Re: How can I save Push-Notifications on a Windows 10 PC

On 2020-12-30 6:18 a.m., Ronald Brauer wrote: The Push-Notifications of a website are only some seconds on my PC. How can I see them some time after I got them? Once bug 1497425 and its dependencies are fixed then notifications will show in the Windows 10 Action Center until Firefox is

`mach test --headless` now supports xpcshell-tests

ou may want to run a test without the argument if you're seeing an unusual failure that doesn't appear in automation. In that case you could opt the test out of headless mode with `headless = false` in the manifest. Thanks to Geoff Brown for the quick review.

Re: Fission Engineering Newsletter #1

On 2019-02-13 9:02 p.m., Tom Ritter wrote: On Wed, Feb 13, 2019 at 9:48 PM Matthew N. wrote: What about doing better sandboxing of the content process (e.g. ensuring a compromised process can't request information from the parent that isn't relevant to it)? This is https

Re: Fission Engineering Newsletter #1

process (e.g. ensuring a compromised process can't request information from the parent that isn't relevant to it)? Thanks, Matthew N. ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Coming in Firefox 65: Dedicated Profiles Per Install and Profile Downgrade Protection

Cheers, Matthew On Tue, Oct 23, 2018 at 8:34 AM, Michael Verdi wrote: > Dave could there be a way/option to migrate safe data to the new profile > similar to what we do with a refresh? > > On Thu, Oct 18, 2018 at 2:32 PM Dave Townsend > wrote: > >> In Firefox 65 we intend to

Re: PSA: Avoid Visual Studio 2017 15.7.0

On 2018-05-08 6:40 a.m., Ryan VanderMeulen wrote: Yesterday, Microsoft released Visual Studio 2017 15.7.0. Unfortunately, it is currently not usable for building Firefox due to bug 1458247 (internal compiler errors in WebRTC code). The bug was already reported and confirmed upstream during the

Re: Refactoring proposal for the observer service

On 2018-01-04 10:00 AM, Nathan Froyd wrote: … 2) How would one shoehorn this into *DL? The options that come to mind are: - Separate methods for every observer topic, which sounds terrible from a code duplication perspective. Though maybe this would be nice for JS clients, so we could say

Intent to Implement and Ship: HTMLTextAreaElement.autocomplete

face tests and ​ https://wpt.fyi/html/semantics/forms/the-form-element/form-autocomplete.html tests the common parsing logic (not specific to ) ​Thanks, Matthew N. (:MattN) ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: We need better canaries for JS code

Hi David, On 2017-10-18 1:28 AM, David Teller wrote: If I understand correctly, this triggered the usual "undefined is not a function", which was 1/ uncaught during testing, as these things often are; That's only because this code doesn't have any tests. That was filed as bug 1409913. 2/

Re: Easier debugging/inspecting of remote tab state with the Browser Content Toolbox

On 2017-10-03 5:44 PM, Boris Zbarsky wrote: On 10/3/17 7:15 PM, Matthew N. wrote: For those of you who don't know, when the "devtools.chrome.enabled" pref is true the Web Developer > Browser Content Toolbox opens a toolbox targeting the content process that the selected

Easier debugging/inspecting of remote tab state with the Browser Content Toolbox

the selected tab's TabChildGlobal and making the frame picker work (to more easily change between `TabChildGlobal`s by URL). Happy debugging! Matthew Noorenberghe (:MattN) ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Race Cache With Network experiment on Nightly

I think you were looking at the docs for opt-in Shield studies (experiments deployed as add-ons), not for pref flipping experiments. Due to the nature of some of the opt-in studies we run they require a different approval process. Pref flipping is available for all users, it is not opt-in. The

Re: PSA: Requesting specific talos jobs in try syntax is broken on TC

, documented) code! The problem I'm seeing only started in the last week or so. Dustin 2017-05-13 14:15 GMT-04:00 Matthew N. <ma...@mozilla.com>: See https://bugzilla.mozilla.org/show_bug.cgi?id=1363409 for details. It will still work on Win7 which uses buildbot, but won't on OS X or Linux whi

PSA: Requesting specific talos jobs in try syntax is broken on TC

, Matthew N. (:MattN) P.S. --rebuild-talos was also broken for a while but should now work again (bug 1317189) ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Heads Up: /storage upgraded from version 1.0 to 2.0

s the new file. If you disagree about the priority then feel free to comment in the bug or find an assignee. Matthew ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Deprecating XUL in new UI

. Matthew On Mon, Jan 16, 2017 at 12:43 PM, Dave Townsend <dtowns...@mozilla.com> wrote: > One of the things I've been investigating since moving back to the desktop > team is how we can remove XUL from the application as much as possible. The > benefits for doing this are varie

Re: Intent to restrict to secure contexts: navigator.geolocation

On Wed, Oct 26, 2016 at 4:26 PM, Jan-Ivar Bruaroey <j...@mozilla.com> wrote: > On 10/26/16 6:28 PM, Matthew N. wrote: > >> On 2016-10-26 1:40 PM, Jan-Ivar Bruaroey wrote: >> >>> At the risk of sounding pragmatic/opportunistic, why not wait until the >>&g

Re: Intent to restrict to secure contexts: navigator.geolocation

on (WebRTC IIRC). Matthew ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Reorganization of Firefox-UI tests in mozilla-central

On 2016-09-02 2:29 AM, Gijs Kruitbosch wrote: On 02/09/2016 00:15, Matthew N. wrote: On 2016-09-01 9:24 AM, Gijs Kruitbosch wrote: On 01/09/2016 16:37, Henrik Skupin wrote: Do those locations sound good? I have heard at least once that "firefox_ui" might not be the best choice as f

Re: Reorganization of Firefox-UI tests in mozilla-central

dn't want to be misled into thinking I should write a "Firefox-UI" test when mochitest-browser-chrome is actually the desired suite. I would suggest "puppeteer" or "marionette" for directory names to avoid confusion. Thanks, Matthew N. (:MattN) ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Mercurial performance (vs git)

Make sure you have enabled the fsmonitor[1] extension for mercurial if your prompt is using `hg` commands. I believe `mach mercurial-setup` now helps with this. Matthew N. (:MattN) [1] https://www.mercurial-scm.org/wiki/FsMonitorExtension On 2016-08-15 12:46 PM, Botond Ballo wrote: Cross

Re: MXR permanently offline, please transition to DXR

On Fri, Jul 8, 2016 at 12:27 PM, Lawrence Mandel wrote: > We do in the case of 3rd party software referencing files from MXR (and > I'm told there is a lot of this). > ​That's an existing problem which is orthogonal to the MXR decommissioning so that doesn't need to be

Re: Searchfox (new code search tool)

It's more due to lack of mxr-parity rather than usage that is delaying the MXR retirement. See the dependency tree: https://bugzilla.mozilla.org/showdependencytree.cgi?id=1097091_resolved=1 Matthew On Mon, Jun 6, 2016 at 11:23 PM, Sebastian Zartner < sebastianzart...@gmail.com> wrote:

pushPrefEnv/popPrefEnv/flushPrefEnv now return Promises

the tree which wrote their own Promise wrappers for pushPrefEnv so feel free to file follow-up bugs blocking bug 1197310 to remove them. Cheers, Matthew N. (:MattN) [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1197310 P.S. For those of you who didn't hear (since there was no announc

Re: Intent to implement and ship: DOMTokenList.prototype.supports

On 2016-05-03 9:01 PM, Boris Zbarsky wrote: Looking at this code, there's also similar handling for "search", right? Again, not sure whether that's exposed in the default UI. A green plus sign appears above the magnifying glass in the search bar for rel="search" and the menu allows you to

Re: Changes to bugzilla "plugins" product

On Mon, May 2, 2016 at 3:43 PM, Emma Humphries wrote: > Andrew, can you do a pass over the bugs since Jan 1st and, and let's > rename this FFx::Add Ons Compatablity so that it's clear it's not plugins. > ​Extensions and plugins are both types of add-ons​ so renaming makes it

Re: Intent to ship: Treat cookies set over non-secure HTTP as session cookies

. Matthew ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Intent to ship: Treat cookies set over non-secure HTTP as session cookies

n a design for yet but should be less risky to implement than for . It is in the Firefox privacy/security team backlog. Meta bug related to dealing with insecure login forms: https://bugzilla.mozilla.org/show_bug.cgi?id=1217142 Thanks, Matthew N. _

