Many have this idea that Firefox should be able to take support/health
data and "self heal." e.g. we take the set of installed addons, compare
it against a blacklist (or possibly a graylist of
not-quite-banned-but-discouraged e.g. performance-sucking) and
automatically take action.
The current approach to these types of features results in a number of
one-offs. e.g. we have a blocklist ping, about:support,
about:healthreport, etc.
One idea is to leverage the fact that about:healthreport is an iframe to
web-hosted content and to offload the decision making for "self healing"
outside of the packaged app and into hosted content. This way, the logic
for improving the browser experience could largely be decoupled from the
release process and be rolled out to users quicker. I would like to
engage the security group about the implications of this.
The proposal is Firefox would expose a "support API" via
about:healthreport (or similar) to remote content hosted in a
content-privileged iframe. The API would consist of event listeners so
the chrome and iframe could communicate. This API would have methods
like "get Health Report payload," "disable add-on X," "prompt user to
upgrade," "get hardware information," etc. Please note that these APIs
would be chrome privileged and could modify the browser (or at least
prompt the user to modify the browser - although I believe UX/Product
would like Firefox to do as much automatically as possible).
This is largely how about:healthreport works today: a Mozilla-hosted
content-privileged iframe requests the FHR payload from chrome and does
something with it [1]. The difference is we'd be offering a much richer
API to the remote-hosted content. And that much richer API offers many
more avenues for abuse. Hence the security concerns.
Is this proposal something the security team could support? What are the
concerns? If the proposal is not acceptable, what do you propose as an
alternative to facilitate browser "self healing?"
[1]
https://hg.mozilla.org/mozilla-central/file/89294cd501d9/browser/base/content/abouthealthreport/abouthealth.js
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
