They'll be reopened, so there's no security benefit, but this causes Activity
Monitor to not report the processes as 'not responding'.
Differential Revision: https://phabricator.services.mozilla.com/D2855
--HG--
extra : moz-landing-system : lando
This introduces the machinery needed to generate crash annotations from a YAML
file. The relevant C++ functions are updated to take a typed enum. JavaScript
calls are unaffected but they will throw if the string argument does not
correspond to one of the known entries in the C++ enum. The existing whitelists
and blacklists of annotations are also generated from the YAML file and all
duplicate code related to them has been consolidated. Once written out to the
.extra file the annotations are converted in string form and are no different
than the existing ones.
All existing annotations have been included in the list (and some obsolete ones
have been removed) and all call sites have been updated including tests where
appropriate.
--HG--
extra : source : 4f6c43f2830701ec5552e08e3f1b06fe6d045860
Summary:
Only implemented by nsWebBrowser, only 2 methods used in TabChild.
Move methods to nsWebBrowser implementation and remove unused methods,
change names to something more obvious, and remove interface.
MozReview-Commit-ID: 4WwBrVWQEVy
Test Plan: Try run
Reviewers: nika
Tags: #secure-revision
Bug #: 1480645
Differential Revision: https://phabricator.services.mozilla.com/D2752
Summary:
We only use one branch of the property set method in
nsIWebBrowserSetup, in one place. Expose this setting in the C++ API
and remove the XPCOM interface.
This patch also exposes the nsWebBrowser.h header to the codebase,
meaning we can possibly start removing some uses of nsIWebBrowser
elsewhere.
MozReview-Commit-ID: G3gnRWJUx6M
Test Plan: Try run
Reviewers: nika
Tags: #secure-revision
Bug #: 1480643
Differential Revision: https://phabricator.services.mozilla.com/D2736
We originally thought that this would enable us to disconnect from the
windowserver local service (which is a significant sandbox escape risk),
however investigations revealed that that requires changes to WebGL and thus
will be handled separately.
This also corrects an incorrect usage of the (undocumented) APIs for closing
windowserver connections. If CGSSetDenyWindowServerConnections is called while
there are open connections it is a no-op, so it must be called after
disconnecting any open connections.
Differential Revision: https://phabricator.services.mozilla.com/D2478
--HG--
extra : moz-landing-system : lando
This introduces the machinery needed to generate crash annotations from a YAML
file. The relevant functions are updated to take a typed enum (in C++) and an
integer constant (in JavaScript). A JavaScript wrapper around the crash
reporter service is provided to hold the constants. The existing whitelists
and blacklists of annotations are also generated from the YAML file and the
existing duplicate code has been consolidated. Once written out to the .extra
file the annotations are converted in string form and are no different than
the existing ones.
All existing annotations have been included (and some obsolete ones removed)
and all call sites have been updated including tests.
--HG--
extra : rebase_source : b4f0d4bf83c64851028c271d3fab3ebcb6fbcd3e
This introduces the machinery needed to generate crash annotations from a YAML
file. The relevant functions are updated to take a typed enum (in C++) and an
integer constant (in JavaScript). A JavaScript wrapper around the crash
reporter service is provided to hold the constants. The existing whitelists
and blacklists of annotations are also generated from the YAML file and the
existing duplicate code has been consolidated. Once written out to the .extra
file the annotations are converted in string form and are no different than
the existing ones.
All existing annotations have been included (and some obsolete ones removed)
and all call sites have been updated including tests.
--HG--
extra : rebase_source : f0e8d229581ac5c0daa0e0454cb258746108e28d
I generally tried to preserve the behavior of consumers where they treated an
exception from getInterface(Ci.nsIContentFrameMessageManager) as a signal to use
some sort of fallback.
I did change the behavior of consumers that walked up to the root same-type
docshell before getting the message manager to just get it directly from the
docshell they have. Please review those parts carefully, and let me know if you
want me to ask some subject area experts to review those.
I generally tried to preserve the behavior of consumers where they treated an
exception from getInterface(Ci.nsIContentFrameMessageManager) as a signal to use
some sort of fallback.
I did change the behavior of consumers that walked up to the root same-type
docshell before getting the message manager to just get it directly from the
docshell they have. Please review those parts carefully, and let me know if you
want me to ask some subject area experts to review those.
Fairly straightforward. This should allow us to enable our
forcepaint telemetry again without an added cost, since it's
just piggybacking on the existing content process BHR.
MozReview-Commit-ID: 83l9xnPfc9u
--HG--
extra : rebase_source : d53f1e9adfff1d9bf3610be634f9ece08a2ec154
This new id is added in the PerformanceInfo data and helps consumers distinguish
counters.
MozReview-Commit-ID: 7kEmqJcVggM
--HG--
extra : rebase_source : 40cca4c937f846db93ec1315036ad1bac04bc762
To not leave dangling BrowsingContexts due to crashing child processes
we need to detach all BrowsingContexts owned by a specific process
when that process goes away.
--HG--
extra : histedit_source : a737dd272224ae2595e8851813f3f9a66a2e01f2
Have BrowsingContext keep its own cache to enable caching of
BrowsingContexts, especially in the parent process.
This isn't really optimal, since it effectively duplicates the
cache in the child process. BFcache keeps a list of strong pointers to
the list of cached nsDocShells, where each nsDocShell in turn keeps a
reciprocated strong pointer to its BrowsingContext, which in turn is
held in the BrowsingContexts list of cached contexts. Ideally these
caches should be merged.
--HG--
extra : histedit_source : 094370f6d54d83728e8433ec5c47003086146476
Add BrowsingContext to allow the tree structure of docshells to exist
in several processes simultaneously. This is a first step towards
allowing a tree structure preserving separation of docshells across
processes.
--HG--
extra : histedit_source : d3c7f6ab4b9ae76f170c126d669ebd570e52f348
- Access nsISSLStatus directly as a member of nsITransportSecurityInfo
and nsISecureBrowserUI. This is part of a larger effort to consolidate
nsISSLStatus and nsITransportSecurityInfo.
- The TabParent implementation of GetSecInfo will always return null.
- Removed unnecessary QueryInterface calls
- Style adherence updates
MozReview-Commit-ID: Dzy6t2zYljL
--HG--
extra : rebase_source : 9c400bed3c9d29a186fc987c9bd0ffceb37bfd94
- Access nsISSLStatus directly as a member of nsITransportSecurityInfo
and nsISecureBrowserUI. This is part of a larger effort to consolidate
nsISSLStatus and nsITransportSecurityInfo.
- The TabParent implementation of GetSecInfo will always return null.
- Removed unnecessary QueryInterface calls
- Style adherence updates
MozReview-Commit-ID: Dzy6t2zYljL
--HG--
extra : rebase_source : fbfbcf7608efbfb35c9be4018ff0f4e70b2768d2
We were previously failing to send blobs to new content processes, which was a
problem for those processes. But we were also attempting to extract blobs for
new entries that we were serializing after we'd extracted their structured
clone data, and their blob array had been thrown away (which was a problem for
all processes).
This patch fixes both problems.
MozReview-Commit-ID: 3qbAmUTA85g
--HG--
extra : rebase_source : 87ed9356aa23ae83762a887cf12ba1f466e7bf61
Cosmin Sabou
Brian Hackett
Margareta Eliza Balazs
Alex Gaynor
dvarga
Gabriele Svelto
Kyle Machulis
Kris Maglione
Jan de Mooij
Noemi Erli
Dorel Luca
Coroiu Cristina
Boris Zbarsky
Csoregi Natalia
Kartikaya Gupta
Zibi Braniecki
Doug Thayer
Tarek Ziadé
Andreas Farre
Blake Kaplan
Dipen Patel
Andreea Pavel