diff --git a/browser/components/enterprisepolicies/Policies.jsm b/browser/components/enterprisepolicies/Policies.jsm index ae661a1baf27..bb251a536b84 100644 --- a/browser/components/enterprisepolicies/Policies.jsm +++ b/browser/components/enterprisepolicies/Policies.jsm @@ -986,11 +986,6 @@ var Policies = { }, }, - ExemptDomainFileTypePairsFromFileTypeDownloadWarnings: { - // This policy is handled directly in EnterprisePoliciesParent.jsm - // and requires no validation (It's done by the schema). - }, - ExtensionSettings: { onBeforeAddons(manager, param) { try { diff --git a/browser/components/enterprisepolicies/schemas/policies-schema.json b/browser/components/enterprisepolicies/schemas/policies-schema.json index 71fea855762f..5448d299b3e5 100644 --- a/browser/components/enterprisepolicies/schemas/policies-schema.json +++ b/browser/components/enterprisepolicies/schemas/policies-schema.json @@ -461,24 +461,6 @@ } }, - "ExemptDomainFileTypePairsFromFileTypeDownloadWarnings": { - "type": "array", - "items": { - "type": "object", - "properties": { - "file_extension": { - "type": "string" - }, - "domains": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - }, - "Extensions": { "type": "object", "properties": { diff --git a/browser/components/enterprisepolicies/tests/xpcshell/test_exempt_domain_file_type_pairs_from_file_type_download_warnings.js b/browser/components/enterprisepolicies/tests/xpcshell/test_exempt_domain_file_type_pairs_from_file_type_download_warnings.js deleted file mode 100644 index 5d93391ce91a..000000000000 --- a/browser/components/enterprisepolicies/tests/xpcshell/test_exempt_domain_file_type_pairs_from_file_type_download_warnings.js +++ /dev/null @@ -1,66 +0,0 @@ -/* Any copyright is dedicated to the Public Domain. - * http://creativecommons.org/publicdomain/zero/1.0/ */ - -"use strict"; - -add_task(async function test_exempt_xxx() { - await setupPolicyEngineWithJson({ - policies: { - ExemptDomainFileTypePairsFromFileTypeDownloadWarnings: [ - { - file_extension: "jnlp", - domains: ["example.com", "www.example.edu"], - }, - ], - }, - }); - equal( - Services.policies.isExemptExecutableExtension( - "https://www.example.edu", - "jnlp" - ), - true - ); - equal( - Services.policies.isExemptExecutableExtension( - "https://example.edu", - "jnlp" - ), - false - ); - equal( - Services.policies.isExemptExecutableExtension( - "https://example.com", - "jnlp" - ), - true - ); - equal( - Services.policies.isExemptExecutableExtension( - "https://www.example.com", - "jnlp" - ), - true - ); - equal( - Services.policies.isExemptExecutableExtension( - "https://wwwexample.com", - "jnlp" - ), - false - ); - equal( - Services.policies.isExemptExecutableExtension( - "https://www.example.org", - "jnlp" - ), - false - ); - equal( - Services.policies.isExemptExecutableExtension( - "https://www.example.edu", - "exe" - ), - false - ); -}); diff --git a/browser/components/enterprisepolicies/tests/xpcshell/xpcshell.ini b/browser/components/enterprisepolicies/tests/xpcshell/xpcshell.ini index 2ec8bcf1a818..37f9739f9aa6 100644 --- a/browser/components/enterprisepolicies/tests/xpcshell/xpcshell.ini +++ b/browser/components/enterprisepolicies/tests/xpcshell/xpcshell.ini @@ -13,7 +13,6 @@ support-files = [test_clear_blocked_cookies.js] [test_defaultbrowsercheck.js] [test_empty_policy.js] -[test_exempt_domain_file_type_pairs_from_file_type_download_warnings.js] [test_extensions.js] [test_extensionsettings.js] [test_macosparser_unflatten.js] diff --git a/browser/locales/en-US/browser/policies/policies-descriptions.ftl b/browser/locales/en-US/browser/policies/policies-descriptions.ftl index 9db776a1f639..e38e9225f7e1 100644 --- a/browser/locales/en-US/browser/policies/policies-descriptions.ftl +++ b/browser/locales/en-US/browser/policies/policies-descriptions.ftl @@ -102,8 +102,6 @@ policy-EnableTrackingProtection = Enable or disable Content Blocking and optiona # “lock” means that the user won’t be able to change this setting policy-EncryptedMediaExtensions = Enable or disable Encrypted Media Extensions and optionally lock it. -policy-ExemptDomainFileTypePairsFromFileTypeDownloadWarnings = Disable warnings based on file extension for specific file types on domains. - # A “locked” extension can’t be disabled or removed by the user. This policy # takes 3 keys (“Install”, ”Uninstall”, ”Locked”), you can either keep them in # English or translate them as verbs. diff --git a/toolkit/components/downloads/DownloadIntegration.jsm b/toolkit/components/downloads/DownloadIntegration.jsm index 90f92d83cc4b..70200bfbe255 100644 --- a/toolkit/components/downloads/DownloadIntegration.jsm +++ b/toolkit/components/downloads/DownloadIntegration.jsm @@ -734,17 +734,6 @@ var DownloadIntegration = { fileExtension && fileExtension.toLowerCase() == "exe"; - let isExemptExecutableExtension = false; - try { - let url = new URL(aDownload.source.url); - isExemptExecutableExtension = Services.policies.isExemptExecutableExtension( - url.origin, - fileExtension?.toLowerCase() - ); - } catch (e) { - // Invalid URL, go down the original path. - } - // Ask for confirmation if the file is executable, except for .exe on // Windows where the operating system will show the prompt based on the // security zone. We do this here, instead of letting the caller handle @@ -752,11 +741,9 @@ var DownloadIntegration = { // first is because of its security nature, so that add-ons cannot forget // to do this check. The second is that the system-level security prompt // would be displayed at launch time in any case. - // We allow policy to override this behavior for file extensions on specific domains. if ( file.isExecutable() && !isWindowsExe && - !isExemptExecutableExtension && !(await this.confirmLaunchExecutable(file.path)) ) { return; diff --git a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm index 35559e22ee64..6cf104c07f51 100644 --- a/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm +++ b/toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm @@ -427,25 +427,6 @@ EnterprisePoliciesManager.prototype = { allowedInstallSource(uri) { return InstallSources ? InstallSources.matches(uri) : true; }, - - isExemptExecutableExtension(origin, extension) { - let hostname = new URL(origin)?.hostname; - let exemptArray = this.getActivePolicies() - ?.ExemptDomainFileTypePairsFromFileTypeDownloadWarnings; - if (!hostname || !extension || !exemptArray) { - return false; - } - let domains = exemptArray - .filter(item => item.file_extension == extension) - .map(item => item.domains) - .flat(); - for (let domain of domains) { - if (Services.eTLD.hasRootDomain(hostname, domain)) { - return true; - } - } - return false; - }, }; let DisallowedFeatures = {}; diff --git a/toolkit/components/enterprisepolicies/nsIEnterprisePolicies.idl b/toolkit/components/enterprisepolicies/nsIEnterprisePolicies.idl index 022b373e9c14..fd81f5a9da0a 100644 --- a/toolkit/components/enterprisepolicies/nsIEnterprisePolicies.idl +++ b/toolkit/components/enterprisepolicies/nsIEnterprisePolicies.idl @@ -65,11 +65,4 @@ interface nsIEnterprisePolicies : nsISupports * @returns A boolean - true of the extension may be installed. */ bool allowedInstallSource(in nsIURI uri); - /** - * Uses ExemptDomainFileTypePairsFromFileTypeDownloadWarnings to determine - * if a given file extension is exempted from executable warnings. - * - * @returns A boolean - true if warnings should not be shown. - */ - bool isExemptExecutableExtension(in ACString origin, in ACString extension); };