Re: Intent to implement: W3C WebAppSec credentialmanagement API

On 2016-03-18 7:22 AM, Mike West wrote: On Thu, Mar 17, 2016 at 10:04 PM, Justin Dolske wrote: On 3/14/16 3:01 PM, Martin Thomson wrote: The actual benefit is something that is only realized once a site puts in the effort required. That is small, yes, but we're seeing

Re: Intent to implement: W3C WebAppSec credentialmanagement API

On 2016-03-14 2:29 AM, Mike West wrote: On Thu, Mar 10, 2016 at 9:07 PM, Ben Kelly <bke...@mozilla.com> wrote: I believe Matthew Noorenberghe had some concerns about the necessity of the API given requestAutocomplete: https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/7ouLj

Re: Intent to implement: W3C WebAppSec credentialmanagement API

On 2016-03-10 12:07 PM, Ben Kelly wrote: I believe Matthew Noorenberghe had some concerns about the necessity of the API given requestAutocomplete: https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/7ouLjWzcjb0/s7aZHGnlAwAJ https://github.com/w3c/webappsec-credential-management

Re: firefox-ui-tests are now in mozilla-central with TaskCluster support

-chrome? It seems one difference is that some(?) tests run on non-en-US. Could you also add a description to https://developer.mozilla.org/en-US/docs/Mozilla/QA/Automated_testing? Thanks, Matthew N. (:MattN) ___ dev-platform mailing list dev-platform

Re: Making it easier to file performance bugs?

porters would have to know to use the textbox at the bottom instead of the big icons for your flow. Matthew ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Making it easier to file performance bugs?

Have you considered using bugzilla whine emails to receive a list of all new bugs with that keyword. You could narrow it down to the "Untriaged" component(s) if you wish. Cheers, Matthew N. (:MattN) On Sat, Feb 13, 2016 at 4:50 AM, David Rajchenbach-Teller <dtel...@mozilla.com> wro

Re: Using browser stored credentials for http://mywebsi.de also on https://mywebsi.de

Emma is correct that this is the solution for your problem and we are aware that it's important for the adoption of HTTPS. We already implemented the first half to support the upgrade of the form @action from HTTP to HTTPS in Firefox 41 but bug 667233 is needed to handle the form's origin

Re: Telemetry Dashboards

On 2015-08-19 1:59 PM, azha...@gmail.com wrote: Evolution dashboard: Enumerated histograms. Boolean histograms. Histogram dashboard: Keyed histograms. Thanks Anthony! I've been looking forward to reports like these for a long time. Matthew N. (:MattN

Re: Can we make a plan to retire Universal Mac builds?

Assuming our FHR data is gathering correct data: 1.5% of our OS X users are on x86. (There is no date on the dashboard I'm looking at) If we have data on CPU architecture I don't think the OS version is relevant unless I'm missing something. Matthew N. (:MattN) On 2015-08-05 3:02 PM, Syd

Re: Intent to deprecate: Insecure HTTP

It's absolutely true for hosting yourself today. The only thing even slightly difficult is setting up dynamic dns. On Mon, May 4, 2015, at 06:01 AM, Gervase Markham wrote: On 01/05/15 19:02, Matthew Phillips wrote: You must have missed my original email: It's paramount that the web remain

Re: Intent to deprecate: Insecure HTTP

making people feel safe knowing that http doesn't exist any more. My fear is that the pendulum has swung away from this (previously self-evident) position and the people running the web today have other priorities. On Fri, May 1, 2015, at 01:03 PM, Adam Roach wrote: On 5/1/15 05:03, Matthew Phillips

Re: Intent to deprecate: Insecure HTTP

I think this is a grave mistake. The simplicity of the web was the primary factor in its explosive growth. By putting up barriers to entry you are discouraging experimentation, discouraging one-off projects, and discouraging leaving inactive websites running (as keeping certs up to date will

Re: Experiment with running debug tests less often on mozilla-inbound the week of August 25

