Closed Bug 1400139 Opened 7 years ago Closed 7 years ago

Add telemetry for how often window.content is used from untrusted code

Categories

(Core :: DOM: Core & HTML, enhancement, P2)

Product:
Core
Component:
DOM: Core & HTML
Version:
53 Branch
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla57
Tracking Flags:
Tracking Status
firefox57 --- fixed

People

(Reporter: bzbarsky, Assigned: bzbarsky)

References

Details

Attachments

(3 files)

part 1. Add infrastructure for marking WebIDL interface members as non-enumerable
(deleted), patch
qdot
: review+
Details | Diff | Splinter Review
part 2. Make window.content non-enumerable
(deleted), patch
nika
: review+
Details | Diff | Splinter Review
part 3. Add a use counter when the window.content getter is called from untrusted code
(deleted), patch
nika
: review+
Details | Diff | Splinter Review
Specifically, the plan is to do the following: 1) Make the property non-enumerable (needs some codegen changes). 2) Add a counter for how often the window resolve hook is run for a property named "content". This will also trap sets of "content" and "var content", so might not turn out to be useful unless it's very very low; it's basically an upper bound on "content" usage. 3) Add a counter for how often the getter is called from untrusted code.
Blocks: 1400140
Since we need this for removing it (bug 1400140), I guess P2 is appropriate.
Priority: -- → P2
Actually, I don't think #2 is at all useful, because we would trigger that resolve hook when setting up the window object itself... I'm going to do the other pieces, though. I did try to poke at GitHub searching for "content in window" (yes, I checked that it finds other detection code using a similar search, e.g. "scrollX in window"), and don't obviously see anyone using it for sniffing.
MozReview-Commit-ID: 9F0ZNverS63
Attachment #8908946 - Flags: review?(kyle)
Assignee: nobody → bzbarsky
Status: NEW → ASSIGNED
MozReview-Commit-ID: LQkEkdG8wKf
Attachment #8908947 - Flags: review?(michael)
MozReview-Commit-ID: LFMK7lxs46Z
Attachment #8908949 - Flags: review?(michael)
Attachment #8908946 - Flags: review?(kyle) → review+
Attachment #8908947 - Flags: review?(michael) → review+
Comment on attachment 8908949 [details] [diff] [review] part 3. Add a use counter when the window.content getter is called from untrusted code Review of attachment 8908949 [details] [diff] [review]: ----------------------------------------------------------------- This patch adds a warning and, as far as I can tell, no usage counter, so the commit message is a bit confusing :-/
Attachment #8908949 - Flags: review?(michael)
Comment on attachment 8908949 [details] [diff] [review] part 3. Add a use counter when the window.content getter is called from untrusted code > This patch adds a warning and, as far as I can tell, no usage counter Everything in nsDeprecatedOperationList.h automatically gets a usage counter. See http://searchfox.org/mozilla-central/rev/6769c4c331c85870ac3e7bf61968db98c16e4777/dom/base/UseCounter.h#29-32 and http://searchfox.org/mozilla-central/rev/6769c4c331c85870ac3e7bf61968db98c16e4777/dom/base/nsDocument.cpp#10543-10546 and so forth.
Attachment #8908949 - Flags: review?(michael)
Attachment #8908949 - Flags: review?(michael) → review+
Pushed by bzbarsky@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/6ecbba14b2f3 part 1. Add infrastructure for marking WebIDL interface members as non-enumerable. r=qdot https://hg.mozilla.org/integration/mozilla-inbound/rev/5bc10c68bbf7 part 2. Make window.content non-enumerable. r=mystor https://hg.mozilla.org/integration/mozilla-inbound/rev/df23db5d453e part 3. Add a use counter when the window.content getter is called from untrusted code. r=mystor
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: