Closed Bug 1797649 Opened 2 years ago Closed 2 years ago

remove nsITransportSecurityInfo argument from nsISiteSecurityService.processHeader

Categories

(Core :: Security: PSM, enhancement, P1)

Product:
Core
Component:
Security: PSM
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
108 Branch
Tracking Flags:
Tracking Status
firefox108 --- fixed

People

(Reporter: keeler, Assigned: keeler)

References

Details

(Whiteboard: [psm-assigned])

Attachments

(1 file)

Bug 1797649 - remove securityInfo argument from nsISiteSecurityService.processHeader r?jschanck
(deleted), text/x-phabricator-request
Details

nsISiteSecurityService.processHeader takes a nsITransportSecurityInfo securityInfo to determine if the header was delivered via a trustworthy connection (namely, if it has no overridden certificate errors). This complicates testing in that each call has to provide a valid nsITransportSecurityInfo, which can't be implemented in JS, because the interface has a notxpcom method. This is also making the separation of nsITransportSecurityInfo and nsISSLSocketControl difficult in bug 1791633. It seems reasonable enough to change this API to require that the caller first verify that the header came from a trustworthy connection.

Pushed by dkeeler@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/82baf71daed4 remove securityInfo argument from nsISiteSecurityService.processHeader r=jschanck,necko-reviewers

https://hg.mozilla.org/mozilla-central/rev/82baf71daed4

Status: NEW → RESOLVED
Closed: 2 years ago
status-firefox108: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 108 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: