From MozillaWiki
Jump to: navigation, search

2.5 Blockers

Weekly Status Update


Ethan Tseng

Henry Chang

  1. Bug 1186290 - Notify TabParent to switch process when a signed packaged is loading from different origin.
    1. Add nsIPackagedAppChannelListener.onStartSignedPackageRequest
    2. Decide whether to call nsFrameLoader::SwitchProcessAndLoadURL in TabParent
    3. Who is supposed to review this patch? I asked for Jason first cuz he gave me some feedback before.
  1. Bug 1163254 - Add signedPkg OriginAttribute for new Firefox OS security model
    1. Actually 'packageId' is added to OriginAttributes rather than 'signedPkg'.
    2. IPC part is also included in the patch.
    3. bholley may review this since he's back from PTO (?)
  1. Bug 1178526 - Set appropriate origin attributes for signed packages
    1. Depends on Bug 1186290. (we need a path to propagate the packageId from deep internal to nsHttpChannel.)
    2. Add attribute 'packageId' to nsILoadContext, which is being refacored all around. Don't think we should wait because the refactor is not blocker.
    3. No idea who could review this. Will ask Honza or bholley first.
  1. Bug 1178518 - Support for verifying signed packages
    1. Change PackagedAppVerifier to call back the verification result asynchronously.
  1. Bug 1178533 - Register permissions, system messages etc on navigation to signed packages
    1. Help Stephanie solve issues she met.
    2. Worked around the parent side permission check (AssertAppProcessPermission) like what TCPSocketParent uses. Child side perm## ission check is okay since its alll origin-based. However, parent side would depend on if the tab has own app or a browser element to do the check (TabContext). Even more, mozIAppliction.hasPermission would be used to check permissions, where mozIAppliction is passed around child/parent by appId.
    3. Have a working fix by hacking TabContext. If we are loading a packaged content, we set the TabContext to AppFrame and owns a hand-made mozIApplication created by origin.
  1. Followup to Bug 1178533: In the long run we need something like nsIAppService to store proxies of mozIApplication for signed packaged content. For example, CSP module needs the csp defined in the manifest and for now no information in the manifest will be stored at all (except permissions.)

Jonathan Hao

  • Bug 1178518 - Support for verifying signed packages
    • had a usable synchronous patch
    • Henry changed PackagedAppVerifier to async version. I will make some changes accordingly
    • Keeler r+ the part about adding ca root.

Tim Huang

  • bug 1181489 - mozAlarm mixes up 2 alarms: one for a regular CalDav sync, the other to wake you up
    • Successfully reproduce this bug.
    • Now, I am trying to confirm the root cause of this bug.
    • A work around had been tried and could avoid this problem, however, it may trigger another issue according to the root cause, that I cannot sure yet, of this bug.

Winnie Sun

Yoshi Huang

Aaron Wu (EPM)