Closed
Bug 301119
Opened 19 years ago
Closed 16 years ago
Need to allow chrome favicons for XUL error pages
Categories
(Toolkit :: XUL Widgets, defect)
Toolkit
XUL Widgets
Tracking
()
RESOLVED
FIXED
People
(Reporter: whimboo, Assigned: whimboo)
References
Details
Attachments
(2 files, 4 obsolete files)
(deleted),
patch
|
benjamin
:
first-review+
benjamin
:
approval1.8b4+
|
Details | Diff | Splinter Review |
(deleted),
patch
|
whimboo
:
review+
|
Details | Diff | Splinter Review |
Currently checkLoadURI in tabbrowser.xml restricts loading of favicon for
chrome-URIs.
We should allow loading of favicons here because normal images doesn't have this
restriction. I noticed this bug while working on bug 280190.
http://lxr.mozilla.org/seamonkey/source/xpfe/global/resources/content/bindings/tabbrowser.xml#716
http://lxr.mozilla.org/seamonkey/source/content/base/src/nsContentUtils.cpp#1821
Patch upcoming...
Assignee | ||
Comment 1•19 years ago
|
||
Assignee | ||
Updated•19 years ago
|
Assignee: dveditz → hskupin
Status: NEW → ASSIGNED
Attachment #189619 -
Flags: first-review?(bzbarsky)
Assignee | ||
Comment 2•19 years ago
|
||
Attachment #189620 -
Flags: first-review?(darin)
Comment 3•19 years ago
|
||
Nromal images have this restriction because known functionality (eg some remote
XUL) would break with it. The fact that they don't have this restriction does
NOT make me happy...
Is there an actual use case for chrome favicons?
Assignee | ||
Comment 4•19 years ago
|
||
(In reply to comment #3)
> Is there an actual use case for chrome favicons?
As I mentioned before we want to use a favicon on the new netError.xhtml page.
Comment 5•19 years ago
|
||
How about only allowing loading of chrome favicons by a chrome page, then?
Assignee | ||
Comment 6•19 years ago
|
||
(In reply to comment #5)
> How about only allowing loading of chrome favicons by a chrome page, then?
One possibility, but this wouldn't help us due to netError.xhtml doesn't have
chrome permissions since bug 292624 was fixed. Or how we could handle his? But
setting a restriction for loading chrome favicons by normal webpages is a good
idea. They don't need access.
Comment 7•19 years ago
|
||
Can't you get the actual URI loaded from the page's docshell and just look at
the scheme?
Comment 8•19 years ago
|
||
Comment on attachment 189619 [details] [diff] [review]
Enable loading of favicons for xpfe
Per comments
Attachment #189619 -
Flags: first-review?(bzbarsky) → first-review-
Assignee | ||
Comment 9•19 years ago
|
||
(In reply to comment #7)
> Can't you get the actual URI loaded from the page's docshell and just look at
> the scheme?
Sorry, I don't really understand, what I should do. You are only interested to
know the current scheme of netError? After the checkin of bug 292624 the scheme
was changed to "moz-neterror:page?e=error&u=url&d=desc".
Comment 10•19 years ago
|
||
That's the URI that starts to be loaded. I'm talking about the URI as actually
loaded... biesi, do we have a way of getting at it in this case?
Assignee | ||
Comment 11•19 years ago
|
||
(In reply to comment #10)
> That's the URI that starts to be loaded. I'm talking about the URI as actually
> loaded... biesi, do we have a way of getting at it in this case?
Ok, I've used DOMi to get the documentURI. I hope this is that one you wanna
have...
It looks like that one:
about:neterror?e=dnsNotFound&u=http%3A//www.not.existent/&c=UTF-8&d=www.not.existent%20could%20not%20be%20found.%20Please%20check%20the%20name%20and%20try%20again.
Comment 12•19 years ago
|
||
hmm, I guess docshell.currentURI really is the channel's originalURI.
document.documentURI maybe?
