| author | Fabrice Desré <fabrice@mozilla.com> |
| Fri, 21 Aug 2015 10:00:54 -0700 | |
| changeset 258681 | de921857f45204056731cf26407ce2d55cbcc9b6 |
| parent 258680 | 9b7811028a40a67543d320a4fc3b6642518d32d6 |
| child 258682 | 241bc7a9edd25aedcf84febbe7a1ecf46f75fa04 |
| push id | 29261 |
| push user | ryanvm@gmail.com |
| push date | Sun, 23 Aug 2015 19:00:26 +0000 |
| treeherder | mozilla-central@c061dd1cf8dc [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | gwagner |
| bugs | 1196988 |
| milestone | 43.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/b2g/app/b2g.js +++ b/b2g/app/b2g.js @@ -431,18 +431,16 @@ pref("content.ime.strict_policy", true); // $ adb shell stop // $ adb shell setprop log.redirect-stdio true // $ adb shell start pref("browser.dom.window.dump.enabled", false); // Default Content Security Policy to apply to certified apps. // If you change this CSP, make sure to update the fast path in nsCSPService.cpp pref("security.apps.certified.CSP.default", "default-src * data: blob:; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline' app://theme.gaiamobile.org"); -// Default Content Security Policy to apply to trusted apps. -pref("security.apps.trusted.CSP.default", "default-src * data: blob:; object-src 'none'; frame-src 'none'"); // handle links targeting new windows // 1=current window/tab, 2=new window, 3=new tab in most recent window pref("browser.link.open_newwindow", 3); // 0: no restrictions - divert everything // 1: don't divert window.open at all // 2: don't divert window.open with features
--- a/browser/devtools/app-manager/app-validator.js +++ b/browser/devtools/app-manager/app-validator.js @@ -245,17 +245,17 @@ AppValidator.prototype.validateLaunchPat deferred.resolve(); } return deferred.promise; }; AppValidator.prototype.validateType = function (manifest) { let appType = manifest.type || "web"; - if (["web", "trusted", "privileged", "certified"].indexOf(appType) === -1) { + if (["web", "privileged", "certified"].indexOf(appType) === -1) { this.error(strings.formatStringFromName("validator.invalidAppType", [appType], 1)); } else if (this.type == "hosted" && ["certified", "privileged"].indexOf(appType) !== -1) { this.error(strings.formatStringFromName("validator.invalidHostedPriviledges", [appType], 1)); } // certified app are not fully supported on the simulator if (appType === "certified") {
--- a/dom/apps/AppsUtils.jsm +++ b/dom/apps/AppsUtils.jsm @@ -21,18 +21,17 @@ XPCOMUtils.defineLazyModuleGetter(this, XPCOMUtils.defineLazyModuleGetter(this, "NetUtil", "resource://gre/modules/NetUtil.jsm"); XPCOMUtils.defineLazyServiceGetter(this, "appsService", "@mozilla.org/AppsService;1", "nsIAppsService"); -// Shared code for AppsServiceChild.jsm, TrustedHostedAppsUtils.jsm, -// Webapps.jsm and Webapps.js +// Shared code for AppsServiceChild.jsm, Webapps.jsm and Webapps.js this.EXPORTED_SYMBOLS = ["AppsUtils", "ManifestHelper", "isAbsoluteURI", "mozIApplication"]; function debug(s) { //dump("-*- AppsUtils.jsm: " + s + "\n"); } @@ -295,19 +294,17 @@ this.AppsUtils = { switch (app.appStatus) { case Ci.nsIPrincipal.APP_STATUS_CERTIFIED: return Services.prefs.getCharPref("security.apps.certified.CSP.default"); break; case Ci.nsIPrincipal.APP_STATUS_PRIVILEGED: return Services.prefs.getCharPref("security.apps.privileged.CSP.default"); break; case Ci.nsIPrincipal.APP_STATUS_INSTALLED: - return app.kind == "hosted-trusted" - ? Services.prefs.getCharPref("security.apps.trusted.CSP.default") - : ""; + return ""; break; } } catch(e) {} } } return "default-src 'self'; object-src 'none'"; }, @@ -600,17 +597,16 @@ this.AppsUtils = { * @param object aManifest * @returns integer **/ getAppManifestStatus: function getAppManifestStatus(aManifest) { let type = aManifest.type || "web"; switch(type) { case "web": - case "trusted": return Ci.nsIPrincipal.APP_STATUS_INSTALLED; case "privileged": return Ci.nsIPrincipal.APP_STATUS_PRIVILEGED; case "certified": return Ci.nsIPrincipal.APP_STATUS_CERTIFIED; default: throw new Error("Webapps.jsm: Undetermined app manifest type"); }
--- a/dom/apps/PermissionsInstaller.jsm +++ b/dom/apps/PermissionsInstaller.jsm @@ -102,19 +102,16 @@ this.PermissionsInstaller = { case Ci.nsIPrincipal.APP_STATUS_CERTIFIED: appStatus = "certified"; break; case Ci.nsIPrincipal.APP_STATUS_PRIVILEGED: appStatus = "privileged"; break; case Ci.nsIPrincipal.APP_STATUS_INSTALLED: appStatus = "app"; - if (aApp.kind == "hosted-trusted") { - appStatus = "trusted"; - } break; default: // Cannot determine app type, abort install by throwing an error. throw new Error("PermissionsInstaller.jsm: " + "Cannot determine the app's status. Install cancelled."); break; }
--- a/dom/apps/PermissionsTable.jsm +++ b/dom/apps/PermissionsTable.jsm @@ -30,557 +30,470 @@ const PROMPT_ACTION = Ci.nsIPermissionMa // Permissions Matrix: https://docs.google.com/spreadsheet/ccc?key=0Akyz_Bqjgf5pdENVekxYRjBTX0dCXzItMnRyUU1RQ0E#gid=0 // Permissions that are implicit: // battery-status, network-information, vibration, // device-capabilities this.PermissionsTable = { geolocation: { app: PROMPT_ACTION, - trusted: PROMPT_ACTION, privileged: PROMPT_ACTION, certified: PROMPT_ACTION }, "geolocation-noprompt": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION, substitute: ["geolocation"] }, camera: { app: DENY_ACTION, - trusted: PROMPT_ACTION, privileged: PROMPT_ACTION, certified: ALLOW_ACTION }, alarms: { app: ALLOW_ACTION, - trusted: ALLOW_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "tcp-socket": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "udp-socket": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "network-events": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, contacts: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: PROMPT_ACTION, certified: ALLOW_ACTION, access: ["read", "write", "create"] }, "device-storage:apps": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION, access: ["read"] }, "device-storage:crashes": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION, access: ["read"] }, "device-storage:pictures": { app: DENY_ACTION, - trusted: PROMPT_ACTION, privileged: PROMPT_ACTION, certified: ALLOW_ACTION, access: ["read", "write", "create"] }, "device-storage:videos": { app: DENY_ACTION, - trusted: PROMPT_ACTION, privileged: PROMPT_ACTION, certified: ALLOW_ACTION, access: ["read", "write", "create"] }, "device-storage:music": { app: DENY_ACTION, - trusted: PROMPT_ACTION, privileged: PROMPT_ACTION, certified: ALLOW_ACTION, access: ["read", "write", "create"] }, "device-storage:sdcard": { app: DENY_ACTION, - trusted: PROMPT_ACTION, privileged: PROMPT_ACTION, certified: ALLOW_ACTION, access: ["read", "write", "create"] }, sms: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, telephony: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, browser: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "browser:universalxss": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, bluetooth: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, mobileconnection: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, mobilenetwork: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, power: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, push: { app: ALLOW_ACTION, - trusted: ALLOW_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, settings: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION, access: ["read", "write"], additional: ["indexedDB-chrome-settings", "settings-api"] }, // This exists purely for tests, no app // should ever use it. It can only be // handed out by SpecialPowers. "settings-clear": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: DENY_ACTION, additional: ["indexedDB-chrome-settings", "settings-api"] }, permissions: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, phonenumberservice: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, fmradio: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, attention: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "global-clickthrough-overlay": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "moz-attention": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION, substitute: ["attention"] }, "webapps-manage": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "homescreen-webapps-manage": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "backgroundservice": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "desktop-notification": { app: ALLOW_ACTION, - trusted: ALLOW_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "networkstats-manage": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "resourcestats-manage": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "wifi-manage": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "systemXHR": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "voicemail": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "idle": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "time": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "embed-apps": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "embed-widgets": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "background-sensors": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, cellbroadcast: { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "audio-channel-normal": { app: ALLOW_ACTION, - trusted: ALLOW_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "audio-channel-content": { app: ALLOW_ACTION, - trusted: ALLOW_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "audio-channel-notification": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "audio-channel-alarm": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "audio-channel-system": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "audio-channel-telephony": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "moz-audio-channel-telephony": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION, substitute: ["audio-channel-telephony"] }, "audio-channel-ringer": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "moz-audio-channel-ringer": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION, substitute: ["audio-channel-ringer"] }, "audio-channel-publicnotification": { app: DENY_ACTION, - trusted: ALLOW_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "open-remote-window": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "input": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "input-manage": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "wappush": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "audio-capture": { app: PROMPT_ACTION, - trusted: PROMPT_ACTION, privileged: PROMPT_ACTION, certified: ALLOW_ACTION }, "audio-capture:3gpp": { - app: DENY_ACTION, - trusted: DENY_ACTION, - privileged: ALLOW_ACTION, - certified: ALLOW_ACTION - }, - "nfc": { app: DENY_ACTION, - trusted: DENY_ACTION, + privileged: ALLOW_ACTION, + certified: ALLOW_ACTION + }, + "nfc": { + app: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "nfc-share": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "nfc-manager": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "nfc-hci-events": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "speaker-control": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "downloads": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "video-capture": { app: PROMPT_ACTION, - trusted: PROMPT_ACTION, privileged: PROMPT_ACTION, certified: ALLOW_ACTION }, "feature-detection": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "mobileid": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: PROMPT_ACTION, certified: PROMPT_ACTION }, // This permission doesn't actually grant access to // anything. It exists only to check the correctness // of web prompt composed permissions in tests. "test-permission": { app: PROMPT_ACTION, - trusted: PROMPT_ACTION, privileged: PROMPT_ACTION, certified: ALLOW_ACTION, access: ["read", "write", "create"] }, "firefox-accounts": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "moz-firefox-accounts": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: PROMPT_ACTION, certified: ALLOW_ACTION, substitute: ["firefox-accounts"] - }, + }, "themeable": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "settings:wallpaper.image": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION, access: ["read", "write"], additional: ["settings-api"] }, "engineering-mode": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "tv": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "before-after-keyboard-event": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "presentation-device-manage": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "requestsync-manager": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "secureelement-manage": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "inputport": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "external-app": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "system-update": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, "presentation": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: ALLOW_ACTION, certified: ALLOW_ACTION }, "open-hidden-window": { app: DENY_ACTION, - trusted: DENY_ACTION, privileged: DENY_ACTION, certified: ALLOW_ACTION }, }; /** * Append access modes to the permission name as suffixes. * e.g. permission name 'contacts' with ['read', 'write'] = @@ -723,17 +636,17 @@ this.isExplicitInPermissionsTable = func switch (aIntStatus) { case Ci.nsIPrincipal.APP_STATUS_CERTIFIED: appStatus = "certified"; break; case Ci.nsIPrincipal.APP_STATUS_PRIVILEGED: appStatus = "privileged"; break; default: // If it isn't certified or privileged, it's app - appStatus = aAppKind == "hosted-trusted" ? "trusted" : "app"; + appStatus = "app"; break; } let realPerm = PermissionsReverseTable[aPermName]; if (realPerm) { return (PermissionsTable[realPerm][appStatus] == Ci.nsIPermissionManager.PROMPT_ACTION);
--- a/dom/apps/StoreTrustAnchor.jsm +++ b/dom/apps/StoreTrustAnchor.jsm @@ -11,18 +11,16 @@ this.EXPORTED_SYMBOLS = [ "TrustedRootCertificate" ]; const APP_TRUSTED_ROOTS= ["AppMarketplaceProdPublicRoot", "AppMarketplaceProdReviewersRoot", "AppMarketplaceDevPublicRoot", "AppMarketplaceDevReviewersRoot", "AppMarketplaceStageRoot", - "TrustedHostedAppPublicRoot", - "TrustedHostedAppTestRoot", "AppXPCShellRoot"]; this.TrustedRootCertificate = { _index: Ci.nsIX509CertDB.AppMarketplaceProdPublicRoot, get index() { return this._index; }, set index(aIndex) {
deleted file mode 100644 --- a/dom/apps/TrustedHostedAppsUtils.jsm +++ /dev/null @@ -1,281 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this file, - * You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* global Components, Services, dump, AppsUtils, NetUtil, XPCOMUtils */ - -"use strict"; - -const Cu = Components.utils; -const Cc = Components.classes; -const Ci = Components.interfaces; -const Cr = Components.results; -const signatureFileExtension = ".sig"; - -this.EXPORTED_SYMBOLS = ["TrustedHostedAppsUtils"]; - -Cu.import("resource://gre/modules/AppsUtils.jsm"); -Cu.import("resource://gre/modules/Promise.jsm"); -Cu.import("resource://gre/modules/Services.jsm"); -Cu.import("resource://gre/modules/XPCOMUtils.jsm"); - -XPCOMUtils.defineLazyModuleGetter(this, "NetUtil", - "resource://gre/modules/NetUtil.jsm"); - -#ifdef MOZ_WIDGET_ANDROID -// On Android, define the "debug" function as a binding of the "d" function -// from the AndroidLog module so it gets the "debug" priority and a log tag. -// We always report debug messages on Android because it's unnecessary -// to restrict reporting, per bug 1003469. -let debug = Cu - .import("resource://gre/modules/AndroidLog.jsm", {}) - .AndroidLog.d.bind(null, "TrustedHostedAppsUtils"); -#else -// Elsewhere, report debug messages only if dom.mozApps.debug is set to true. -// The pref is only checked once, on startup, so restart after changing it. -let debug = Services.prefs.getBoolPref("dom.mozApps.debug") ? - aMsg => dump("-*- TrustedHostedAppsUtils.jsm : " + aMsg + "\n") : - () => {}; -#endif - -/** - * Verification functions for Trusted Hosted Apps. - */ -this.TrustedHostedAppsUtils = { - - /** - * Check if the given host is pinned in the CA pinning database. - */ - isHostPinned: function (aUrl) { - let uri; - try { - uri = Services.io.newURI(aUrl, null, null); - } catch(e) { - debug("Host parsing failed: " + e); - return false; - } - - // TODO: use nsSiteSecurityService.isSecureURI() - if (!uri.host || "https" != uri.scheme) { - return false; - } - - // Check certificate pinning - let siteSecurityService; - try { - siteSecurityService = Cc["@mozilla.org/ssservice;1"] - .getService(Ci.nsISiteSecurityService); - } catch (e) { - debug("nsISiteSecurityService error: " + e); - // unrecoverable error, don't bug the user - throw "CERTDB_ERROR"; - } - - if (siteSecurityService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, - uri.host, 0)) { - debug("\tvalid certificate pinning for host: " + uri.host + "\n"); - return true; - } - - debug("\tHost NOT pinned: " + uri.host + "\n"); - return false; - }, - - /** - * Take a CSP policy string as input and ensure that it contains at - * least the directives that are required ('script-src' and - * 'style-src'). If the CSP policy string is 'undefined' or does - * not contain some of the required csp directives the function will - * return empty list with status set to false. Otherwise a parsed - * list of the unique sources listed from the required csp - * directives is returned. - */ - getCSPWhiteList: function(aCsp) { - let isValid = false; - let whiteList = []; - let requiredDirectives = [ "script-src", "style-src" ]; - - if (aCsp) { - let validDirectives = []; - let directives = aCsp.split(";"); - // TODO: Use nsIContentSecurityPolicy - directives - .map(aDirective => aDirective.trim().split(" ")) - .filter(aList => aList.length > 1) - // we only restrict on requiredDirectives - .filter(aList => (requiredDirectives.indexOf(aList[0]) != -1)) - .forEach(aList => { - // aList[0] contains the directive name. - // aList[1..n] contains sources. - let directiveName = aList.shift(); - let sources = aList; - - if ((-1 == validDirectives.indexOf(directiveName))) { - validDirectives.push(directiveName); - } - whiteList.push(...sources.filter( - // 'self' is checked separately during manifest check - aSource => (aSource !="'self'" && whiteList.indexOf(aSource) == -1) - )); - }); - - // Check if all required directives are present. - isValid = requiredDirectives.length === validDirectives.length; - - if (!isValid) { - debug("White list doesn't contain all required directives!"); - whiteList = []; - } - } - - debug("White list contains " + whiteList.length + " hosts"); - return { list: whiteList, valid: isValid }; - }, - - /** - * Verify that the given csp is valid: - * 1. contains required directives "script-src" and "style-src" - * 2. required directives contain only "https" URLs - * 3. domains of the restricted sources exist in the CA pinning database - */ - verifyCSPWhiteList: function(aCsp) { - let domainWhitelist = this.getCSPWhiteList(aCsp); - if (!domainWhitelist.valid) { - debug("TRUSTED_APPLICATION_WHITELIST_PARSING_FAILED"); - return false; - } - - if (!domainWhitelist.list.every(aUrl => this.isHostPinned(aUrl))) { - debug("TRUSTED_APPLICATION_WHITELIST_VALIDATION_FAILED"); - return false; - } - - return true; - }, - - _verifySignedFile: function(aManifestStream, aSignatureStream, aCertDb) { - let deferred = Promise.defer(); - - let root = Ci.nsIX509CertDB.TrustedHostedAppPublicRoot; - try { - // Check if we should use the test certificates. - // Please note that this should be changed if we ever allow chages to the - // prefs since that would create a way for an attacker to use the test - // root for real apps. - let useTrustedAppTestCerts = Services.prefs - .getBoolPref("dom.mozApps.use_trustedapp_test_certs"); - if (useTrustedAppTestCerts) { - root = Ci.nsIX509CertDB.TrustedHostedAppTestRoot; - } - } catch (ex) { } - - aCertDb.verifySignedManifestAsync( - root, aManifestStream, aSignatureStream, - function(aRv, aCert) { - debug("Signature verification returned code, cert & root: " + aRv + " " + aCert + " " + root); - if (Components.isSuccessCode(aRv)) { - deferred.resolve(aCert); - } else if (aRv == Cr.NS_ERROR_FILE_CORRUPTED || - aRv == Cr.NS_ERROR_SIGNED_MANIFEST_FILE_INVALID) { - deferred.reject("MANIFEST_SIGNATURE_FILE_INVALID"); - } else { - deferred.reject("MANIFEST_SIGNATURE_VERIFICATION_ERROR"); - } - } - ); - - return deferred.promise; - }, - - verifySignedManifest: function(aApp, aAppId) { - let deferred = Promise.defer(); - - let certDb; - try { - certDb = Cc["@mozilla.org/security/x509certdb;1"] - .getService(Ci.nsIX509CertDB); - } catch (e) { - debug("nsIX509CertDB error: " + e); - // unrecoverable error, don't bug the user - throw "CERTDB_ERROR"; - } - - let principal = Services.scriptSecurityManager.getAppCodebasePrincipal( - aApp.origin, aApp.localId, false); - - let mRequestChannel = NetUtil.newChannel({ - uri: aApp.manifestURL, - loadingPrincipal: principal, - contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER} - ).QueryInterface(Ci.nsIHttpChannel); - mRequestChannel.loadFlags |= Ci.nsIRequest.INHIBIT_CACHING; - mRequestChannel.notificationCallbacks = - AppsUtils.createLoadContext(aAppId, false); - - // The manifest signature must be located at the same path as the - // manifest and have the same file name, only the file extension - // should differ. Any fragment or query parameter will be ignored. - let signatureURL; - try { - let mURL = Cc["@mozilla.org/network/io-service;1"] - .getService(Ci.nsIIOService) - .newURI(aApp.manifestURL, null, null) - .QueryInterface(Ci.nsIURL); - signatureURL = mURL.prePath + - mURL.directory + mURL.fileBaseName + signatureFileExtension; - } catch(e) { - deferred.reject("SIGNATURE_PATH_INVALID"); - return; - } - - let sRequestChannel = NetUtil.newChannel({ - uri: signatureURL, - loadingPrincipal: principal, - contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER} - ).QueryInterface(Ci.nsIHttpChannel); - sRequestChannel.loadFlags |= Ci.nsIRequest.INHIBIT_CACHING; - sRequestChannel.notificationCallbacks = - AppsUtils.createLoadContext(aAppId, false); - let getAsyncFetchCallback = (resolve, reject) => - (aInputStream, aResult) => { - if (!Components.isSuccessCode(aResult)) { - debug("Failed to download file"); - reject("MANIFEST_FILE_UNAVAILABLE"); - return; - } - resolve(aInputStream); - }; - - Promise.all([ - new Promise((resolve, reject) => { - NetUtil.asyncFetch(mRequestChannel, - getAsyncFetchCallback(resolve, reject)); - }), - new Promise((resolve, reject) => { - NetUtil.asyncFetch(sRequestChannel, - getAsyncFetchCallback(resolve, reject)); - }) - ]).then(([aManifestStream, aSignatureStream]) => { - this._verifySignedFile(aManifestStream, aSignatureStream, certDb) - .then(deferred.resolve, deferred.reject); - }, deferred.reject); - - return deferred.promise; - }, - - verifyManifest: function(aApp, aAppId, aManifest) { - return new Promise((resolve, reject) => { - // sanity check on manifest host's CA (proper CA check with - // pinning is done by regular networking code) - if (!this.isHostPinned(aApp.manifestURL)) { - reject("TRUSTED_APPLICATION_HOST_CERTIFICATE_INVALID"); - return; - } - if (!this.verifyCSPWhiteList(aManifest.csp)) { - reject("TRUSTED_APPLICATION_WHITELIST_VALIDATION_FAILED"); - return; - } - this.verifySignedManifest(aApp, aAppId).then(resolve, reject); - }); - } -};
--- a/dom/apps/Webapps.jsm +++ b/dom/apps/Webapps.jsm @@ -80,19 +80,16 @@ XPCOMUtils.defineLazyModuleGetter(this, "resource://gre/modules/NetUtil.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "ScriptPreloader", "resource://gre/modules/ScriptPreloader.jsm"); XPCOMUtils.defineLazyModuleGetter(this, "Langpacks", "resource://gre/modules/Langpacks.jsm"); -XPCOMUtils.defineLazyModuleGetter(this, "TrustedHostedAppsUtils", - "resource://gre/modules/TrustedHostedAppsUtils.jsm"); - XPCOMUtils.defineLazyModuleGetter(this, "ImportExport", "resource://gre/modules/ImportExport.jsm"); #ifdef MOZ_WIDGET_GONK XPCOMUtils.defineLazyGetter(this, "libcutils", function() { Cu.import("resource://gre/modules/systemlibs.js"); return libcutils; }); @@ -186,17 +183,16 @@ XPCOMUtils.defineLazyGetter(this, "permM // store even by error. const STORE_ID_PENDING_PREFIX = "#unknownID#"; this.DOMApplicationRegistry = { // pseudo-constants for the different application kinds. get kPackaged() "packaged", get kHosted() "hosted", get kHostedAppcache() "hosted-appcache", - get kTrustedHosted() "hosted-trusted", // Path to the webapps.json file where we store the registry data. appsFile: null, webapps: { }, allAppsLaunchable: false, _updateHandlers: [ ], _pendingUninstalls: {}, _contentActions: new Map(), @@ -461,19 +457,17 @@ this.DOMApplicationRegistry = { }), appKind: function(aApp, aManifest) { if (aApp.origin.startsWith("app://")) { return this.kPackaged; } else { // Hosted apps, can be appcached or not. let kind = this.kHosted; - if (aManifest.type == "trusted") { - kind = this.kTrustedHosted; - } else if (aManifest.appcache_path) { + if (aManifest.appcache_path) { kind = this.kHostedAppcache; } return kind; } }, updatePermissionsForApp: function(aId, aIsPreinstalled) { if (!this.webapps[aId]) { @@ -1585,34 +1579,16 @@ this.DOMApplicationRegistry = { // Fire an error when trying to launch an app that is not // yet fully installed. if (app.installState == "pending") { aOnFailure("PENDING_APP_NOT_LAUNCHABLE"); return; } - // Check if launching trusted hosted app - if (this.kTrustedHosted == app.kind) { - debug("Launching Trusted Hosted App!"); - // sanity check on manifest host's CA - // (proper CA check with pinning is done by regular networking code) - if (!TrustedHostedAppsUtils.isHostPinned(aManifestURL)) { - debug("Trusted App Host certificate Not OK"); - aOnFailure("TRUSTED_APPLICATION_HOST_CERTIFICATE_INVALID"); - return; - } - - debug("Trusted App Host pins exist"); - if (!TrustedHostedAppsUtils.verifyCSPWhiteList(app.csp)) { - aOnFailure("TRUSTED_APPLICATION_WHITELIST_VALIDATION_FAILED"); - return; - } - } - // We have to clone the app object as nsIDOMApplication objects are // stringified as an empty object. (see bug 830376) let appClone = AppsUtils.cloneAppObject(app); appClone.startPoint = aStartPoint; appClone.timestamp = aTimeStamp; Services.obs.notifyObservers(null, "webapps-launch", JSON.stringify(appClone)); aOnSuccess(); }, @@ -1924,19 +1900,17 @@ this.DOMApplicationRegistry = { MessageBroadcaster.broadcastMessage("Webapps:FireEvent", { eventType: "downloadapplied", manifestURL: app.manifestURL }); }), startOfflineCacheDownload: function(aManifest, aApp, aProfileDir, aIsUpdate) { debug("startOfflineCacheDownload " + aApp.id + " " + aApp.kind); - if ((aApp.kind !== this.kHostedAppcache && - aApp.kind !== this.kTrustedHosted) || - !aManifest.appcache_path) { + if (aApp.kind !== this.kHostedAppcache || !aManifest.appcache_path) { return; } debug("startOfflineCacheDownload " + aManifest.appcache_path); // If the manifest has an appcache_path property, use it to populate the // appcache. let appcacheURI = Services.io.newURI(aManifest.fullAppcachePath(), null, null); @@ -2067,18 +2041,17 @@ this.DOMApplicationRegistry = { #ifdef MOZ_WIDGET_GONK let appDir = FileUtils.getDir("coreAppsDir", ["webapps"], false); onlyCheckAppCache = (app.basePath == appDir.path); #endif if (onlyCheckAppCache) { // Bail out for packaged apps & hosted apps without appcache. - if (aApp.kind !== this.kHostedAppcache && - aApp.kind !== this.kTrustedHosted) { + if (aApp.kind !== this.kHostedAppcache) { sendError("NOT_UPDATABLE"); return; } // We need the manifest to get the appcache path. this._readManifests([{ id: id }]).then((aResult) => { debug("Checking only appcache for " + aData.manifestURL); let manifest = aResult[0].manifest; @@ -2182,26 +2155,17 @@ this.DOMApplicationRegistry = { if (oldHash == hash) { debug("Update - oldhash"); this.updateHostedApp(aData, id, app, oldManifest, null); return; } // For hosted apps and hosted apps with appcache, use the // manifest "as is". - if (this.kTrustedHosted !== this.appKind(app, manifest)) { - this.updateHostedApp(aData, id, app, oldManifest, manifest); - return; - } - - // For trusted hosted apps, verify the manifest before - // installation. - TrustedHostedAppsUtils.verifyManifest(app, id, manifest) - .then(() => this.updateHostedApp(aData, id, app, oldManifest, manifest), - sendError); + this.updateHostedApp(aData, id, app, oldManifest, manifest); } } } else if (xhr.status == 304) { // The manifest has not changed. if (isPackage) { app.lastCheckedUpdate = Date.now(); this._saveApps().then(() => { // If the app is a packaged app, we just send a 'downloadapplied' @@ -2370,19 +2334,17 @@ this.DOMApplicationRegistry = { aApp.csp = manifest.csp || ""; aApp.updateTime = Date.now(); } // Update the registry. this.webapps[aId] = aApp; yield this._saveApps(); - if ((aApp.kind !== this.kHostedAppcache && - aApp.kind !== this.kTrustedHosted) || - !aApp.manifest.appcache_path) { + if (aApp.kind !== this.kHostedAppcache || !aApp.manifest.appcache_path) { MessageBroadcaster.broadcastMessage("Webapps:UpdateState", { app: aApp, manifest: aApp.manifest, id: aApp.id }); MessageBroadcaster.broadcastMessage("Webapps:FireEvent", { eventType: "downloadapplied", manifestURL: aApp.manifestURL, @@ -2528,22 +2490,17 @@ this.DOMApplicationRegistry = { // failure in sendError. this.pushContentAction(aData.oid); // We may already have the manifest (e.g. AutoInstall), // in which case we don't need to load it. if (app.manifest) { if (checkManifest()) { debug("Installed manifest check OK"); - if (this.kTrustedHosted !== this.appKind(app, app.manifest)) { - installApp(); - return; - } - TrustedHostedAppsUtils.verifyManifest(aData.app, aData.appId, app.manifest) - .then(installApp, sendError); + installApp(); } else { debug("Installed manifest check failed"); // checkManifest() sends error before return } return; } let xhr = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"] @@ -2561,24 +2518,17 @@ this.DOMApplicationRegistry = { sendError("INVALID_MANIFEST_CONTENT_TYPE"); return; } app.manifest = xhr.response; if (checkManifest()) { debug("Downloaded manifest check OK"); app.etag = xhr.getResponseHeader("Etag"); - if (this.kTrustedHosted !== this.appKind(app, app.manifest)) { - installApp(); - return; - } - - debug("App kind: " + this.kTrustedHosted); - TrustedHostedAppsUtils.verifyManifest(aData.app, aData.appId, app.manifest) - .then(installApp, sendError); + installApp(); return; } else { debug("Downloaded manifest check failed"); // checkManifest() sends error before return } } else { sendError("MANIFEST_URL_ERROR"); } @@ -2827,34 +2777,30 @@ this.DOMApplicationRegistry = { }, _cloneApp: function(aData, aNewApp, aLocaleManifest, aManifest, aId, aLocalId) { let appObject = AppsUtils.cloneAppObject(aNewApp); appObject.appStatus = aNewApp.appStatus || Ci.nsIPrincipal.APP_STATUS_INSTALLED; let usesAppcache = appObject.kind == this.kHostedAppcache; - if (appObject.kind == this.kTrustedHosted && aManifest.appcache_path) { - usesAppcache = true; - } if (usesAppcache) { appObject.installState = "pending"; appObject.downloadAvailable = true; appObject.downloading = true; appObject.downloadSize = 0; appObject.readyToApplyDownload = false; } else if (appObject.kind == this.kPackaged) { appObject.installState = "pending"; appObject.downloadAvailable = true; appObject.downloading = true; appObject.downloadSize = aLocaleManifest.size; appObject.readyToApplyDownload = false; - } else if (appObject.kind == this.kHosted || - appObject.kind == this.kTrustedHosted) { + } else if (appObject.kind == this.kHosted) { appObject.installState = "installed"; appObject.downloadAvailable = false; appObject.downloading = false; appObject.readyToApplyDownload = false; } else { debug("Unknown app kind: " + appObject.kind); throw Error("Unknown app kind: " + appObject.kind); } @@ -3025,19 +2971,17 @@ this.DOMApplicationRegistry = { for (let prop of ["installState", "downloadAvailable", "downloading", "downloadSize", "readyToApplyDownload"]) { aData.app[prop] = appObject[prop]; } let dontNeedNetwork = false; - if ((appObject.kind == this.kHostedAppcache || - appObject.kind == this.kTrustedHosted) && - manifest.appcache_path) { + if (appObject.kind == this.kHostedAppcache && manifest.appcache_path) { this.queuedDownload[app.manifestURL] = { manifest: manifest, app: appObject, profileDir: aProfileDir } } else if (appObject.kind == this.kPackaged) { // If it is a local app then it must been installed from a local file // instead of web.
