From bbf1e58474823d5266e8a3e0ca65bb92af6ee544 Mon Sep 17 00:00:00 2001
From: Arturo Mejia <arturomejiamarmol@gmail.com>
Date: Tue, 25 Apr 2023 16:43:39 +0000
Subject: [PATCH] Bug 1639050 - Enable blocklist v3 on Android nightly
 r=geckoview-reviewers,robwu,calu

Differential Revision: https://phabricator.services.mozilla.com/D173208
---
 mobile/android/app/mobile.js                  |  7 +-
 mobile/android/installer/package-manifest.in  |  9 +-
 services/settings/dumps/blocklists/moz.build  | 10 +-
 toolkit/mozapps/extensions/Blocklist.jsm      |  7 +-
 .../test/xpcshell/rs-blocklist/head.js        | 10 +-
 .../test_android_blocklist_dump.js            | 95 +++++++++++++++----
 .../rs-blocklist/test_blocklist_clients.js    |  6 +-
 .../rs-blocklist/test_blocklistchange.js      |  6 +-
 .../test/xpcshell/rs-blocklist/xpcshell.ini   |  7 +-
 9 files changed, 117 insertions(+), 40 deletions(-)

diff --git a/mobile/android/app/mobile.js b/mobile/android/app/mobile.js
index e9b1f51a5fc1..3748a6ec6a8a 100644
--- a/mobile/android/app/mobile.js
+++ b/mobile/android/app/mobile.js
@@ -155,8 +155,11 @@ pref("xpinstall.whitelist.add", "https://addons.mozilla.org");
 pref("extensions.langpacks.signatures.required", true);
 pref("xpinstall.signatures.required", true);
 
-// Use blocklist v2 until blocklist v3 is enabled on Android - bug 1639050
-pref("extensions.blocklist.useMLBF", false);
+#ifndef NIGHTLY_BUILD
+// Use blocklist v2 until blocklist v3 is enabled on Android - bug 1824863
+    pref("extensions.blocklist.useMLBF", false);
+#endif
+
 
 // Whether MV3 restrictions for actions popup urls should be extended to MV2 extensions
 // (only allowing same extension urls to be used as action popup urls).
diff --git a/mobile/android/installer/package-manifest.in b/mobile/android/installer/package-manifest.in
index 39e5df9462a5..10010a9a9073 100644
--- a/mobile/android/installer/package-manifest.in
+++ b/mobile/android/installer/package-manifest.in
@@ -88,8 +88,15 @@
 @BINPATH@/application.ini
 @BINPATH@/platform.ini
 @BINPATH@/defaults/settings/last_modified.json
-; TODO bug 1639050: addons-bloomfilters should be used instead of addons.json
+#ifdef NIGHTLY_BUILD
+; The addons blocklist data is not packaged and will be downloaded after install.
+; See https://bugzilla.mozilla.org/show_bug.cgi?id=1639050#c5
+; @BINPATH@/defaults/settings/blocklists/addons-bloomfilters.json
+; @BINPATH@/defaults/settings/blocklists/addons-bloomfilters/addons-mlbf.bin
+; @BINPATH@/defaults/settings/blocklists/addons-bloomfilters/addons-mlbf.bin.meta.json
+#else
 @BINPATH@/defaults/settings/blocklists/addons.json
+#endif
 @BINPATH@/defaults/settings/blocklists/gfx.json
 @BINPATH@/defaults/settings/main/password-recipes.json
 @BINPATH@/defaults/settings/security-state/onecrl.json
diff --git a/services/settings/dumps/blocklists/moz.build b/services/settings/dumps/blocklists/moz.build
index f55a19bd5ee9..42587e6174eb 100644
--- a/services/settings/dumps/blocklists/moz.build
+++ b/services/settings/dumps/blocklists/moz.build
@@ -9,15 +9,19 @@ with Files("**"):
 
 # The addons blocklist is also in mobile/android/installer/package-manifest.in
 if CONFIG["MOZ_WIDGET_TOOLKIT"] == "android":
-    # Remove "addons.json" once bug 1639050 is resolved.
-    FINAL_TARGET_FILES.defaults.settings.blocklists += ["addons.json", "gfx.json"]
+    if CONFIG["NIGHTLY_BUILD"]:
+        FINAL_TARGET_FILES.defaults.settings.blocklists += [
+            "addons-bloomfilters.json",
+            "gfx.json",
+        ]
+    else:
+        FINAL_TARGET_FILES.defaults.settings.blocklists += ["addons.json", "gfx.json"]
 else:
     FINAL_TARGET_FILES.defaults.settings.blocklists += [
         "addons-bloomfilters.json",
         "gfx.json",
         "plugins.json",
     ]
-
 FINAL_TARGET_FILES.defaults.settings.blocklists["addons-bloomfilters"] += [
     "addons-bloomfilters/addons-mlbf.bin",
     "addons-bloomfilters/addons-mlbf.bin.meta.json",
diff --git a/toolkit/mozapps/extensions/Blocklist.jsm b/toolkit/mozapps/extensions/Blocklist.jsm
index a2556dff7341..2314c7fbe270 100644
--- a/toolkit/mozapps/extensions/Blocklist.jsm
+++ b/toolkit/mozapps/extensions/Blocklist.jsm
@@ -1428,10 +1428,9 @@ let Blocklist = {
   recordAddonBlockChangeTelemetry(addon, reason) {
     BlocklistTelemetry.recordAddonBlockChangeTelemetry(addon, reason);
   },
-
-  // TODO bug 1649906, bug 1639050: Remove blocklist v2.
-  // Allow blocklist for Android and unit tests only.
-  allowDeprecatedBlocklistV2: AppConstants.platform === "android",
+  // TODO bug 1649906 and 1824863: Remove blocklist v2 (dead code).
+  allowDeprecatedBlocklistV2:
+    AppConstants.platform === "android" && !AppConstants.NIGHTLY_BUILD,
 
   _chooseExtensionBlocklistImplementationFromPref() {
     if (
diff --git a/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/head.js b/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/head.js
index 8b74a39b5f1f..38a5912da7df 100644
--- a/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/head.js
+++ b/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/head.js
@@ -46,9 +46,11 @@ function getExtensionBlocklistMLBF() {
   const {
     BlocklistPrivate: { ExtensionBlocklistMLBF },
   } = ChromeUtils.import("resource://gre/modules/Blocklist.jsm");
-  Assert.ok(
-    Services.prefs.getBoolPref("extensions.blocklist.useMLBF", false),
-    "blocklist.useMLBF should be true"
-  );
+  if (Blocklist.allowDeprecatedBlocklistV2) {
+    Assert.ok(
+      Services.prefs.getBoolPref("extensions.blocklist.useMLBF", false),
+      "blocklist.useMLBF should be true"
+    );
+  }
   return ExtensionBlocklistMLBF;
 }
diff --git a/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_android_blocklist_dump.js b/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_android_blocklist_dump.js
index e581b39a01ea..e00ee11dda04 100644
--- a/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_android_blocklist_dump.js
+++ b/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_android_blocklist_dump.js
@@ -3,6 +3,29 @@
 
 "use strict";
 
+// Blocklist v3 will be enabled on release in bug 1824863.
+// TODO bug 1824863: Remove this when blocklist v3 is enabled.
+const IS_USING_BLOCKLIST_V3 = AppConstants.NIGHTLY_BUILD;
+const ExtensionBlocklistMLBF = getExtensionBlocklistMLBF();
+
+let MLBF_LOAD_ATTEMPTS;
+let MLBF_LOAD_RESULTS;
+let originalFetchMLBF;
+
+add_task(async function setup() {
+  MLBF_LOAD_RESULTS = [];
+  MLBF_LOAD_ATTEMPTS = [];
+
+  // Tapping into the internals of ExtensionBlocklistMLBF._fetchMLBF to observe
+  originalFetchMLBF = ExtensionBlocklistMLBF._fetchMLBF;
+  ExtensionBlocklistMLBF._fetchMLBF = async function(record) {
+    MLBF_LOAD_ATTEMPTS.push(record);
+    let promise = originalFetchMLBF.apply(this, arguments);
+    MLBF_LOAD_RESULTS.push(promise);
+    return promise;
+  };
+});
+
 // When bug 1639050 is fixed, this whole test can be removed as it is already
 // covered by test_blocklist_mlbf_dump.js.
 
@@ -35,23 +58,59 @@ const nonBlockedAddon = {
   signedState: AddonManager.SIGNEDSTATE_SIGNED,
 };
 
-add_task(async function verify_blocklistv2_dump_first_run() {
-  createAppInfo("xpcshell@tests.mozilla.org", "XPCShell", "1", "1");
+add_task(
+  { skip_if: () => IS_USING_BLOCKLIST_V3 },
+  async function verify_blocklistv2_dump_first_run() {
+    createAppInfo("xpcshell@tests.mozilla.org", "XPCShell", "1", "1");
 
-  Assert.equal(
-    await Blocklist.getAddonBlocklistState(blockedAddon),
-    Ci.nsIBlocklistService.STATE_BLOCKED,
-    "A add-on that is known to be on the v2 blocklist should be blocked"
-  );
-  Assert.equal(
-    await Blocklist.getAddonBlocklistState(blockedAddonV3only),
-    Ci.nsIBlocklistService.STATE_NOT_BLOCKED,
-    "An add-on that is not part of the v2 blocklist should not be blocked"
-  );
+    Assert.equal(
+      await Blocklist.getAddonBlocklistState(blockedAddon),
+      Ci.nsIBlocklistService.STATE_BLOCKED,
+      "A add-on that is known to be on the v2 blocklist should be blocked"
+    );
+    Assert.equal(
+      await Blocklist.getAddonBlocklistState(blockedAddonV3only),
+      Ci.nsIBlocklistService.STATE_NOT_BLOCKED,
+      "An add-on that is not part of the v2 blocklist should not be blocked"
+    );
 
-  Assert.equal(
-    await Blocklist.getAddonBlocklistState(nonBlockedAddon),
-    Ci.nsIBlocklistService.STATE_NOT_BLOCKED,
-    "A known non-blocked add-on should not be blocked"
-  );
-});
+    Assert.equal(
+      await Blocklist.getAddonBlocklistState(nonBlockedAddon),
+      Ci.nsIBlocklistService.STATE_NOT_BLOCKED,
+      "A known non-blocked add-on should not be blocked"
+    );
+  }
+);
+
+add_task(
+  { skip_if: () => !IS_USING_BLOCKLIST_V3 },
+  async function verify_a_known_blocked_add_on_is_not_detected_as_blocked_at_first_run() {
+    // The addons blocklist data is not packaged and will be downloaded after install
+    Assert.equal(
+      await Blocklist.getAddonBlocklistState(blockedAddon),
+      Ci.nsIBlocklistService.STATE_NOT_BLOCKED,
+      "A known blocked add-on should not be blocked at first"
+    );
+
+    await Assert.rejects(
+      MLBF_LOAD_RESULTS[0],
+      /DownloadError: Could not download addons-mlbf.bin/,
+      "Should not find any packaged attachment"
+    );
+
+    MLBF_LOAD_ATTEMPTS.length = 0;
+    MLBF_LOAD_RESULTS.length = 0;
+
+    Assert.equal(
+      await Blocklist.getAddonBlocklistState(blockedAddon),
+      Ci.nsIBlocklistService.STATE_NOT_BLOCKED,
+      "Blocklist is still not populated"
+    );
+    Assert.deepEqual(
+      MLBF_LOAD_ATTEMPTS,
+      [],
+      "MLBF is not fetched again after the first lookup"
+    );
+    ExtensionBlocklistMLBF._fetchMLBF = originalFetchMLBF;
+  }
+);
diff --git a/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_blocklist_clients.js b/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_blocklist_clients.js
index 3a8b5381709f..59a5007275f2 100644
--- a/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_blocklist_clients.js
+++ b/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_blocklist_clients.js
@@ -8,8 +8,8 @@ const { RemoteSettings } = ChromeUtils.importESModule(
   "resource://services-settings/remote-settings.sys.mjs"
 );
 
-const IS_ANDROID = AppConstants.platform == "android";
-
+const IS_ANDROID_WITH_BLOCKLIST_V2 =
+  AppConstants.platform == "android" && !AppConstants.NIGHTLY_BUILD;
 let gBlocklistClients;
 
 async function clear_state() {
@@ -40,7 +40,7 @@ add_task(async function setup() {
   gBlocklistClients = [
     {
       client: BlocklistPrivate.ExtensionBlocklistRS._client,
-      expectHasDump: IS_ANDROID,
+      expectHasDump: IS_ANDROID_WITH_BLOCKLIST_V2,
     },
     {
       client: BlocklistPrivate.GfxBlocklistRS._client,
diff --git a/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_blocklistchange.js b/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_blocklistchange.js
index d663c48d81f5..9507db9cc4f9 100644
--- a/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_blocklistchange.js
+++ b/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/test_blocklistchange.js
@@ -29,7 +29,11 @@ const URI_EXTENSION_BLOCKLIST_DIALOG =
 // Allow insecure updates
 Services.prefs.setBoolPref("extensions.checkUpdateSecurity", false);
 
-if (AppConstants.platform == "android") {
+const IS_ANDROID_WITH_BLOCKLIST_V2 =
+  AppConstants.platform == "android" && !AppConstants.NIGHTLY_BUILD;
+
+// This is the initial value of Blocklist.allowDeprecatedBlocklistV2.
+if (IS_ANDROID_WITH_BLOCKLIST_V2) {
   // test_blocklistchange_v2.js tests blocklist v2, so we should flip the pref
   // to enable the v3 blocklist on Android.
   Assert.ok(
diff --git a/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/xpcshell.ini b/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/xpcshell.ini
index 62f1ab721c4b..209284738fe8 100644
--- a/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/xpcshell.ini
+++ b/toolkit/mozapps/extensions/test/xpcshell/rs-blocklist/xpcshell.ini
@@ -7,7 +7,7 @@ support-files =
   ../../xpinstall/webmidi_permission.xpi
 
 [test_android_blocklist_dump.js]
-run-if = os == "android" # Remove this whole test when bug 1639050 is fixed.
+run-if = os == "android"
 [test_blocklist_addonBlockURL.js]
 [test_blocklist_appversion.js]
 skip-if = os == "android" && verify # times out
@@ -17,13 +17,12 @@ tags = remote-settings
 [test_blocklist_metadata_filters.js]
 [test_blocklist_mlbf.js]
 [test_blocklist_mlbf_dump.js]
-skip-if = os == "android" # bug 1639050
-[test_blocklist_mlbf_fetch.js]
+skip-if = os == "android" # blocklist v3 is not bundled with Android builds, see test_android_blocklist_dump.js instead.[test_blocklist_mlbf_fetch.js][test_blocklist_mlbf_fetch.js]
 [test_blocklist_mlbf_stashes.js]
 [test_blocklist_mlbf_telemetry.js]
 skip-if =
     appname == "thunderbird" # Data irrelevant to Thunderbird. Bug 1641400.
-    os == "android" # can somehow not record telemetry; look into it upon fixing bug 1639050
+    os == "android" # can somehow not record telemetry; Bug 1820155.
 [test_blocklist_mlbf_update.js]
 [test_blocklist_osabi.js]
 skip-if = os == "android" && verify # times out