Backed out changeset 0a74e9a67faa (bug 1722050) for causing xpcshell failures on test_sorted_alphabetically.js. CLOSED TREE

browser/components/enterprisepolicies/Policies.jsm

@@ -986,11 +986,6 @@ var Policies = {
     },
   },
 
-  ExemptDomainFileTypePairsFromFileTypeDownloadWarnings: {
-    // This policy is handled directly in EnterprisePoliciesParent.jsm
-    // and requires no validation (It's done by the schema).
-  },
-
   ExtensionSettings: {
     onBeforeAddons(manager, param) {
       try {

browser/components/enterprisepolicies/schemas/policies-schema.json

@@ -461,24 +461,6 @@
       }
     },
 
-    "ExemptDomainFileTypePairsFromFileTypeDownloadWarnings": {
-      "type": "array",
-      "items": {
-        "type": "object",
-        "properties": {
-          "file_extension": {
-            "type": "string"
-          },
-          "domains": {
-            "type": "array",
-            "items": {
-              "type": "string"
-            }
-          }
-        }
-      }
-    },
-
     "Extensions": {
       "type": "object",
       "properties": {

browser/components/enterprisepolicies/tests/xpcshell/test_exempt_domain_file_type_pairs_from_file_type_download_warnings.js

@@ -1,66 +0,0 @@
-/* Any copyright is dedicated to the Public Domain.
- * http://creativecommons.org/publicdomain/zero/1.0/ */
-
-"use strict";
-
-add_task(async function test_exempt_xxx() {
-  await setupPolicyEngineWithJson({
-    policies: {
-      ExemptDomainFileTypePairsFromFileTypeDownloadWarnings: [
-        {
-          file_extension: "jnlp",
-          domains: ["example.com", "www.example.edu"],
-        },
-      ],
-    },
-  });
-  equal(
-    Services.policies.isExemptExecutableExtension(
-      "https://www.example.edu",
-      "jnlp"
-    ),
-    true
-  );
-  equal(
-    Services.policies.isExemptExecutableExtension(
-      "https://example.edu",
-      "jnlp"
-    ),
-    false
-  );
-  equal(
-    Services.policies.isExemptExecutableExtension(
-      "https://example.com",
-      "jnlp"
-    ),
-    true
-  );
-  equal(
-    Services.policies.isExemptExecutableExtension(
-      "https://www.example.com",
-      "jnlp"
-    ),
-    true
-  );
-  equal(
-    Services.policies.isExemptExecutableExtension(
-      "https://wwwexample.com",
-      "jnlp"
-    ),
-    false
-  );
-  equal(
-    Services.policies.isExemptExecutableExtension(
-      "https://www.example.org",
-      "jnlp"
-    ),
-    false
-  );
-  equal(
-    Services.policies.isExemptExecutableExtension(
-      "https://www.example.edu",
-      "exe"
-    ),
-    false
-  );
-});

browser/components/enterprisepolicies/tests/xpcshell/xpcshell.ini

@@ -13,7 +13,6 @@ support-files =
 [test_clear_blocked_cookies.js]
 [test_defaultbrowsercheck.js]
 [test_empty_policy.js]
-[test_exempt_domain_file_type_pairs_from_file_type_download_warnings.js]
 [test_extensions.js]
 [test_extensionsettings.js]
 [test_macosparser_unflatten.js]

browser/locales/en-US/browser/policies/policies-descriptions.ftl

@@ -102,8 +102,6 @@ policy-EnableTrackingProtection = Enable or disable Content Blocking and optiona
 # “lock” means that the user won’t be able to change this setting
 policy-EncryptedMediaExtensions = Enable or disable Encrypted Media Extensions and optionally lock it.
 
-policy-ExemptDomainFileTypePairsFromFileTypeDownloadWarnings = Disable warnings based on file extension for specific file types on domains.
-
 # A “locked” extension can’t be disabled or removed by the user. This policy
 # takes 3 keys (“Install”, ”Uninstall”, ”Locked”), you can either keep them in
 # English or translate them as verbs.

toolkit/components/downloads/DownloadIntegration.jsm

@@ -734,17 +734,6 @@ var DownloadIntegration = {
       fileExtension &&
       fileExtension.toLowerCase() == "exe";
 
-    let isExemptExecutableExtension = false;
-    try {
-      let url = new URL(aDownload.source.url);
-      isExemptExecutableExtension = Services.policies.isExemptExecutableExtension(
-        url.origin,
-        fileExtension?.toLowerCase()
-      );
-    } catch (e) {
-      // Invalid URL, go down the original path.
-    }
-
     // Ask for confirmation if the file is executable, except for .exe on
     // Windows where the operating system will show the prompt based on the
     // security zone.  We do this here, instead of letting the caller handle
@@ -752,11 +741,9 @@ var DownloadIntegration = {
     // first is because of its security nature, so that add-ons cannot forget
     // to do this check.  The second is that the system-level security prompt
     // would be displayed at launch time in any case.
-    // We allow policy to override this behavior for file extensions on specific domains.
     if (
       file.isExecutable() &&
       !isWindowsExe &&
-      !isExemptExecutableExtension &&
       !(await this.confirmLaunchExecutable(file.path))
     ) {
       return;

toolkit/components/enterprisepolicies/EnterprisePoliciesParent.jsm

@@ -427,25 +427,6 @@ EnterprisePoliciesManager.prototype = {
   allowedInstallSource(uri) {
     return InstallSources ? InstallSources.matches(uri) : true;
   },
-
-  isExemptExecutableExtension(origin, extension) {
-    let hostname = new URL(origin)?.hostname;
-    let exemptArray = this.getActivePolicies()
-      ?.ExemptDomainFileTypePairsFromFileTypeDownloadWarnings;
-    if (!hostname || !extension || !exemptArray) {
-      return false;
-    }
-    let domains = exemptArray
-      .filter(item => item.file_extension == extension)
-      .map(item => item.domains)
-      .flat();
-    for (let domain of domains) {
-      if (Services.eTLD.hasRootDomain(hostname, domain)) {
-        return true;
-      }
-    }
-    return false;
-  },
 };
 
 let DisallowedFeatures = {};

toolkit/components/enterprisepolicies/nsIEnterprisePolicies.idl

@@ -65,11 +65,4 @@ interface nsIEnterprisePolicies : nsISupports
    * @returns A boolean - true of the extension may be installed.
    */
   bool allowedInstallSource(in nsIURI uri);
-  /**
-   * Uses ExemptDomainFileTypePairsFromFileTypeDownloadWarnings to determine
-   * if a given file extension is exempted from executable warnings.
-   *
-   * @returns A boolean - true if warnings should not be shown.
-   */
-  bool isExemptExecutableExtension(in ACString origin, in ACString extension);
 };