On 8/19/14 12:22 PM, Jonathan Griffin wrote: To assess the impact of doing this, we will be performing an experiment the week of August 25, in which we will run debug tests on mozilla-inbound on most desktop platforms every other run, instead of every run as we do now. Debug tests on linux64

Re: Telemetry alerts for histograms

I would prefer a public list available over NNTP like mozilla.dev.tree-management so I don't have to get the large volume of mail in my inbox. MattN On 8/12/14 5:17 PM, Gavin Sharp wrote: What does that alias point to? Seems to me a public mailman mailing list would be a better choice, since

Re: Is it time for mochitest-chrome on Android and B2G

tests could run on mobile. Matthew ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Overriding the CSP for privileged protocols

On Thursday, June 5, 2014 5:50:23 PM UTC+2, Boris Zbarsky wrote: The CSP implementation should be using protocol flags here instead of hardcoding (and if it's not, bugs should be filed). And then your protocol can set the relevant flags. I'll confirm (going to dive deeper into the CSP code

Re: Overriding the CSP for privileged protocols

On Thursday, June 5, 2014 5:50:23 PM UTC+2, Boris Zbarsky wrote: The CSP implementation should be using protocol flags here instead of hardcoding (and if it's not, bugs should be filed). And then your protocol can set the relevant flags. Bug filed:

Re: DOMWindowCreated not fired for some frames

On Tuesday, March 25, 2014 7:34:27 PM UTC+1, Boris Zbarsky wrote: Is the url about:blank when the window is created, perhaps? It's hard to say without knowing exactly what you're logging/measuring. I spent some more time looking into this. The problem is apparently that we are observing

Re: DOMWindowCreated not fired for some frames

On Friday, June 6, 2014 4:28:35 PM UTC+2, Boris Zbarsky wrote: On 6/6/14, 10:00 AM, Matthew Gertner wrote: It's by design: when you ask for a window and we haven't actually created one yet (because this is a new subframe that's doing its initial load, say), we have to go ahead and create

Re: DOMWindowCreated not fired for some frames

On Friday, June 6, 2014 6:33:27 PM UTC+2, Boris Zbarsky wrote: The about:blank document is quite real, sadly... I'm not seeing anything obvious that gets fired when we reuse an inner for a new document. At least nothing obvious in the window code. From what I'm seeing, the document object

Re: DOMWindowCreated not fired for some frames

On Friday, June 6, 2014 6:49:55 PM UTC+2, Boris Zbarsky wrote: That shouldn't be an issue. The cycle collector should handle it. Just make sure you don't have a reference to that event handler on any long-lived chrome objects. OK well I'm using beforescriptexecute and hopefully it should

Overriding the CSP for privileged protocols

Our extension injects styles into webpages via a protocol defined using our own protocol handler using link rel=stylesheet. We have our own nsIContentPolicy which we use to enforce which resources from this protocol can be injected into content pages. The problem is that on sites the enforce

Intent to implement: New HTMLInputElement.autocomplete values

Summary: I am implementing support for @autocomplete values other than off/on for HTMLInputElement.autocomplete. This allows web developers to indicate how UAs should autocomplete/auto-fill values in the fields (if they choose to do so) so they don't have to use heuristics to guess what data

Re: Proposal: New BMO Toolkit component for Notifications and Alerts

and Alertsproduct=Toolkitbug_status=__open__ A reminder to watch the component and/or update saved searches if that's relevant to you. Happy bug filing/triaging! Matthew N. :MattN ___ dev-platform mailing list dev-platform@lists.mozilla.org https

Proposal: New BMO Toolkit component for Notifications and Alerts

while bugs for (iii) are currently filed in Toolkit::XUL Widgets. I propose the component be named Notifications and Alerts in the Toolkit product with the description Popup/doorhanger notifications, notification bars, and alerts. Thoughts? Matthew N. :MattN

Re: Proposed changes to autocomplete administrative levels

On 5/15/14, 8:21 AM, Ehsan Akhgari wrote: On 2014-05-15, 5:29 AM, Anne van Kesteren wrote: On Wed, May 14, 2014 at 1:52 AM, Brian Nicholson bnichol...@mozilla.com wrote: If we disagree with this proposal: What alternatives do we have? Given that countries require more than two

Intent to implement: Media Source Extensions

Summary: This specification extends HTMLMediaElement to allow JavaScript to generate media streams for playback. Allowing JavaScript to generate streams facilitates a variety of use cases like adaptive streaming and time shifting live streams. Bug: mediasource (778617)

Re: DOMWindowCreated not fired for some frames

On Tuesday, March 25, 2014 7:34:27 PM UTC+1, Boris Zbarsky wrote: Is the url about:blank when the window is created, perhaps? It's hard to say without knowing exactly what you're logging/measuring. Well I tried attaching a readyStateChange listener to every window so I could see if the real

DOMWindowCreated not fired for some frames

I registered a DOMWindowCreated listener for a tabbrowser in a standard browser.xul window. When I open www.khanacademy.org/login inside a tab, there is a frame in the page with the URL www.khanacademy.org/login?form=1. The listener seems to be fired for all other frames (including all other

Re: Toolkit sub-module Preferred Reviewers who are not Toolkit Peers

Thanks for clarifying. Myself, Jared Wein, and Paolo Amadini (Download Manager Owner) seem to be missing from the Toolkit peer list then. Thanks, Matthew On 1/19/14, 8:47 PM, Dave Townsend wrote: Everyone who is a preferred reviewer should be a peer, if they aren't it's likely because I

Toolkit sub-module Preferred Reviewers who are not Toolkit Peers

Hello, What does it mean to be a Preferred Reviewer (previously called a peer) in a Toolkit sub-module[1] and not be on the list of Toolkit Peers[2]? The Toolkit Code Review page[3] doesn't seem to cover this case. Specifically: 1) Can a Preferred Reviewer review code in the related

Re: [RFC] Cleaning up sessionstore.js

storage. To be clear, is that just referring to window.sessionStorage? Cheers, Matthew N. [:MattN] ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Removing a window from the session store

handling of private tabs. SessionStore doesn't handle them yet, but I can prioritize this. Would this be sufficient for your needs? Cheers, David On 10/25/13 9:11 AM, Matthew Gertner wrote: Can you suggest some other means to do what we need? I don't want to make anyone's life harder but I

Re: Removing a window from the session store

On Oct 25, 2013, at 12:34 PM, Tim Taubert ttaub...@mozilla.com wrote: Private tabs will be automatically excluded when bug 899276 has landed. I don't know off-hand if setting a tab to private works even if the tab has been around for some time but I think that might be possible. I guess this

Re: Removing a window from the session store

On Wednesday, October 23, 2013 2:36:12 PM UTC+2, David Rajchenbach-Teller wrote: At the moment, there is no good way to do what you need. The only solution I can think of would be to configure your popup to be in private browsing mode. Would that work for you? That might be a good solution.

Overriding content window methods with chrome functions

I'm loading a page into a browser type=content but I want the close() method to call a function defined in chrome. I tried the obvious: window.wrappedJSObject.close() = function() { ... }; However, the old close() method is still called (as far as I can tell). I guess I'm being thwarted by

Re: Overriding content window methods with chrome functions

On Monday, October 21, 2013 4:40:08 PM UTC+2, Gijs Kruitbosch wrote: Uh, I hope you meant: window.wrappedJSObject.close = function() { ... }; (ie, no braces after close[()]) Sorry, yes of course. I typed that quickly but obviously the real code doesn't have parentheses after the function

Re: Overriding content window methods with chrome functions

On Monday, October 21, 2013 5:45:44 PM UTC+2, Neil wrote: Well, you could turn of that error; it's just a pref. Of course you would then decide whether to trap all the other DOMWindowClosing events to stop other random scripts from closing windows. Alternatively, you could maybe looking

Re: Killing the Moz Audio Data API

At 2013-10-16T17:09:50-0400, Ehsan Akhgari wrote: I'd like to write a patch to kill Moz Audio Data in Firefox 28 in favor of Web Audio. We added a deprecation warning for this API in Firefox 23 (bug 855570). I'm not sure what our usual process for this kind of thing is, should we just take

Re: Solving cross-origin script problem (permission denied) when using custom protocol handler