--- a/dom/apps/moz.build +++ b/dom/apps/moz.build @@ -43,17 +43,16 @@ EXTRA_JS_MODULES += [ ] EXTRA_PP_JS_MODULES += [ 'AppsUtils.jsm', 'ImportExport.jsm', 'InterAppCommService.jsm', 'OperatorApps.jsm', 'ScriptPreloader.jsm', - 'TrustedHostedAppsUtils.jsm', 'Webapps.jsm', ] FAIL_ON_WARNINGS = True FINAL_LIBRARY = 'xul' LOCAL_INCLUDES += [
--- a/dom/apps/tests/chrome.ini +++ b/dom/apps/tests/chrome.ini @@ -3,15 +3,14 @@ skip-if = buildapp == 'b2g' || os == 'an support-files = asmjs/* file_bug_945152.html file_bug_945152.sjs [test_apps_service.xul] [test_bug_945152.html] skip-if = os != 'linux' -[test_tha_utils.html] [test_manifest_helper.xul] [test_operator_app_install.js] [test_operator_app_install.xul] # bug 928262 skip-if = os == "win" [test_packaged_app_asmjs.html]
--- a/dom/apps/tests/file_app.sjs +++ b/dom/apps/tests/file_app.sjs @@ -9,18 +9,17 @@ function makeResource(templatePath, vers let icon = getState('icon') || gDefaultIcon; var res = readTemplate(templatePath).replace(/VERSIONTOKEN/g, version) .replace(/APPTYPETOKEN/g, apptype) .replace(/ICONTOKEN/g, icon) .replace(/ROLE/g, role); // Hack - This is necessary to make the tests pass, but hbambas says it // shouldn't be necessary. Comment it out and watch the tests fail. - if (templatePath == gAppTemplatePath && - (apptype == 'cached' || apptype == 'trusted')) { + if (templatePath == gAppTemplatePath && apptype == 'cached') { res = res.replace('<html>', '<html manifest="file_app.sjs?apptype=' + apptype + '&getappcache=true">'); } return res; } function handleRequest(request, response) { var query = getQuery(request); @@ -44,17 +43,17 @@ function handleRequest(request, response response.setHeader("Content-Type", "text/html", false); response.setHeader("Access-Control-Allow-Origin", "*", false); response.write('OK'); return; } // Get the app type. var apptype = query.apptype; - if (apptype != 'hosted' && apptype != 'cached' && apptype != 'widget' && apptype != 'invalidWidget' && apptype != 'trusted') + if (apptype != 'hosted' && apptype != 'cached' && apptype != 'widget' && apptype != 'invalidWidget') throw "Invalid app type: " + apptype; var role = query.role; // Get the version from server state and handle the etag. var version = Number(getState('version')); var etag = getEtag(request, version); dump("Server Etag: " + etag + "\n"); @@ -85,17 +84,17 @@ function handleRequest(request, response response.write(makeResource(template, version, apptype, role)); return; } // If apptype==cached, we might be generating the appcache manifest. // // NB: Among other reasons, we use the same sjs file here so that the version // state is shared. - if ((apptype == 'cached' || apptype == 'trusted') && + if ((apptype == 'cached') && 'getappcache' in query) { response.setHeader("Content-Type", "text/cache-manifest", false); response.write(makeResource(gAppcacheTemplatePath, version, apptype, role)); return; } else if (apptype == 'widget' || apptype == 'invalidWidget') { response.setHeader("Content-Type", "text/html", false);
deleted file mode 100644 --- a/dom/apps/tests/file_trusted_app.template.webapp +++ /dev/null @@ -1,10 +0,0 @@ -{ - "type": "trusted", - "name": "Really Rapid Release (trusted)", - "description": "Updated even faster than <a href='http://mozilla.org'>Firefox</a>, just to annoy slashdotters.", - "launch_path": "/tests/dom/apps/tests/file_app.sjs?apptype=trusted", - "icons": { - "128": "ICONTOKEN" - }, - "role": "ROLE" -}
--- a/dom/apps/tests/mochitest.ini +++ b/dom/apps/tests/mochitest.ini @@ -13,17 +13,16 @@ support-files = file_script.template.js file_cached_app.template.appcache file_cached_app.template.webapp file_hosted_app.template.webapp file_hosted_certified.webapp file_hosted_certified.webapp^headers^ file_manifest.json file_manifest.json^headers^ - file_trusted_app.template.webapp file_invalidWidget_app.template.webapp file_packaged_app.sjs file_packaged_app.template.html file_packaged_app.template.webapp file_widget_app.template.webapp file_widget_app.template.html file_test_widget.js langpack/*
--- a/dom/apps/tests/test_app_update.html +++ b/dom/apps/tests/test_app_update.html @@ -12,23 +12,21 @@ https://bugzilla.mozilla.org/show_bug.cg /** Test for Bug 826058 **/ SimpleTest.waitForExplicitFinish(); var gBaseURL = 'http://test/tests/dom/apps/tests/'; var gHostedManifestURL = gBaseURL + 'file_app.sjs?apptype=hosted&getmanifest=true'; var gCachedManifestURL = gBaseURL + 'file_app.sjs?apptype=cached&getmanifest=true'; - var gTrustedManifestURL = gBaseURL + 'file_app.sjs?apptype=trusted&getmanifest=true'; var gGenerator; // We need to set the trusted hosted app csp pref since it's only in // b2g.js for now. function setCSPPrefs() { - SpecialPowers.pushPrefEnv({'set':[["security.apps.trusted.CSP.default", -"default-src *; object-src 'none'"], ["dom.mozBrowserFramesEnabled",true]]}, + SpecialPowers.pushPrefEnv({'set':[["dom.mozBrowserFramesEnabled",true]]}, function() { gGenerator = runTest(); gGenerator.next(); }); } function go() { SpecialPowers.pushPermissions( [{ "type": "browser", "allow": 1, "context": document }, { "type": "embed-apps", "allow": 1, "context": document }, { "type": "webapps-manage", "allow": 1, "context": document }], @@ -185,64 +183,16 @@ https://bugzilla.mozilla.org/show_bug.cg // Uninstall the hosted app. request = navigator.mozApps.mgmt.uninstall(app); request.onerror = mozAppsError; request.onsuccess = continueTest; yield undefined; info("Uninstalled hosted appcache app"); - - /** - * DISABLED FOR NOW UNTIL WE CAN TEST PINNING PROPERLY - */ - // Install the trusted app. - /*setAppVersion(4, continueTest); - yield undefined; - ok(true, "Installing trusted app"); - var request = navigator.mozApps.install(gTrustedManifestURL); - request.onerror = mozAppsError; - request.onsuccess = continueTest; - yield undefined; - var app = request.result; - ok(app, "App is non-null"); - if (app.installState == "pending") { - ok(true, "App is pending. Waiting for progress"); - app.onprogress = function() ok(true, "Got download progress"); - app.ondownloadsuccess = continueTest; - app.ondownloaderror = mozAppsError; - yield undefined; - } - is(app.installState, "installed", "Trusted App is installed"); - is(app.manifest.type, "trusted", "App is trusted"); -*/ - // Check the cached app. - /*checkAppState(app, true, 4, continueTest); - yield undefined;*/ - - // Check for updates. The current infrastructure always returns a new appcache - // manifest, so there should always be an update. - /*var