corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1866991 - Don't use BadCertHandler in UpdateService r=nalexander,dveditz

Browse Source 
It appears that the current usage of `BadCertHandler` was added back before update MARs were signed (allowing us to rely on the MAR certificate regardless of the security characteristics of the transport mechanism). After MAR signing was added, we removed the `checkCert()` call in Bug 1182352 since we no longer needed it. Presumably, the `BadCertHandler` call should have been removed at the same time, but it must have been overlooked.

Differential Revision: https://phabricator.services.mozilla.com/D199132
This commit is contained in:
Robin Steuber
2024-01-22 19:25:27 +00:00
parent 956f4a9fa5
commit 7b6f0bee80
1 changed files with 0 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
toolkit/mozapps/update/UpdateService.sys.mjs
View File

@@ -21,7 +21,6 @@ const lazy = {};
ChromeUtils.defineESModuleGetters(lazy, {
AddonManager: "resource://gre/modules/AddonManager.sys.mjs",
AsyncShutdown: "resource://gre/modules/AsyncShutdown.sys.mjs",
CertUtils: "resource://gre/modules/CertUtils.sys.mjs",
DeferredTask: "resource://gre/modules/DeferredTask.sys.mjs",
UpdateLog: "resource://gre/modules/UpdateLog.sys.mjs",
UpdateUtils: "resource://gre/modules/UpdateUtils.sys.mjs",
@@ -5235,9 +5234,6 @@ export class CheckerService {
let request = new XMLHttpRequest();
request.open("GET", url, true);
request.channel.notificationCallbacks = new lazy.CertUtils.BadCertHandler(
false
);
// Prevent the request from reading from the cache.
request.channel.loadFlags |= Ci.nsIRequest.LOAD_BYPASS_CACHE;
// Prevent the request from writing to the cache.