Comment 13•19 years ago
|
||
For an about: load, document.documentURI will be the originalURI of the channel.
The webnavigation's currentURI will generally be the channel's final URI, but
for error pages I believe we might force it to be the URI the user originally
started to load...
In any case, is there a reason to allow chrome favicons for anything but
"about:neterror" (as documentURI here)?
Assignee | ||
Comment 14•19 years ago
|
||
(In reply to comment #13)
> For an about: load, document.documentURI will be the originalURI of the channel.
> The webnavigation's currentURI will generally be the channel's final URI, but
> for error pages I believe we might force it to be the URI the user originally
> started to load...
Ok, I tested the values for the above objects.
document.documentURI: about:neterror?e=dnsNotFound...
getWebNavigation().currentURI: http://www.not.existent/
> In any case, is there a reason to allow chrome favicons for anything but
> "about:neterror" (as documentURI here)?
At this time I don't think so. Afaik netError.xhtml will be the only page using
a chrome referenced favicon.
Comment 15•19 years ago
|
||
I'd be in favor of restricting to that, then.
Comment 16•19 years ago
|
||
*** Bug 302797 has been marked as a duplicate of this bug. ***
Assignee | ||
Updated•19 years ago
|
Assignee: hskupin → dveditz
Status: ASSIGNED → NEW
Comment 17•19 years ago
|
||
Comment on attachment 189620 [details] [diff] [review]
Enable loading of favicons for toolkit
equivalent to the one bz rejected
Attachment #189620 -
Flags: first-review?(darin) → first-review-
Comment 18•19 years ago
|
||
As summarized this is WFM: chrome pages *can* load chrome favicons and
checkLoadURI works fine.
Rather than a general bug I think this is specific to the about:neterror? page.
This should get fixed in tabbrowser rather than caps.
Assignee: dveditz → nobody
Component: Security → XUL Widgets
QA Contact: toolkit → xul.widgets
Summary: checkLoadURI should allow loading of favicons for chrome-URIs → Need to allow chrome favicons for XUL error pages
Assignee | ||
Comment 19•19 years ago
|
||
(In reply to comment #18)
> As summarized this is WFM: chrome pages *can* load chrome favicons and
> checkLoadURI works fine.
Indeed a bad summary. Thanks for adjusting to the real issue.
> Rather than a general bug I think this is specific to the about:neterror? page.
> This should get fixed in tabbrowser rather than caps.
Yes, it seems only to be used for netError.xhtml. Personaly I havn't an idea
where to start now.
Comment 20•19 years ago
|
||
maybe something like this, but this is completely untested
(the reason for the chrome check is that I feared XSS attacks on the error page
leading to insertion of another <link rel="icon">, which I suspect does load
the favicon. I haven't verified that, but I thought better to be on the safe
side...)
Comment 21•19 years ago
|
||
(I don't intend to do anything with this patch, someone else will have to take
care of it)
Comment 22•19 years ago
|
||
Christian's patch is what I was suggesting (good call on checking that the
favicon is indeed chrome). If we think this is at all useful we could let all
about: URIs set a chrome favicon, but this is a conservative change to fix the
narrowly stated problem.
the Toolkit tabbrowser would need the same patch.
Comment 23•19 years ago
|
||
Comment on attachment 191143 [details] [diff] [review]
allow favicons for error pages only
r=dveditz
I have no idea how important neterror favicons are to 1.8b4. This is not marked
blocking (or even nominated). We need bsmedberg's (or mconnor's) r= on this.
Attachment #191143 -
Flags: second-review+
Attachment #191143 -
Flags: first-review?(benjamin)
Updated•19 years ago
|
Attachment #191143 -
Flags: first-review?(benjamin) → first-review+
Assignee | ||
Comment 24•19 years ago
|
||
Assignee: nobody → hskupin
Attachment #189619 -
Attachment is obsolete: true
Attachment #189620 -
Attachment is obsolete: true
Status: NEW → ASSIGNED
Attachment #191267 -
Flags: first-review?(benjamin)
Assignee | ||
Updated•19 years ago
|
Attachment #191143 -
Flags: approval1.8b4?
