaccurate because I counted it manually.) That's over 1/3 of the total in-tree enablePrivilege calls. Huzzah!
Depends on: 913494
Depends on: 913853
The "Not yet landed part (passwordmgr/prompt)" patch probably doesn't apply anymore and I think a couple more enablePrivilege calls have been removed. Masatoshi, what still needs to be done in this bug? > removeObserver threw a cryptic error when I replaced enablePrivilege with SpecialPowers. I guess this was the part where you were stuck? And what the "Not yet landed part (passwordmgr/prompt)" patch is about? I filed bug 1149966 for removing the remaining enablePrivilege calls in mochitest.
Blocks: 984012
Flags: needinfo?(VYV03354)
I didn't investigate it further. Probably it's better to track the remaining removals on bug 1149966.
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Flags: needinfo?(VYV03354)
Resolution: --- → FIXED
Whiteboard: [leave open]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: