Closed
Bug 1111848
Opened 10 years ago
Closed 10 years ago
remove nsISiteSecurityService.shouldIgnoreHeaders and implementation
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla37
People
(Reporter: keeler, Assigned: erceg.david, Mentored)
References
Details
(Keywords: addon-compat, Whiteboard: [good first bug])
Attachments
(1 file, 1 obsolete file)
(deleted),
patch
|
keeler
:
review+
|
Details | Diff | Splinter Review |
As far as I can tell, nsISiteSecurityService.shouldIgnoreHeaders isn't used anymore (somewhere along the line of refactoring to get HPKP out the door, we pulled that functionality directly into the processing of headers but never removed the unused/duplicated code).
This basically involves:
* removing the declaration in nsISiteSecurityService
* (including updating the uuid)
* removing the implementation in nsSiteSecurityService
Assignee | ||
Comment 1•10 years ago
|
||
Assignee | ||
Updated•10 years ago
|
Attachment #8540020 -
Flags: review?(dkeeler)
Comment 2•10 years ago
|
||
I am new to open source and I am willing to work on this bug if the bug is unsolved.
please give me some work to start from.
Reporter | ||
Comment 3•10 years ago
|
||
Comment on attachment 8540020 [details] [diff] [review]
bug-1111848.diff
Review of attachment 8540020 [details] [diff] [review]:
-----------------------------------------------------------------
Great! r=me with removing the (now) unnecessary #include (see comment).
::: security/manager/boot/src/nsSiteSecurityService.cpp
@@ -972,5 @@
> - bool* aResult)
> -{
> - nsresult rv;
> - bool tlsIsBroken = false;
> - nsCOMPtr<nsISSLStatusProvider> sslprov = do_QueryInterface(aSecurityInfo);
I believe you can also remove the #include for nsISSLStatusProvider.h now (but not nsISSLStatus).
Attachment #8540020 -
Flags: review?(dkeeler) → review+
Reporter | ||
Comment 4•10 years ago
|
||
(In reply to kunal jain from comment #2)
> I am new to open source and I am willing to work on this bug if the bug is
> unsolved.
> please give me some work to start from.
Thanks, Kunal, but it looks like David has already done the necessary work. If you're interested, bug 1077954 is another [good first bug] related to security.
Reporter | ||
Comment 5•10 years ago
|
||
Sid - just a heads-up: this might affect ForceTLS (the implementation of nsISiteSecurityService now checks the trustworthiness of the nsISSLStatus of the connection that's attempting to set the header, so the separate ShouldIgnoreHeaders function is no longer necessary).
Assignee | ||
Comment 6•10 years ago
|
||
Thanks for the quick turnaround David! I've updated the patch to remove the nsISSLStatusProvider.h include.
Attachment #8540020 -
Attachment is obsolete: true
Attachment #8540549 -
Flags: review?(dkeeler)
Reporter | ||
Comment 7•10 years ago
|
||
Comment on attachment 8540549 [details] [diff] [review]
Remove nsISSLStatusProvider.h include
Review of attachment 8540549 [details] [diff] [review]:
-----------------------------------------------------------------
Great!
Attachment #8540549 -
Flags: review?(dkeeler) → review+
Assignee | ||
Comment 8•10 years ago
|
||
Thanks! How do I go about getting the patch committed? From the docs, it seems it needs to be submitted to the try server first? (I don't have access to the try server, so can't push the patch myself).
Comment 9•10 years ago
|
||
https://treeherder.mozilla.org/ui/#/jobs?repo=try&revision=69a0e041f373
I don't think it *really* needs a try run since it's code removal, but can't hurt. If this looks good, then you can set the checkin-needed keyword on this bug and a kind sheriff will check it in (or I'll check back and maybe check it in for you).
Assignee: nobody → erceg.david
Status: NEW → ASSIGNED
Comment 10•10 years ago
|
||
Yep, try looked good. Great job!
Landed on inbound: https://hg.mozilla.org/integration/mozilla-inbound/rev/178d18db618d
Target Milestone: --- → mozilla37
Comment 11•10 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Comment 12•10 years ago
|
||
Adding addon-compat just to document it, but it looks like only Sid's add-on is affected :)
Keywords: addon-compat
You need to log in
before you can comment on or make changes to this bug.
Description
•