From 3b1cac2bdbee502b5ea7627f97a1ac71d805ec78 Mon Sep 17 00:00:00 2001 From: Kathy Brade Date: Wed, 8 Aug 2018 11:34:40 -0400 Subject: [PATCH] Bug 27082: enable a limited UITour Disallow access to UITour functionality from all pages other than about:home, about:newtab, and about:tor. Implement a whitelist mechanism for page actions. --- browser/app/permissions | 7 +---- browser/components/uitour/UITour.jsm | 14 +++++++--- browser/components/uitour/UITourChild.jsm | 31 ++--------------------- 3 files changed, 13 insertions(+), 39 deletions(-) diff --git a/browser/app/permissions b/browser/app/permissions index dcb4517e74ce3..0b7b967cbcbef 100644 --- a/browser/app/permissions +++ b/browser/app/permissions @@ -7,11 +7,9 @@ # See nsPermissionManager.cpp for more... # UITour -origin uitour 1 https://www.mozilla.org -origin uitour 1 https://screenshots.firefox.com -origin uitour 1 https://support.mozilla.org origin uitour 1 about:home origin uitour 1 about:newtab +origin uitour 1 about:tor # Remote troubleshooting origin remote-troubleshooting 1 https://support.mozilla.org @@ -19,6 +17,3 @@ origin remote-troubleshooting 1 https://support.mozilla.org # Hybrid Content Telemetry - https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/telemetry/collection/hybrid-content.html # Adding hc_telemetry permission to a new domain requires Data Collection Review: https://wiki.mozilla.org/Firefox/Data_Collection origin hc_telemetry 1 https://discovery.addons.mozilla.org - -# addon install -origin install 1 https://private-network.firefox.com diff --git a/browser/components/uitour/UITour.jsm b/browser/components/uitour/UITour.jsm index 31cf20c9ba347..1cbb861ccdf77 100644 --- a/browser/components/uitour/UITour.jsm +++ b/browser/components/uitour/UITour.jsm @@ -68,6 +68,10 @@ ChromeUtils.defineModuleGetter( // See LOG_LEVELS in Console.jsm. Common examples: "All", "Info", "Warn", & "Error". const PREF_LOG_LEVEL = "browser.uitour.loglevel"; +const TOR_BROWSER_PAGE_ACTIONS_ALLOWED = new Set([ + // Add page actions used by Tor Browser's new user/feature onboarding here. +]); + const BACKGROUND_PAGE_ACTIONS_ALLOWED = new Set([ "forceShowReaderIcon", "getConfiguration", @@ -417,6 +421,11 @@ var UITour = { return false; } + if (!TOR_BROWSER_PAGE_ACTIONS_ALLOWED.has(action)) { + log.warn("Ignoring disallowed action:", action); + return false; + } + switch (action) { case "registerPageID": { break; @@ -979,10 +988,7 @@ var UITour = { // This function is copied to UITourListener. isSafeScheme(aURI) { - let allowedSchemes = new Set(["https", "about"]); - if (!Services.prefs.getBoolPref("browser.uitour.requireSecure")) { - allowedSchemes.add("http"); - } + let allowedSchemes = new Set(["about"]); if (!allowedSchemes.has(aURI.scheme)) { log.error("Unsafe scheme:", aURI.scheme); diff --git a/browser/components/uitour/UITourChild.jsm b/browser/components/uitour/UITourChild.jsm index f5c7752c513f3..941f4ea71ce3b 100644 --- a/browser/components/uitour/UITourChild.jsm +++ b/browser/components/uitour/UITourChild.jsm @@ -29,36 +29,9 @@ class UITourChild extends ActorChild { }); } - isTestingOrigin(aURI) { - if ( - Services.prefs.getPrefType(PREF_TEST_WHITELIST) != - Services.prefs.PREF_STRING - ) { - return false; - } - - // Add any testing origins (comma-seperated) to the whitelist for the session. - for (let origin of Services.prefs - .getCharPref(PREF_TEST_WHITELIST) - .split(",")) { - try { - let testingURI = Services.io.newURI(origin); - if (aURI.prePath == testingURI.prePath) { - return true; - } - } catch (ex) { - Cu.reportError(ex); - } - } - return false; - } - // This function is copied from UITour.jsm. isSafeScheme(aURI) { - let allowedSchemes = new Set(["https", "about"]); - if (!Services.prefs.getBoolPref("browser.uitour.requireSecure")) { - allowedSchemes.add("http"); - } + let allowedSchemes = new Set(["about"]); if (!allowedSchemes.has(aURI.scheme)) { return false; @@ -89,7 +62,7 @@ class UITourChild extends ActorChild { return true; } - return this.isTestingOrigin(uri); + return false; } receiveMessage(aMessage) { -- GitLab