mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-24 21:31:04 +00:00
Bug 1386502 - Whitelist paths added via pref for files opened in the content process during some tests. r=jimm
--HG-- extra : rebase_source : a34c7e1d445154843e8efd0146824dff0bdfda9b
This commit is contained in:
parent
5ed8327922
commit
00eaf28579
@ -323,6 +323,32 @@ GeckoChildProcessHost::PrepareLaunch()
|
||||
mSandboxLevel = GetEffectiveContentSandboxLevel();
|
||||
mEnableSandboxLogging =
|
||||
Preferences::GetBool("security.sandbox.logging.enabled");
|
||||
|
||||
// We currently have to whitelist certain paths for tests to work in some
|
||||
// development configurations.
|
||||
nsAutoString readPaths;
|
||||
nsresult rv =
|
||||
Preferences::GetString("security.sandbox.content.read_path_whitelist",
|
||||
readPaths);
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
for (const nsAString& readPath : readPaths.Split(',')) {
|
||||
nsString trimmedPath(readPath);
|
||||
trimmedPath.Trim(" ", true, true);
|
||||
std::wstring resolvedPath(trimmedPath.Data());
|
||||
// Before resolving check if path ends with '\' as this indicates we
|
||||
// want to give read access to a directory and so it needs a wildcard.
|
||||
bool addWildcard = (resolvedPath.back() == L'\\');
|
||||
if (!widget::WinUtils::ResolveJunctionPointsAndSymLinks(resolvedPath)) {
|
||||
NS_ERROR("Failed to resolve test read policy rule.");
|
||||
continue;
|
||||
}
|
||||
|
||||
if (addWildcard) {
|
||||
resolvedPath.append(L"\\*");
|
||||
}
|
||||
mAllowedFilesRead.push_back(resolvedPath);
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -310,11 +310,11 @@ class RefTest(object):
|
||||
sandbox_whitelist_paths.append(options.workPath)
|
||||
except AttributeError:
|
||||
pass
|
||||
if platform.system() == "Linux":
|
||||
# Trailing slashes are needed to indicate directories on Linux
|
||||
for idx, path in enumerate(sandbox_whitelist_paths):
|
||||
if not path.endswith("/"):
|
||||
sandbox_whitelist_paths[idx] = path + "/"
|
||||
if (platform.system() == "Linux" or
|
||||
platform.system() in ("Windows", "Microsoft")):
|
||||
# Trailing slashes are needed to indicate directories on Linux and Windows
|
||||
sandbox_whitelist_paths = map(lambda p: os.path.join(p, ""),
|
||||
sandbox_whitelist_paths)
|
||||
|
||||
# Bug 1300355: Disable canvas cache for win7 as it uses
|
||||
# too much memory and causes OOMs.
|
||||
|
@ -1813,11 +1813,11 @@ toolbar#nav-bar {
|
||||
sandbox_whitelist_paths.append(options.topsrcdir)
|
||||
except AttributeError:
|
||||
pass
|
||||
if platform.system() == "Linux":
|
||||
# Trailing slashes are needed to indicate directories on Linux
|
||||
for idx, path in enumerate(sandbox_whitelist_paths):
|
||||
if not path.endswith("/"):
|
||||
sandbox_whitelist_paths[idx] = path + "/"
|
||||
if (platform.system() == "Linux" or
|
||||
platform.system() in ("Windows", "Microsoft")):
|
||||
# Trailing slashes are needed to indicate directories on Linux and Windows
|
||||
sandbox_whitelist_paths = map(lambda p: os.path.join(p, ""),
|
||||
sandbox_whitelist_paths)
|
||||
|
||||
# interpolate preferences
|
||||
interpolation = {
|
||||
|
Loading…
Reference in New Issue
Block a user