lastCheck = app.lastUpdateCheck; - ok(true, "Setting callbacks"); - app.ondownloadapplied = function() ok(true, "downloadapplied fired."); - app.ondownloadavailable = function() ok(false, "downloadavailable fired"); - ok(true, "Checking for updates"); - var request = app.checkForUpdate(); - request.onerror = mozAppsError; - request.onsuccess = continueTest; - yield undefined; - todo(app.lastUpdateCheck > lastCheck, "lastUpdateCheck updated appropriately");*/ - - - // Uninstall the app. - /*request = navigator.mozApps.mgmt.uninstall(app); - request.onerror = mozAppsError; - request.onsuccess = continueTest; - yield undefined; - info("Uninstalled trusted app");*/ } function setAppVersion(version, cb) { var xhr = new XMLHttpRequest(); var url = gBaseURL + 'file_app.sjs?setVersion=' + version; xhr.addEventListener("load", function() { is(xhr.responseText, "OK", "setAppVersion OK"); cb(); }); xhr.addEventListener("error", event => xhrError(event, url)); xhr.addEventListener("abort", event => xhrAbort(url));
deleted file mode 100644 --- a/dom/apps/tests/test_tha_utils.html +++ /dev/null @@ -1,237 +0,0 @@ -<!DOCTYPE HTML> -<html> -<head> - <meta charset="utf-8"> - <title>Test for Trusted Hosted Apps Utils</title> - <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script> - <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"/> - - <script type="application/javascript;version=1.7"> - Components.utils.import("resource://gre/modules/TrustedHostedAppsUtils.jsm"); - - SimpleTest.waitForExplicitFinish(); - - let tests = [{ - key: "getCSPWhiteList with no argument", - func: function test1() { - let cspWhiteList = TrustedHostedAppsUtils.getCSPWhiteList(); - ok(!cspWhiteList.valid, "Should be invalid"); - is(cspWhiteList.list.length, 0, "List should be empty"); - nextTest(); - } - },{ - key: "getCSPWhiteList without style-src", - func: function test2() { - let cspWhiteList = TrustedHostedAppsUtils.getCSPWhiteList( - "script-src https://script.example.com; stylee-src https://style.example.com" - ); - ok(!cspWhiteList.valid, "Should be invalid"); - is(cspWhiteList.list.length, 0, "List should be empty"); - nextTest(); - } - },{ - key: "getCSPWhiteList without script-src", - func: function test3() { - let cspWhiteList = TrustedHostedAppsUtils.getCSPWhiteList( - "script-source https://script.example.com; style-src https://style.example.com" - ); - ok(!cspWhiteList.valid, "Should be invalid"); - is(cspWhiteList.list.length, 0, "List should be empty"); - nextTest(); - } - },{ - key: "getCSPWhiteList without source", - func: function test4() { - let cspWhiteList = TrustedHostedAppsUtils.getCSPWhiteList( - "script-src; style-src https://style.example.com" - ); - ok(!cspWhiteList.valid, "Should be invalid"); - is(cspWhiteList.list.length, 0, "List should be empty"); - nextTest(); - } - },{ - key: "getCSPWhiteList working", - func: function test5() { - let cspWhiteList = TrustedHostedAppsUtils.getCSPWhiteList( - "script-src https://script.example.com; style-src https://style.example.com" - ); - ok(cspWhiteList.valid, "Should be valid"); - is(cspWhiteList.list.length, 2, "List should have two sources"); - ok(cspWhiteList.list.every(aEl => ["https://script.example.com", "https://style.example.com"].indexOf(aEl) != -1), "Sources: " + cspWhiteList.list); - nextTest(); - } - },{ - key: "getCSPWhiteList working with duplicates", - func: function test6() { - let cspWhiteList = TrustedHostedAppsUtils.getCSPWhiteList( - "script-src https://script.example.com;" + - "style-src https://style.example.com;" + - "style-src https://style.example.com;" + - "style-src https://style.example.com;" + - "style-src https://style.example.com;" - ); - ok(cspWhiteList.valid, "Should be valid"); - is(cspWhiteList.list.length, 2, "List should have two sources"); - ok(cspWhiteList.list.every(aEl => ["https://script.example.com", "https://style.example.com"].indexOf(aEl) != -1), "Sources: " + cspWhiteList.list); - nextTest(); - } - },{ - key: "getCSPWhiteList working with duplicates and many sources", - func: function test7() { - let cspWhiteList = TrustedHostedAppsUtils.getCSPWhiteList( - "script-src https://script.example.com https://script2.example.com;" + - "style-src https://style.example.com;" + - "style-src https://style.example.com https://script1.example.com;" + - "style-src https://style.example.com https://style2.example.com;" + - "style-src https://style3.example.com;" - ); - ok(cspWhiteList.valid, "Should be valid"); - is(cspWhiteList.list.length, 6, "List should have 6 sources"); - ok(cspWhiteList.list.every(aEl => ["https://script.example.com", - "https://script1.example.com", - "https://script2.example.com", - "https://style.example.com", - "https://style2.example.com", - "https://style3.example.com"].indexOf(aEl) != -1), - "Sources: " + cspWhiteList.list); - nextTest(); - } - },{ - key: "getCSPWhiteList only adds sources from required directives", - func: function test8() { - let cspWhiteList = TrustedHostedAppsUtils.getCSPWhiteList( - "script-src https://script.example.com https://script2.example.com;" + - "style-src https://style.example.com;" + - "img-src https://img.example.com;" + - "audio-src https://audio.example.com https://audio2.example.com;" + - "video-src https://video.example.com;" + - "default-src *;" + - "media-src http://media.example.com;" + - "child-src http://child.example.com;" + - "frame-src http://frame.example.com;" + - "frame-ancestrs http://frame-a.example.com;" + - "font-src http://font.example.com;" + - "connect-src http://connect.example.com;" - ); - ok(cspWhiteList.valid, "Should be valid"); - is(cspWhiteList.list.length, 3, "List should have 3 sources"); - ok(cspWhiteList.list.every(aEl => ["https://script.example.com", - "https://script2.example.com", - "https://style.example.com"].indexOf(aEl) != -1), - "Sources: " + cspWhiteList.list); - nextTest(); - } - },{ - key: "getCSPWhiteList allows 'self' but doesn't add it", - func: function test9() { - let cspWhiteList = TrustedHostedAppsUtils.getCSPWhiteList( - "script-src 'self';" + - "style-src 'self'" - ); - ok(cspWhiteList.valid, "Should be valid"); - is(cspWhiteList.list.length, 0, "List should have no source"); - nextTest(); - } - },{ - key: "getCSPWhiteList allows *", - func: function test10() { - let cspWhiteList = TrustedHostedAppsUtils.getCSPWhiteList( - "script-src *;" + - "style-src https://style.example.com" - ); - ok(cspWhiteList.valid, "Should be valid"); - is(cspWhiteList.list.length, 2, "List should