Commit bcf94f96 authored by Kathleen Brade's avatar Kathleen Brade Committed by Georg Koppen
Browse files

Bug 27082: enable a limited UITour 

Disallow access to UITour functionality from all pages other than
  about:home, about:newtab, and about:tor.
Implement a whitelist mechanism for page actions.
parent 175c8505

browser/app/permissions

+1 −5
Original line number Diff line number Diff line
@@ -7,13 +7,9 @@ 
# See nsPermissionManager.cpp for more...



# UITour

origin	uitour	1	https://www.mozilla.org

origin	uitour	1	https://screenshots.firefox.com

origin	uitour	1	https://support.mozilla.org

origin	uitour	1	https://addons.mozilla.org

origin	uitour	1	https://discovery.addons.mozilla.org

origin	uitour	1	about:home

origin	uitour	1	about:newtab

origin	uitour	1	about:tor



# XPInstall

origin	install	1	https://addons.mozilla.org

browser/components/uitour/UITour.jsm

+10 −3
Original line number Diff line number Diff line
@@ -41,6 +41,10 @@ ChromeUtils.defineModuleGetter(this, "UpdateUtils", 
const PREF_LOG_LEVEL      = "browser.uitour.loglevel";

const PREF_SEENPAGEIDS    = "browser.uitour.seenPageIDs";



const TOR_BROWSER_PAGE_ACTIONS_ALLOWED = new Set([

  // Add page actions used by Tor Browser's new user/feature onboarding here.

]);



const BACKGROUND_PAGE_ACTIONS_ALLOWED = new Set([

  "forceShowReaderIcon",

  "getConfiguration",
@@ -376,6 +380,11 @@ var UITour = { 
      return false;

    }



    if (!TOR_BROWSER_PAGE_ACTIONS_ALLOWED.has(action)) {

      log.warn("Ignoring disallowed action:", action);

      return false;

    }



    switch (action) {

      case "registerPageID": {

        if (typeof data.pageID != "string") {
@@ -930,9 +939,7 @@ var UITour = { 


  // This function is copied to UITourListener.

  isSafeScheme(aURI) {

    let allowedSchemes = new Set(["https", "about"]);

    if (!Services.prefs.getBoolPref("browser.uitour.requireSecure"))

      allowedSchemes.add("http");

    let allowedSchemes = new Set(["about"]);



    if (!allowedSchemes.has(aURI.scheme)) {

      log.error("Unsafe scheme:", aURI.scheme);

browser/components/uitour/content-UITour.js

+2 −23
Original line number Diff line number Diff line
@@ -26,30 +26,9 @@ var UITourListener = { 
    });

  },



  isTestingOrigin(aURI) {

    if (Services.prefs.getPrefType(PREF_TEST_WHITELIST) != Services.prefs.PREF_STRING) {

      return false;

    }



    // Add any testing origins (comma-seperated) to the whitelist for the session.

    for (let origin of Services.prefs.getCharPref(PREF_TEST_WHITELIST).split(",")) {

      try {

        let testingURI = Services.io.newURI(origin);

        if (aURI.prePath == testingURI.prePath) {

          return true;

        }

      } catch (ex) {

        Cu.reportError(ex);

      }

    }

    return false;

  },



  // This function is copied from UITour.jsm.

  isSafeScheme(aURI) {

    let allowedSchemes = new Set(["https", "about"]);

    if (!Services.prefs.getBoolPref("browser.uitour.requireSecure"))

      allowedSchemes.add("http");

    let allowedSchemes = new Set(["about"]);



    if (!allowedSchemes.has(aURI.scheme))

      return false;
@@ -74,7 +53,7 @@ var UITourListener = { 
    if (permission == Services.perms.ALLOW_ACTION)

      return true;



    return this.isTestingOrigin(uri);

    return false;

  },



  receiveMessage(aMessage) {