Opened 6 years ago

Closed 5 years ago

#9608 closed task (fixed)

Review and audit Firefox changes since Firefox 17

Reported by: mikeperry Owned by: tbb-team
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Keywords: ff24-esr, MikePerry201312, tbb-rebase, tbb-firefox-patch
Cc: g.koppen@…, intrigeri Actual Points: 10
Parent ID: Points:
Reviewer: Sponsor:

Description

As the first step in the the switch to Firefox 24 in November, we'll need to review all of the Firefox for Developers pages, the undocumented bugs, and scan the source code for the appearance of new networking system calls.

Here's the first link:
https://developer.mozilla.org/en-US/Firefox_18_for_developers

Child Tickets

Change History (15)

comment:1 Changed 6 years ago by gk

Cc: g.koppen@… added

comment:2 Changed 6 years ago by mikeperry

Keywords: MikePerry201310 added; MikePerry201309 removed

comment:3 Changed 6 years ago by mikeperry

Reviewing just the developer docs (not counting undocumented bugs), here's stuff that needs a closer look for each FF version.

FF24:

  • Seems fine.

FF23:

  • Mixed content blocking will need to be fixed or disabled.

FF22:

FF21:

  • No major issues

FF20:

FF19:

FF18:

comment:4 Changed 6 years ago by mikeperry

And here's the list of undocumented bugs that need a closer look:

FF24:

https://bugzilla.mozilla.org/show_bug.cgi?id=855741
https://bugzilla.mozilla.org/show_bug.cgi?id=549861
https://bugzilla.mozilla.org/show_bug.cgi?id=858234

FF23:

https://bugzilla.mozilla.org/show_bug.cgi?id=525444
https://bugzilla.mozilla.org/show_bug.cgi?id=769871
https://bugzilla.mozilla.org/show_bug.cgi?id=811403
https://bugzilla.mozilla.org/show_bug.cgi?id=818675
https://bugzilla.mozilla.org/show_bug.cgi?id=834835

FF22:

https://bugzilla.mozilla.org/show_bug.cgi?id=845010
https://bugzilla.mozilla.org/show_bug.cgi?id=783129

FF21:

https://bugzilla.mozilla.org/show_bug.cgi?id=834595
https://bugzilla.mozilla.org/show_bug.cgi?id=823175

FF20:

https://bugzilla.mozilla.org/show_bug.cgi?id=776443
https://bugzilla.mozilla.org/show_bug.cgi?id=815743
https://bugzilla.mozilla.org/show_bug.cgi?id=818800
https://bugzilla.mozilla.org/show_bug.cgi?id=770844
https://bugzilla.mozilla.org/show_bug.cgi?id=764240
https://bugzilla.mozilla.org/show_bug.cgi?id=617532
https://bugzilla.mozilla.org/show_bug.cgi?id=789932

FF19:

https://bugzilla.mozilla.org/show_bug.cgi?id=801576
https://bugzilla.mozilla.org/show_bug.cgi?id=804944
https://bugzilla.mozilla.org/show_bug.cgi?id=722979
https://bugzilla.mozilla.org/show_bug.cgi?id=723002
https://bugzilla.mozilla.org/show_bug.cgi?id=723005
https://bugzilla.mozilla.org/show_bug.cgi?id=648610
https://bugzilla.mozilla.org/show_bug.cgi?id=801402

FF18:

https://bugzilla.mozilla.org/show_bug.cgi?id=745025
https://bugzilla.mozilla.org/show_bug.cgi?id=750862
https://bugzilla.mozilla.org/show_bug.cgi?id=790946
https://bugzilla.mozilla.org/show_bug.cgi?id=782453
https://bugzilla.mozilla.org/show_bug.cgi?id=774963
https://bugzilla.mozilla.org/show_bug.cgi?id=737003
https://bugzilla.mozilla.org/show_bug.cgi?id=726615
https://bugzilla.mozilla.org/show_bug.cgi?id=783531
https://bugzilla.mozilla.org/show_bug.cgi?id=722861
https://bugzilla.mozilla.org/show_bug.cgi?id=796523
https://bugzilla.mozilla.org/show_bug.cgi?id=564815
https://bugzilla.mozilla.org/show_bug.cgi?id=769764
https://bugzilla.mozilla.org/show_bug.cgi?id=769569
https://bugzilla.mozilla.org/show_bug.cgi?id=787931
https://bugzilla.mozilla.org/show_bug.cgi?id=695399
https://bugzilla.mozilla.org/show_bug.cgi?id=791019

comment:5 Changed 6 years ago by mikeperry

Points: 3

comment:6 Changed 6 years ago by mikeperry

Actual Points: 3
Points: 3

comment:7 Changed 6 years ago by mikeperry

Keywords: tbb-rebase added

comment:8 Changed 6 years ago by mikeperry

Keywords: MikePerry201311 added; MikePerry201310 removed

comment:9 Changed 6 years ago by mikeperry

Actual Points: 310

Ok, I've completed the review of the above bugs and API features. I've filed the following bugs as a result: #10283, #10284, #10285, #10286.

Aside from #10285, none of them require immediate attention. However, #10285 represents some further testing needed to determine the behavior of several APIs with respect to different desktop environments. It is possible that on some desktops, the APIs we test in #10285 could result in proxy bypass due to OS or desktop-specific behavior.

I still need to complete the network system call audit.

comment:10 Changed 6 years ago by gacar

Please note that the following canvas methods in esr24 are not mentioned in the filed bugs (10283-6).

  • ToBlob
  • ToDataURL
  • mozFetchAsStream
  • mozGetAsFile

comment:11 Changed 6 years ago by mikeperry

Keywords: MikePerry201312 added; MikePerry201311 removed

comment:12 Changed 5 years ago by intrigeri

Cc: intrigeri added

comment:13 Changed 5 years ago by erinn

Keywords: tbb-firefox-patch added

comment:14 Changed 5 years ago by erinn

Component: Firefox Patch IssuesTor Browser
Owner: changed from mikeperry to tbb-team

comment:15 Changed 5 years ago by mikeperry

Resolution: fixed
Status: newclosed

Not sure how this wasn't closed..

Note: See TracTickets for help on using tickets.