Remove simpletest.js from eval()-whitelist
Categories
(Core :: DOM: Security, enhancement, P3)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox68 | --- | fixed |
People
(Reporter: jallmann, Assigned: jallmann)
References
(Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-backlog1])
Attachments
(1 file)
|
(deleted),
text/x-phabricator-request
|
Details |
Simpletest.js triggers the eval-assertion from Bug 1473549 in some tests.
The file itself does not contain eval() or new Function. Some occurences of setTimeout() might end up being called with string literals, but this doesn't seem to be the case either.
In all cases examined so far, test files call functions from simpletest.js through setTimeout() with string literals, causing the assertion to be triggered with simpletest.js showing up as the cause.
These test files have to be found and refactored to avoid using setTimeout() with string literals.
|
Assignee | |
Comment 1•6 years ago
|
||
Amend several test files for triggering eval() assertion through simpletest.js
|
|
Assignee | |
Updated•6 years ago
|
|
||
Comment 2•6 years ago
|
||
Received the following while trying to land this:
We're sorry, Autoland could not rebase your commits for you automatically. Please manually rebase your commits and try again. (255, 'applying /tmp/tmps9UlqT\npatching file modules/libpref/init/all.js\nHunk #1 FAILED at 2660\n1 out of 1 hunks FAILED -- saving rejects to file modules/libpref/init/all.js.rej\nabort: patch failed to apply', '')
Pushed by nerli@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e925cef1cadf
Remove simpletest.js from eval()-whitelist, r=ckerschb
|
||
Comment 5•6 years ago
|
||
Backed out changeset e925cef1cadf (Bug 1549326) for mochitest assertion failures at nsContentSecurityManager.cpp:205.
Backout: https://hg.mozilla.org/integration/autoland/rev/cefcbfd25b82fedbbb010b9499f6334c89bdf18c
Push that started the failures: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=pending%2Crunning%2Csuccess%2Ctestfailed%2Cbusted%2Cexception&revision=e925cef1cadfa7dc2dff699ae3d980a11705196c&selectedJob=245586246
Failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=245586246&repo=autoland&lineNumber=9788
|
|
Assignee | |
Comment 6•6 years ago
|
||
Fixed all remaining test failures.
https://treeherder.mozilla.org/#/jobs?repo=try&revision=73f1e6f1e564a1cc9fc01ebf3891e7d57f6197d3
Pushed by ncsoregi@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/39446af6b4ad
Remove simpletest.js from eval()-whitelist, r=ckerschb
|
||
Comment 8•6 years ago
|
||
| bugherder | ||
Description
•