have 2 sources"); - nextTest(); - } - },{ - key: "isHostPinned doesn't allow *", - func: function test11() { - let isHostPinned = TrustedHostedAppsUtils.isHostPinned("*"); - ok(!isHostPinned, "Should not be pinned"); - nextTest(); - } - },{ - key: "isHostPinned doesn't allow http urls", - func: function test12() { - let isHostPinned = TrustedHostedAppsUtils.isHostPinned("http://example.com"); - ok(!isHostPinned, "Should not be pinned:(" + isHostPinned + ") http://example.com"); - nextTest(); - } - },{ - key: "isHostPinned doesn't allow shema-less urls", - func: function test13() { - let isHostPinned = TrustedHostedAppsUtils.isHostPinned("example.com"); - ok(!isHostPinned, "Should not be pinned:(" + isHostPinned + ") example.com"); - nextTest(); - } - },{ - key: "isHostPinned doesn't allow 'unsafe-eval'", - func: function test14() { - let isHostPinned = TrustedHostedAppsUtils.isHostPinned("'unsafe-eval'"); - ok(!isHostPinned, "Should not be pinned:(" + isHostPinned + ") 'unsafe-eval'"); - nextTest(); - } - },{ - key: "isHostPinned doesn't allow 'unsafe-inline'", - func: function test15() { - let isHostPinned = TrustedHostedAppsUtils.isHostPinned("'unsafe-inline'"); - ok(!isHostPinned, "Should not be pinned:(" + isHostPinned + ") 'unsafe-inline'"); - nextTest(); - } - },{ - key: "isHostPinned doesn't allow foobar", - func: function test16() { - let isHostPinned = TrustedHostedAppsUtils.isHostPinned("foobar"); - ok(!isHostPinned, "Should not be pinned:(" + isHostPinned + ") foobar"); - nextTest(); - } - },{ - key: "isHostPinned doesn't allow https://www.example.com:*", - func: function test17() { - let isHostPinned = TrustedHostedAppsUtils.isHostPinned("https://example.com:*"); - ok(!isHostPinned, "Should not be pinned:(" + isHostPinned + ") https://example.com:*"); - nextTest(); - } - - },{ - key: "isHostPinned doesn't allow https://*.example.com", - func: function test18() { - let isHostPinned = TrustedHostedAppsUtils.isHostPinned("https://*.example.com"); - ok(!isHostPinned, "Should not be pinned:(" + isHostPinned + ") https://*.example.com"); - nextTest(); - } - }]; - - let testGenerator = function _testGenerator() { - for (let i = 0; i < tests.length; ++i) { - yield tests[i]; - } - }(); - - let nextTest = () => { - try { - let t = testGenerator.next(); - info("test: " + t.key); - t.func(); - } catch(e) { - if (e instanceof StopIteration) { - SimpleTest.finish(); - } else { - throw e; - } - } - } - - document.addEventListener("DOMContentLoaded", function () { - nextTest(); - }); - - </script> -</head> -<body> - <p id="display"></p> - <div id="content" style="display: none"></div> - <pre id="test"></pre> - <div id="container"></div> -</body> -</html>
--- a/dom/messages/SystemMessagePermissionsChecker.jsm +++ b/dom/messages/SystemMessagePermissionsChecker.jsm @@ -224,22 +224,22 @@ this.SystemMessagePermissionsChecker = { * The app's manifest. * @returns bool * Is permitted or not. **/ isSystemMessagePermittedToRegister: function (aSysMsgName, aManifestURL, aOrigin, aManifest) { - // Test if the launch path of the app has the right permission. - let newManifest = new ManifestHelper(aManifest, aOrigin, aManifestURL); - let launchUrl = newManifest.fullLaunchPath(); - return this.isSystemMessagePermittedToSend(aSysMsgName, - launchUrl, - aManifestURL); + // Test if the launch path of the app has the right permission. + let newManifest = new ManifestHelper(aManifest, aOrigin, aManifestURL); + let launchUrl = newManifest.fullLaunchPath(); + return this.isSystemMessagePermittedToSend(aSysMsgName, + launchUrl, + aManifestURL); }, /** * Check if the system message is permitted to be sent to the given * app's page at run-time based on the current app's permissions. * @param string aSysMsgName * The system messsage name. * @param string aPageURL
--- a/security/apps/AppTrustDomain.cpp +++ b/security/apps/AppTrustDomain.cpp @@ -79,26 +79,16 @@ AppTrustDomain::SetTrustedRoot(AppTruste mMinRSABits = 1024u; break; case nsIX509CertDB::AppXPCShellRoot: trustedDER.data = const_cast<uint8_t*>(xpcshellRoot); trustedDER.len = mozilla::ArrayLength(xpcshellRoot); break; - case nsIX509CertDB::TrustedHostedAppPublicRoot: - trustedDER.data = const_cast<uint8_t*>(trustedAppPublicRoot); - trustedDER.len = mozilla::ArrayLength(trustedAppPublicRoot); - break; - - case nsIX509CertDB::TrustedHostedAppTestRoot: - trustedDER.data = const_cast<uint8_t*>(trustedAppTestRoot); - trustedDER.len = mozilla::ArrayLength(trustedAppTestRoot); - break; - case nsIX509CertDB::AddonsPublicRoot: trustedDER.data = const_cast<uint8_t*>(addonsPublicRoot); trustedDER.len = mozilla::ArrayLength(addonsPublicRoot); break; case nsIX509CertDB::AddonsStageRoot: trustedDER.data = const_cast<uint8_t*>(addonsStageRoot); trustedDER.len = mozilla::ArrayLength(addonsStageRoot);
--- a/security/manager/ssl/nsIX509CertDB.idl +++ b/security/manager/ssl/nsIX509CertDB.idl @@ -41,17 +41,17 @@ interface nsIVerifySignedManifestCallbac void verifySignedManifestFinished(in nsresult rv, in nsIX509Cert aSignerCert); }; /** * This represents a service to access and manipulate * X.509 certificates stored in a database. */ -[scriptable, uuid(fbe2a0c8-ec51-4ea4-80b3-e16793141967)] +[scriptable, uuid(c9fdec46-5c4c-4b1d-a0ca-c2bc10151b69)] interface nsIX509CertDB : nsISupports { /** * Constants that define which usages a certificate * is trusted for. */ const unsigned long UNTRUSTED = 0; const unsigned long TRUSTED_SSL = 1 << 0; @@ -311,20 +311,18 @@ interface nsIX509CertDB : nsISupports { * first step in opening the JAR. */ const AppTrustedRoot AppMarketplaceProdPublicRoot = 1; const AppTrustedRoot AppMarketplaceProdReviewersRoot = 2; const AppTrustedRoot AppMarketplaceDevPublicRoot = 3; const AppTrustedRoot AppMarketplaceDevReviewersRoot = 4; const AppTrustedRoot AppMarketplaceStageRoot = 5; const AppTrustedRoot AppXPCShellRoot = 6; - const AppTrustedRoot TrustedHostedAppPublicRoot = 7; - const AppTrustedRoot TrustedHostedAppTestRoot = 8; - const AppTrustedRoot AddonsPublicRoot = 9; - const AppTrustedRoot AddonsStageRoot = 10; + const AppTrustedRoot AddonsPublicRoot = 7; + const AppTrustedRoot AddonsStageRoot = 8; void openSignedAppFileAsync(in AppTrustedRoot trustedRoot, in nsIFile aJarFile, in nsIOpenSignedAppFileCallback callback); /** * Verifies the signature on a directory representing an unpacked signed * JAR file. To be considered valid, there must be exactly one signature * on the directory structure and that signature must have signed every