Bug 1213919 - Need to use a 'permitted-list' for handling certificates when opening signed packages for reviewers r=ferjm
authorFabrice Desré <fabrice@mozilla.com>
Tue, 13 Oct 2015 09:07:10 -0700
changeset 267442 c80eaf2d0f2254d8b59ffe3a636ab6532de658c4
parent 267441 0b69bb6266ba8fb57da0c3e220b230c5fd21a15f
child 267443 b484bc11af440260fc2f9422ecae146ee210622e
push id29519
push usercbook@mozilla.com
push dateWed, 14 Oct 2015 10:29:57 +0000
treeherdermozilla-central@6307530f9f1e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersferjm
bugs1213919
milestone44.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1213919 - Need to use a 'permitted-list' for handling certificates when opening signed packages for reviewers r=ferjm
b2g/app/b2g.js
dom/apps/Webapps.jsm
--- a/b2g/app/b2g.js
+++ b/b2g/app/b2g.js
@@ -1060,16 +1060,17 @@ pref("gfx.canvas.willReadFrequently.enab
 // https://bugzilla.mozilla.org/show_bug.cgi?id=965763
 pref("browser.autofocus", false);
 
 // Enable wakelock
 pref("dom.wakelock.enabled", true);
 
 // Enable webapps add-ons
 pref("dom.apps.customization.enabled", true);
+pref("dom.apps.reviewer_paths", "/reviewers/,/content/addon/review/");
 
 // New implementation to unify touch-caret and selection-carets.
 pref("layout.accessiblecaret.enabled", true);
 
 // APZ on real devices supports long tap events.
 #ifdef MOZ_WIDGET_GONK
 pref("layout.accessiblecaret.use_long_tap_injector", false);
 #endif
--- a/dom/apps/Webapps.jsm
+++ b/dom/apps/Webapps.jsm
@@ -3742,17 +3742,25 @@ this.DOMApplicationRegistry = {
       switch (aInstallOrigin) {
         case "https://marketplace.firefox.com":
           root = manifestPath.startsWith("/reviewers/")
                ? Ci.nsIX509CertDB.AppMarketplaceProdReviewersRoot
                : Ci.nsIX509CertDB.AppMarketplaceProdPublicRoot;
           break;
 
         case "https://marketplace-dev.allizom.org":
-          root = manifestPath.startsWith("/reviewers/")
+          // There are different reviewer paths for apps & addons so we keep
+          // them in a comma separated preference.
+          bool isReviewer = false;
+          try {
+            let reviewerPaths =
+              Services.prefs.getCharPref("dom.apps.reviewer_paths").split(",");
+            isReviewer = reviewerPaths.some(path => { return manifestPath.startsWith(path); });
+          } catch(e) {}
+          root = isReviewer
                ? Ci.nsIX509CertDB.AppMarketplaceDevReviewersRoot
                : Ci.nsIX509CertDB.AppMarketplaceDevPublicRoot;
           break;
 
         // The staging server uses the same certificate for both
         // public and unreviewed apps.
         case "https://marketplace.allizom.org":
           root = Ci.nsIX509CertDB.AppMarketplaceStageRoot;