On Friday, October 11, 2013 12:53:27 PM UTC+2, Bobby Holley wrote: On Fri, Oct 11, 2013 at 10:24 AM, Matthew Gertner What I can't seem to figure out is how to make it so that content can add new properties to a COW (as opposed to modifying existing properties). Totally different question

Re: Solving cross-origin script problem (permission denied) when using custom protocol handler

On Thursday, October 10, 2013 7:23:44 PM UTC+2, Boris Zbarsky wrote: Seems unlikely. Indeed, I completely misdiagnosed the issue. Upon further investigation it turns out that the external script is trying to set a property on a chrome object and that __exposedProps__ does not allow this. So

Solving cross-origin script problem (permission denied) when using custom protocol handler

I have a page in my extension loaded from my own protocol handler. This page loads script both from the local disk (using the same protocol handler) and remote script loaded via HTTPS. When I try to access properties on objects instantiated in the remote script from my local script, I get

Re: Solving cross-origin script problem (permission denied) when using custom protocol handler

On Thursday, October 10, 2013 6:58:24 PM UTC+2, Boris Zbarsky wrote: That's ... quite odd. Scripts loaded via a script tag get the principal of the page that loaded them. Is this how you're loading your scripts? Yes. Not sure if it's relevant but the remote script (and some of the local

Re: Deferred display of XUL panel containing embedded iframe

On Friday, May 17, 2013 12:20:13 AM UTC+2, Neil wrote: display: none; destroys the nsIFrame object (in this case an nsMenuPopupFrame), thus closing the panel. Is there another way to make the panel invisible without destroying the nsIFrame? I can't see how to open the popup after the content

Re: Deferred display of XUL panel containing embedded iframe

On Friday, May 17, 2013 10:40:12 AM UTC+2, Matthew Gertner wrote: Is there another way to make the panel invisible without destroying the nsIFrame? For the record two people emailed me separately to suggest panel.style.visibility = 'hidden'. This works fine. The only caveat is that I still

Re: Deferred display of XUL panel containing embedded iframe

On Thursday, May 16, 2013 7:20:33 PM UTC+2, Gavin Sharp wrote: Can't you just avoid calling openPopup until the page is loaded, and avoid messing with the panel's hidden state completely? I tried that but it seemed like the iframe didn't have a docShell until after the popup is shown so I

Re: Error on startup when registering content policy from bootstrapped extension

On Sunday, May 12, 2013 12:25:59 AM UTC+2, Neil wrote: But the original error was that the webNavigation was null... so what's loading the about:blank in the first place? about:blank is being loaded because the browser is starting up and restoring the old session. As I understand it, the

Re: Error on startup when registering content policy from bootstrapped extension

On Friday, May 10, 2013 6:15:59 PM UTC+2, Boris Zbarsky wrote: Is your policy being called with the subject set to the browser? Just before the error occurs, the policy is called with aRequestOrigin set to chrome://browser/content/browser.xul and aContentLocation set to about:blank. I just

Re: Error on startup when registering content policy from bootstrapped extension

On Saturday, May 11, 2013 11:29:58 AM UTC+2, Matthew Gertner wrote: Just before the error occurs, the policy is called with aRequestOrigin set to chrome://browser/content/browser.xul and aContentLocation set to about:blank. I just don't understand why the existence of the policy causes

Re: Error on startup when registering content policy from bootstrapped extension

On Saturday, May 11, 2013 7:37:00 PM UTC+2, Gavin Sharp wrote: I believe bz's theory is that the browser's binding was being force-applied because the browser was being wrapped to be passed to your JS-implemented content policy (as aContext). XBL bindings are force-applied when an element in a

Re: Error on startup when registering content policy from bootstrapped extension

https://bugzilla.mozilla.org/show_bug.cgi?id=871176 ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform

Re: Stylesheet loaded from privileged channel does not trigger content policy for subresources

On Thursday, May 2, 2013 1:40:37 AM UTC+1, Boris Zbarsky wrote: Yes. Content policy checks are skipped when the loader has system principal. Thanks. Seems like I need to be more selective about when to give the channel the system principal. ___

Stylesheet loaded from privileged channel does not trigger content policy for subresources