Comment 25•19 years ago
|
||
Comment on attachment 191143 [details] [diff] [review]
allow favicons for error pages only
Such a favicon will get pushed all the way up the UI to the URLbar and the
bookmarks. Pages without their own icon will not get reset when the page loads
succesfully. Maybe it's possible to fake a favicon like we do for image
documents.
Updated•19 years ago
|
Attachment #191267 -
Flags: first-review?(benjamin)
Attachment #191267 -
Flags: first-review+
Attachment #191267 -
Flags: approval1.8b4+
Updated•19 years ago
|
Attachment #191143 -
Flags: approval1.8b4? → approval1.8b4+
Assignee | ||
Updated•19 years ago
|
Whiteboard: [checkin needed]
Comment 26•19 years ago
|
||
Checking in toolkit/content/widgets/tabbrowser.xml;
/cvsroot/mozilla/toolkit/content/widgets/tabbrowser.xml,v <-- tabbrowser.xml
new revision: 1.102; previous revision: 1.101
done
Checking in xpfe/global/resources/content/bindings/tabbrowser.xml;
/cvsroot/mozilla/xpfe/global/resources/content/bindings/tabbrowser.xml,v <--
tabbrowser.xml
new revision: 1.125; previous revision: 1.124
done
Whiteboard: [checkin needed]
Comment 27•19 years ago
|
||
I backed out the xpfe patch because of comment 25, which may make this patch not
needed at least for xpfe.
Assignee | ||
Comment 28•19 years ago
|
||
(In reply to comment #25)
> (From update of attachment 191143 [details] [diff] [review] [edit])
> Such a favicon will get pushed all the way up the UI to the URLbar and the
> bookmarks. Pages without their own icon will not get reset when the page loads
> succesfully. Maybe it's possible to fake a favicon like we do for image
> documents.
I can't recognize this problem with my current cvs build of Firefox. Domains
without a favicon aren't updated with the netError warning icon. Also the
bookmark isn't updated. It still shows me the blank favicon after a complete reload.
What I have done:
- Put a bookmark without favicon to the PTB
- Load this page
- Shut down the network
- Reload the page after clearing the cache
- Tab and location bar show the warning icon but not the bookmark
- Click bookmark to refresh it - still blank icon
- Reconnect network
- Reload page - tab and location bar shows blank favicon
Comment 29•19 years ago
|
||
(In reply to comment #28)
>(In reply to comment #25)
>>Such a favicon will get pushed to the URLbar and bookmarks.
>I can't recognize this problem with my current cvs build of Firefox.
No, it turns out that Firefox only update the bookmarks icon when a page loads
(error pages don't load, they just show). So as long as you don't patch xpfe's
tabbrowser.xml then we'll be fine.
Comment 30•19 years ago
|
||
note that the xpfe part of bug 229737 is now checked in, so seamonkey shouldn't
change any favicons when error pages are loaded.
Assignee | ||
Comment 31•19 years ago
|
||
(In reply to comment #30)
> note that the xpfe part of bug 229737 is now checked in, so seamonkey shouldn't
> change any favicons when error pages are loaded.
So we want to fix this bug or are favicons for xul error pages out of scope for now?
Updated•17 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Comment 32•17 years ago
|
||
(In reply to comment #31)
>So we want to fix this bug
The patch still applies, so I guess biesi can check it in (it's his patch)...
Comment 33•17 years ago
|
||
can someone else take care of checking this in for me, if it's still needed?
Keywords: checkin-needed
Comment 34•17 years ago
|
||
(In reply to comment #33)
> can someone else take care of checking this in for me, if it's still needed?
You mean backing it out, as per bug 430433?
Comment 35•17 years ago
|
||
> You mean backing it out, as per bug 430433?
No Biesi means that the patch needs to be landed.
Comment 36•17 years ago
|
||
>> You mean backing it out, as per bug 430433?
>No Biesi means that the patch needs to be landed.
But in /suite/ and not in /xpfe/
Comment 37•17 years ago
|
||
The patch needs to updated to apply to the suite tabbrowser, and should probably included about:blocked like the current Firefox code in browser.js does. It should probably also be tested and maybe even reviewed again after someone's done that.
Keywords: checkin-needed
Assignee | ||
Comment 38•17 years ago
|
||
So which patches have to be updated? Both or only the one for suite?
Reopening bug until the remaining work is done and an updated patch is checked in.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Comment 39•17 years ago
|
||
The suite patch needs to be updated for the tabbrowser.xml living in suite/ - this is probably the cause of bug 431955.
Blocks: 431955
Assignee | ||
Comment 40•17 years ago
|
||
This patch updates the suite tabbrowser.xml in the same way how Firefox handles it.
Attachment #191143 -
Attachment is obsolete: true
Attachment #319128 -
Flags: review?
Assignee | ||
Updated•17 years ago
|
Attachment #319128 -
Flags: review? → review?(kairo)
Assignee | ||
Updated•17 years ago
|
Version: unspecified → Trunk
Assignee | ||
Updated•17 years ago
|
Status: REOPENED → ASSIGNED
Comment 41•17 years ago
|
||
Comment on attachment 319128 [details] [diff] [review]
Updated patch for SeaMonkey
I don't really understand tabbrowser code, over to Neil who should actually know it.
Attachment #319128 -
Flags: review?(kairo) → review?(neil)
Comment 42•17 years ago
|
||
Comment on attachment 319128 [details] [diff] [review]
Updated patch for SeaMonkey
>+ const aboutBlocked = /^about:blocked\?/;
We don't (yet?) have about:blocked, so I don't think we should test for it, it will only confuse people. r=me with that fixed.
>+ const secMan =
>+ Components.classes["@mozilla.org/scriptsecuritymanager;1"]
>+ .getService(nsIScriptSecurityManager);
Nit: need to reindent all three lines, not just the first ;-)
Attachment #319128 -
Flags: review?(neil) → review+
Assignee | ||
Comment 43•17 years ago
|
||
Fixed comments and taken over r+.
Robert, do we need sr for this module?
Attachment #319128 -
Attachment is obsolete: true
Attachment #322405 -
Flags: review+
Comment 44•17 years ago
|
||
Given that Neil as our "UI tsar" has done the review, I guess it's ok to go in this way.
Assignee | ||
Comment 45•17 years ago
|
||
Ok, so I need someone to check this in. Thanks.
Keywords: checkin-needed
Comment 46•16 years ago
|
||
Checking in suite/browser/tabbrowser.xml;
/cvsroot/mozilla/suite/browser/tabbrowser.xml,v <-- tabbrowser.xml
new revision: 1.196; previous revision: 1.195
done
Is this fixed now? If so, leaving to Henrik to mark it as such :)
Keywords: checkin-needed
Comment 47•16 years ago
|
||
Comment on attachment 322405 [details] [diff] [review]
Updated patch for SeaMonkey v2
[Checkin: Comment 46]
>+ if (!(aboutNeterr.test(targetDoc.documentURI) ||
>+ !uri.schemeIs("chrome")) {
Grrr, the first of those lines has a ( too much, killed the one after the ! as a bustage fix, thanks to ajschult for pointing this out.
Assignee | ||
Comment 48•16 years ago
|
||
Sorry for the bustage. But with the follow-up fix this bug should be resolved now. Marking accordingly.
Status: ASSIGNED → RESOLVED
Closed: 17 years ago → 16 years ago
Resolution: --- → FIXED
Updated•16 years ago
|
Attachment #322405 -
Attachment description: Updated patch for SeaMonkey v2 → Updated patch for SeaMonkey v2
[Checkin: Comment 46]
Updated•16 years ago
|
Attachment #191267 -
Attachment description: Ported patch for toolkit → Ported patch for toolkit
[Checkin: Comment 26 (& 27)]
Updated•16 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•