Closed Bug 1111848 Opened 10 years ago Closed 10 years ago

remove nsISiteSecurityService.shouldIgnoreHeaders and implementation

Categories

(Core :: Security: PSM, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla37

People

(Reporter: keeler, Assigned: erceg.david, Mentored)

References

Details

(Keywords: addon-compat, Whiteboard: [good first bug])

Attachments

(1 file, 1 obsolete file)

As far as I can tell, nsISiteSecurityService.shouldIgnoreHeaders isn't used anymore (somewhere along the line of refactoring to get HPKP out the door, we pulled that functionality directly into the processing of headers but never removed the unused/duplicated code). This basically involves: * removing the declaration in nsISiteSecurityService * (including updating the uuid) * removing the implementation in nsSiteSecurityService
Attached patch bug-1111848.diff (obsolete) (deleted) — Splinter Review
Attachment #8540020 - Flags: review?(dkeeler)
I am new to open source and I am willing to work on this bug if the bug is unsolved. please give me some work to start from.
Comment on attachment 8540020 [details] [diff] [review] bug-1111848.diff Review of attachment 8540020 [details] [diff] [review]: ----------------------------------------------------------------- Great! r=me with removing the (now) unnecessary #include (see comment). ::: security/manager/boot/src/nsSiteSecurityService.cpp @@ -972,5 @@ > - bool* aResult) > -{ > - nsresult rv; > - bool tlsIsBroken = false; > - nsCOMPtr<nsISSLStatusProvider> sslprov = do_QueryInterface(aSecurityInfo); I believe you can also remove the #include for nsISSLStatusProvider.h now (but not nsISSLStatus).
Attachment #8540020 - Flags: review?(dkeeler) → review+
(In reply to kunal jain from comment #2) > I am new to open source and I am willing to work on this bug if the bug is > unsolved. > please give me some work to start from. Thanks, Kunal, but it looks like David has already done the necessary work. If you're interested, bug 1077954 is another [good first bug] related to security.
Sid - just a heads-up: this might affect ForceTLS (the implementation of nsISiteSecurityService now checks the trustworthiness of the nsISSLStatus of the connection that's attempting to set the header, so the separate ShouldIgnoreHeaders function is no longer necessary).
Thanks for the quick turnaround David! I've updated the patch to remove the nsISSLStatusProvider.h include.
Attachment #8540020 - Attachment is obsolete: true
Attachment #8540549 - Flags: review?(dkeeler)
Comment on attachment 8540549 [details] [diff] [review] Remove nsISSLStatusProvider.h include Review of attachment 8540549 [details] [diff] [review]: ----------------------------------------------------------------- Great!
Attachment #8540549 - Flags: review?(dkeeler) → review+
Thanks! How do I go about getting the patch committed? From the docs, it seems it needs to be submitted to the try server first? (I don't have access to the try server, so can't push the patch myself).
https://treeherder.mozilla.org/ui/#/jobs?repo=try&revision=69a0e041f373 I don't think it *really* needs a try run since it's code removal, but can't hurt. If this looks good, then you can set the checkin-needed keyword on this bug and a kind sheriff will check it in (or I'll check back and maybe check it in for you).
Assignee: nobody → erceg.david
Status: NEW → ASSIGNED
Yep, try looked good. Great job! Landed on inbound: https://hg.mozilla.org/integration/mozilla-inbound/rev/178d18db618d
Target Milestone: --- → mozilla37
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Adding addon-compat just to document it, but it looks like only Sid's add-on is affected :)
Keywords: addon-compat
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: