window.sidebar.addSearchEngine leaks installation paths on OSX and Windows.
Previously reported as part of #9308 (closed). Open ESR-24-based TBB on Windows or Mac, start the Web Console, and enter the line
window.sidebar.addSearchEngine("http://", "http://", null, null);
The resulting Exception reads
[Exception... "addEngine: Error adding engine:
[Exception... "Component returned failure code: 0x804b000a (NS_ERROR_MALFORMED_URI) [nsIIOService.newChannelFromURI]" nsresult: "0x804b000a (NS_ERROR_MALFORMED_URI)" location: "JS frame :: jar:file:///Applications/TorBrowserBundle_en-US.app/Contents/MacOS/TorBrowser.app/Contents/MacOS/omni.ja!/components/nsSearchService.js :: SRCH_ENG_initFromURI :: line 1201" data: no]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: jar:file:///Applications/TorBrowserBundle_en-US.app/Contents/MacOS/TorBrowser.app/Contents/MacOS/omni.ja!/components/nsSearchService.js :: FAIL :: line 264" data: no]
which includes the path
file:///Applications/TorBrowserBundle_en-US.app/Contents/MacOS/TorBrowser.app/Contents/MacOS/omni.ja!/components/nsSearchService.js
Depending on where TBB is installed, the path may include the User directory and thus may leak private information to client-side JS web code.
Note that this bug no longer obtains in ESR-31. The bug that fixed this was
"Port window.sidebar and window.external to WebIDL", https://bugzilla.mozilla.org/show_bug.cgi?id=983920
patch: https://hg.mozilla.org/mozilla-central/rev/d9e6a6c40a57