diff --git a/browser/components/BrowserComponents.manifest b/browser/components/BrowserComponents.manifest index db6c1e172af2..2217b44978fb 100644 --- a/browser/components/BrowserComponents.manifest +++ b/browser/components/BrowserComponents.manifest @@ -36,24 +36,6 @@ category browser-window-unload moz-src:///browser/components/tabbrowser/NewTabPa category browser-window-delayed-startup resource:///modules/taskbartabs/TaskbarTabs.sys.mjs TaskbarTabs.init # App startup consumers - -category browser-first-window-ready resource:///modules/AboutNewTab.sys.mjs AboutNewTab.init -category browser-first-window-ready resource:///modules/ContentCrashHandlers.sys.mjs TabCrashHandler.init -category browser-first-window-ready resource:///modules/ProcessHangMonitor.sys.mjs ProcessHangMonitor.init -category browser-first-window-ready resource://gre/modules/PageThumbs.sys.mjs PageThumbs.init -category browser-first-window-ready resource://gre/modules/NewTabUtils.sys.mjs NewTabUtils.init -category browser-first-window-ready resource:///modules/PageActions.sys.mjs PageActions.init -category browser-first-window-ready resource://gre/modules/DoHController.sys.mjs DoHController.init -category browser-first-window-ready moz-src:///toolkit/profile/ProfilesDatastoreService.sys.mjs ProfilesDatastoreService.init -category browser-first-window-ready resource:///modules/profiles/SelectableProfileService.sys.mjs SelectableProfileService.init -category browser-first-window-ready moz-src:///browser/components/protections/ContentBlockingPrefs.sys.mjs ContentBlockingPrefs.init -category browser-first-window-ready resource://gre/modules/CaptchaDetectionPingUtils.sys.mjs CaptchaDetectionPingUtils.init -#ifdef MOZ_SANDBOX -#ifdef XP_LINUX -category browser-first-window-ready resource://gre/modules/SandboxUtils.sys.mjs SandboxUtils.maybeWarnAboutMissingUserNamespaces -#endif -#endif - category browser-idle-startup resource:///modules/PlacesUIUtils.sys.mjs PlacesUIUtils.unblockToolbars category browser-idle-startup resource:///modules/BuiltInThemes.sys.mjs BuiltInThemes.ensureBuiltInThemes category browser-idle-startup resource://gre/modules/RFPHelper.sys.mjs RFPHelper.init diff --git a/browser/components/BrowserGlue.sys.mjs b/browser/components/BrowserGlue.sys.mjs index bde641f7112a..0983f4eaa198 100644 --- a/browser/components/BrowserGlue.sys.mjs +++ b/browser/components/BrowserGlue.sys.mjs @@ -9,6 +9,7 @@ const lazy = {}; ChromeUtils.defineESModuleGetters(lazy, { AboutHomeStartupCache: "resource:///modules/AboutHomeStartupCache.sys.mjs", + AboutNewTab: "resource:///modules/AboutNewTab.sys.mjs", AWToolbarButton: "resource:///modules/aboutwelcome/AWToolbarUtils.sys.mjs", ASRouter: "resource:///modules/asrouter/ASRouter.sys.mjs", ASRouterDefaultConfig: @@ -21,6 +22,8 @@ ChromeUtils.defineESModuleGetters(lazy, { BrowserUtils: "resource://gre/modules/BrowserUtils.sys.mjs", BrowserUsageTelemetry: "resource:///modules/BrowserUsageTelemetry.sys.mjs", BrowserWindowTracker: "resource:///modules/BrowserWindowTracker.sys.mjs", + CaptchaDetectionPingUtils: + "resource://gre/modules/CaptchaDetectionPingUtils.sys.mjs", ContentBlockingPrefs: "moz-src:///browser/components/protections/ContentBlockingPrefs.sys.mjs", ContextualIdentityService: @@ -33,6 +36,7 @@ ChromeUtils.defineESModuleGetters(lazy, { "moz-src:///browser/components/DesktopActorRegistry.sys.mjs", Discovery: "resource:///modules/Discovery.sys.mjs", DistributionManagement: "resource:///modules/distribution.sys.mjs", + DoHController: "resource://gre/modules/DoHController.sys.mjs", DownloadsViewableInternally: "resource:///modules/DownloadsViewableInternally.sys.mjs", ExtensionsUI: "resource:///modules/ExtensionsUI.sys.mjs", @@ -44,10 +48,13 @@ ChromeUtils.defineESModuleGetters(lazy, { LoginBreaches: "resource:///modules/LoginBreaches.sys.mjs", LoginHelper: "resource://gre/modules/LoginHelper.sys.mjs", MigrationUtils: "resource:///modules/MigrationUtils.sys.mjs", + NewTabUtils: "resource://gre/modules/NewTabUtils.sys.mjs", NimbusFeatures: "resource://nimbus/ExperimentAPI.sys.mjs", OnboardingMessageProvider: "resource:///modules/asrouter/OnboardingMessageProvider.sys.mjs", + PageActions: "resource:///modules/PageActions.sys.mjs", PageDataService: "resource:///modules/pagedata/PageDataService.sys.mjs", + PageThumbs: "resource://gre/modules/PageThumbs.sys.mjs", PdfJs: "resource://pdf.js/PdfJs.sys.mjs", PlacesBrowserStartup: "moz-src:///browser/components/places/PlacesBrowserStartup.sys.mjs", @@ -55,16 +62,22 @@ ChromeUtils.defineESModuleGetters(lazy, { // eslint-disable-next-line mozilla/valid-lazy PluginManager: "resource:///actors/PluginParent.sys.mjs", PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.sys.mjs", + ProcessHangMonitor: "resource:///modules/ProcessHangMonitor.sys.mjs", ProfileDataUpgrader: "moz-src:///browser/components/ProfileDataUpgrader.sys.mjs", + ProfilesDatastoreService: + "moz-src:///toolkit/profile/ProfilesDatastoreService.sys.mjs", RemoteSecuritySettings: "resource://gre/modules/psm/RemoteSecuritySettings.sys.mjs", RemoteSettings: "resource://services-settings/remote-settings.sys.mjs", SafeBrowsing: "resource://gre/modules/SafeBrowsing.sys.mjs", Sanitizer: "resource:///modules/Sanitizer.sys.mjs", + SandboxUtils: "resource://gre/modules/SandboxUtils.sys.mjs", ScreenshotsUtils: "resource:///modules/ScreenshotsUtils.sys.mjs", SearchSERPTelemetry: "moz-src:///browser/components/search/SearchSERPTelemetry.sys.mjs", + SelectableProfileService: + "resource:///modules/profiles/SelectableProfileService.sys.mjs", SessionStartup: "resource:///modules/sessionstore/SessionStartup.sys.mjs", SessionStore: "resource:///modules/sessionstore/SessionStore.sys.mjs", ShortcutUtils: "resource://gre/modules/ShortcutUtils.sys.mjs", @@ -75,6 +88,7 @@ ChromeUtils.defineESModuleGetters(lazy, { TelemetryReportingPolicy: "resource://gre/modules/TelemetryReportingPolicy.sys.mjs", TRRRacer: "resource:///modules/TRRPerformance.sys.mjs", + TabCrashHandler: "resource:///modules/ContentCrashHandlers.sys.mjs", WebChannel: "resource://gre/modules/WebChannel.sys.mjs", WebProtocolHandlerRegistrar: "resource:///modules/WebProtocolHandlerRegistrar.sys.mjs", @@ -647,6 +661,16 @@ BrowserGlue.prototype = { ); }, + _verifySandboxUserNamespaces: function BG_verifySandboxUserNamespaces(aWin) { + if (!AppConstants.MOZ_SANDBOX) { + return; + } + + lazy.SandboxUtils.maybeWarnAboutMissingUserNamespaces( + aWin.gNotificationBox + ); + }, + _earlyBlankFirstPaint(cmdLine) { let startTime = Cu.now(); @@ -794,6 +818,12 @@ BrowserGlue.prototype = { // the first browser window has finished initializing _onFirstWindowLoaded: function BG__onFirstWindowLoaded(aWindow) { + lazy.AboutNewTab.init(); + + lazy.TabCrashHandler.init(); + + lazy.ProcessHangMonitor.init(); + // A channel for "remote troubleshooting" code... let channel = new lazy.WebChannel( "remote-troubleshooting", @@ -824,6 +854,24 @@ BrowserGlue.prototype = { lazy.WeaveService.init(); } + lazy.PageThumbs.init(); + + lazy.NewTabUtils.init(); + + lazy.PageActions.init(); + + lazy.DoHController.init(); + + lazy.ProfilesDatastoreService.init().catch(console.error); + lazy.SelectableProfileService.init().catch(console.error); + + this._firstWindowTelemetry(aWindow); + + lazy.ContentBlockingPrefs.init(); + lazy.CaptchaDetectionPingUtils.init(); + + this._verifySandboxUserNamespaces(aWindow); + lazy.BrowserUtils.callModulesFromCategory( { categoryName: "browser-first-window-ready", @@ -831,8 +879,6 @@ BrowserGlue.prototype = { }, aWindow ); - - this._firstWindowTelemetry(aWindow); }, _maybeOfferProfileReset() { diff --git a/browser/components/tests/browser/browser_browserGlue_userNamespacesNotification.js b/browser/components/tests/browser/browser_browserGlue_userNamespacesNotification.js index b0e307c6fede..d7765ebd8bd8 100644 --- a/browser/components/tests/browser/browser_browserGlue_userNamespacesNotification.js +++ b/browser/components/tests/browser/browser_browserGlue_userNamespacesNotification.js @@ -3,6 +3,9 @@ "use strict"; +const kCID = "@mozilla.org/browser/browserglue;1"; +const BrowserGlue = Cc[kCID].getService(Ci.nsISupports).wrappedJSObject; + const kNotificationSelector = 'notification-message[message-bar-type="infobar"]' + '[value="sandbox-unprivileged-namespaces"]'; @@ -36,9 +39,6 @@ async function getNotification(shouldBeNull = false) { } if (AppConstants.platform === "linux" && AppConstants.MOZ_SANDBOX) { - let { SandboxUtils } = ChromeUtils.importESModule( - "resource://gre/modules/SandboxUtils.sys.mjs" - ); add_setup(async function setup() { await SpecialPowers.pushPrefEnv({ set: [["security.sandbox.warn_unprivileged_namespaces", true]], @@ -59,7 +59,7 @@ if (AppConstants.platform === "linux" && AppConstants.MOZ_SANDBOX) { "No existing notification" ); setHasUsernamespaces(true); - SandboxUtils.maybeWarnAboutMissingUserNamespaces(window); + BrowserGlue._verifySandboxUserNamespaces(window); const notification = await getNotification(/* shouldBeNull */ true); Assert.equal( @@ -76,7 +76,7 @@ if (AppConstants.platform === "linux" && AppConstants.MOZ_SANDBOX) { "No existing notification" ); setHasUsernamespaces(false); - SandboxUtils.maybeWarnAboutMissingUserNamespaces(window); + BrowserGlue._verifySandboxUserNamespaces(window); const notification = await getNotification(); Assert.notEqual( @@ -97,7 +97,7 @@ if (AppConstants.platform === "linux" && AppConstants.MOZ_SANDBOX) { set: [["security.sandbox.warn_unprivileged_namespaces", false]], }); setHasUsernamespaces(false); - SandboxUtils.maybeWarnAboutMissingUserNamespaces(window); + BrowserGlue._verifySandboxUserNamespaces(window); const notification = await getNotification(/* shouldBeNull */ true); Assert.equal( @@ -125,7 +125,7 @@ if (AppConstants.platform === "linux" && AppConstants.MOZ_SANDBOX) { "Pref is enabled" ); setHasUsernamespaces(false); - SandboxUtils.maybeWarnAboutMissingUserNamespaces(window); + BrowserGlue._verifySandboxUserNamespaces(window); const notification = await getNotification(); const dontShowAgain = notification.querySelector(".notification-button"); @@ -147,10 +147,8 @@ if (AppConstants.platform === "linux" && AppConstants.MOZ_SANDBOX) { document.querySelector(kNotificationSelector), "No existing notification" ); - await Assert.rejects( - fetch("resource://gre/modules/SandboxUtils.sys.mjs"), - /NetworkError when attempting to fetch/, - "SandboxUtils should not be packaged." - ); + BrowserGlue._verifySandboxUserNamespaces(window); + const notification = await getNotification(/* shouldBeNull */ true); + Assert.equal(null, notification, "Notification is not shown on non linux"); }); } diff --git a/security/sandbox/common/SandboxUtils.sys.mjs b/security/sandbox/common/SandboxUtils.sys.mjs index 1a70b67bf20f..fc3ed4ce54dd 100644 --- a/security/sandbox/common/SandboxUtils.sys.mjs +++ b/security/sandbox/common/SandboxUtils.sys.mjs @@ -8,11 +8,11 @@ export var SandboxUtils = { /** * Show a notification bar if user is running without unprivileged namespace * - * @param {Window} aWindow - * The window where the notification will be displayed. + * @param {NotificationBox} aNotificationBox + * The target notification box where notification will be added */ maybeWarnAboutMissingUserNamespaces: - function SU_maybeWarnAboutMissingUserNamespaces(aWindow) { + function SU_maybeWarnAboutMissingUserNamespaces(aNotificationBox) { if (AppConstants.platform !== "linux") { return; } @@ -41,8 +41,7 @@ export var SandboxUtils = { return; } - let box = aWindow.gNotificationBox; - const mozXulElement = box.stack.ownerGlobal.MozXULElement; + const mozXulElement = aNotificationBox.stack.ownerGlobal.MozXULElement; mozXulElement.insertFTLIfNeeded("toolkit/updates/elevation.ftl"); let buttons = [ @@ -59,11 +58,11 @@ export var SandboxUtils = { ]; // Now actually create the notification - box.appendNotification( + aNotificationBox.appendNotification( "sandbox-unprivileged-namespaces", { label: { "l10n-id": "sandbox-missing-unprivileged-namespaces" }, - priority: box.PRIORITY_WARNING_HIGH, + priority: aNotificationBox.PRIORITY_WARNING_HIGH, }, buttons ); diff --git a/security/sandbox/common/moz.build b/security/sandbox/common/moz.build index c1c2c4ad3eb7..bc7117df322e 100644 --- a/security/sandbox/common/moz.build +++ b/security/sandbox/common/moz.build @@ -45,10 +45,9 @@ if CONFIG["MOZ_SANDBOX"] and CONFIG["MOZ_DEBUG"] and CONFIG["ENABLE_TESTS"]: "/netwerk/base", ] -if CONFIG["MOZ_SANDBOX"] and CONFIG["OS_TARGET"] == "Linux": - EXTRA_JS_MODULES += [ - "SandboxUtils.sys.mjs", - ] +EXTRA_JS_MODULES += [ + "SandboxUtils.sys.mjs", +] include("/ipc/chromium/chromium-config.mozbuild")