[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #14205 [Applications/Tor Browser]: Closely review all uses of IsCallerChrome() for e10s

Subject: Re: [tor-bugs] #14205 [Applications/Tor Browser]: Closely review all uses of IsCallerChrome() for e10s
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 26 May 2017 14:38:26 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 26 May 2017 10:38:37 -0400
In-reply-to: <049.e8797e51a34e87cd8c8f85e88a6975f6@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.e8797e51a34e87cd8c8f85e88a6975f6@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#14205: Closely review all uses of IsCallerChrome() for e10s
-------------------------------------------------+-------------------------
 Reporter:  mikeperry                            |          Owner:  mcs
     Type:  task                                 |         Status:
                                                 |  assigned
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-fingerprinting, tbb-e10s, tbb-   |  Actual Points:
  rebase, ff52-esr, tbb-7.0-must                 |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by mcs):

 The problem of reviewing the calls to ensure that they are only called
 from the tab/comtent process when e10s is enabled is definitely a
 challenge. Look here for an interesting comment:
 https://dxr.mozilla.org/mozilla-esr52/source/dom/base/nsContentUtils.h#203

 One approach would be for us to put breakpoints in `IsCallerChrome()` and
 related calls and see what the stack looks like in e10s mode when the
 breakpoints are hit while we exercise the code paths we care about. But we
 might miss something.

 The Mozilla developers are working on this issue as well. See
 https://bugzilla.mozilla.org/show_bug.cgi?id=1316480 ("Get rid of
 IsCallerChrome and friends") which depends on a bunch of other bugs, many
 – but not all – of which have been fixed. In many cases, Mozilla wants to
 hide an API from regular web pages, so they can handle the issue at the
 webidl level. But in many cases we need to do something more subtle such
 as return a different, less fingerprintable result to web pages.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14205#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #22179 [Community/Tor Support]: Website redesign/Support portal: Instructions - Setting up a mirror
Next by Author: Re: [tor-bugs] #22362 [Applications/Tor Browser]: Tor Browser freezes when loading http://zeit.de
Previous by thread: Re: [tor-bugs] #14205 [Applications/Tor Browser]: Closely review all uses of IsCallerChrome() for e10s
Next by thread: Re: [tor-bugs] #4688 [Core Tor/Tor]: control-spec doesn't specify rounding for status/clients-seen
Index(es):
- Author
- Thread