My extension is injecting markup and script into content pages from a protocol implemented by my own handler (nsIProtocolHandler). Because in some cases I need script loaded via this protocol handler to have chrome privileges, I am setting the channel owner to the system principal in

Re: Removing expando properties from window wrapper when freeing sandbox

On Wednesday, April 17, 2013 3:57:58 PM UTC+2, Bobby Holley wrote: When you want the sandbox to die, you can do |Components.utils.nukeSandbox(sandbox)|, and it'll go away. Simple as that. :-) I've been using this, and it indeed nukes the sandbox even if there are backreferences from expando

Re: Removing expando properties from window wrapper when freeing sandbox

Boris - sorry, these are event listeners. Bobby - that would rock. I'm removing the event listeners manually but this requires some hardcoded dependencies to jQuery that I'd love to get rid of. ___ dev-platform mailing list

Removing expando properties from window wrapper when freeing sandbox

I'm using Cu.evalInSandbox in a bootstrapped extension to run code in an isolated environment using a content window as the sandbox prototype. When the code adds expando properties to the window (e.g. jQuery), the sandbox predictably leaks when the extension is disabled. I assume that the

Re: Removing expando properties from window wrapper when freeing sandbox

On Wednesday, April 17, 2013 3:57:58 PM UTC+2, Bobby Holley wrote: When you want the sandbox to die, you can do |Components.utils.nukeSandbox(sandbox)|, and it'll go away. Simple as that. :-) Awesome, exactly what I was looking for! I'm not sure how I missed that (would be good to reference

Re: Loading data into browser with type == chrome

On Tuesday, February 26, 2013 3:46:35 PM UTC+1, Boris Zbarsky wrote: I thought you were implementing a custom protocol handler? If you are, then you can just use whatever channel you want. If you're not, of course, messing with the channel won't help anything. I am, but that wouldn't help

Re: Loading data into browser with type == chrome

On Monday, February 25, 2013 8:40:45 PM UTC+1, Boris Zbarsky wrote: On 2/25/13 1:46 PM, matt...@salsitasoft.com wrote: So are you suggesting that I create the chrome:// URI channel myself and load from it after changing the originalURI? Yes, I think so. I couldn't see a way to load the

Re: Accessing @mozilla.org/xmlextras/xmlhttprequest;1 from content

On Monday, February 25, 2013 4:27:24 AM UTC+1, Boris Zbarsky wrote: I guess the reason I'm suddenly having this problem is https://bugzilla.mozilla.org/show_bug.cgi?id=809652 Seems pretty unlikely. Yes, I misanalyzed this. It appears that the root cause of the problem was that my content

Re: Accessing @mozilla.org/xmlextras/xmlhttprequest;1 from content

On Monday, February 25, 2013 4:27:24 AM UTC+1, Boris Zbarsky wrote: The DOM returned by responseXML is associated with the origin the XHR was initialized with. As far as how you set this origin, it used to be that you could do this directly from a component, but now it looks like we always

Re: Loading data into browser with type == chrome

On Monday, February 25, 2013 6:58:44 PM UTC+1, Boris Zbarsky wrote: Depending on what you're doing, you could just be seeing the about:blank inner window reused. Specifically, I need to be able to inject properties into the window before any script is run. When I load with a chrome:// URL,

Re: Accessing @mozilla.org/xmlextras/xmlhttprequest;1 from content

On Sunday, February 24, 2013 4:27:16 AM UTC+1, Brian Smith wrote: I notice that your company has developed a cross-browser framework for building extensions. That means you are probably familiar with Chromium's requirements here. I believe that Chromium requires you to do things the same

Re: Accessing @mozilla.org/xmlextras/xmlhttprequest;1 from content

On Friday, February 22, 2013 4:28:08 PM UTC+1, Kyle Huey wrote: You should look at SpecialPowersAPI.createSystemXHR. It's what we use in our test suite to do this. Hi Kyle, Thanks for this. I need to replace the XMLHttpRequest constructor with my own constructor, so I can't call

Accessing @mozilla.org/xmlextras/xmlhttprequest;1 from content

I have an extension that loads an HTML file into a hidden browser and runs script in the context of the hidden browser window. That script needs to be able to make crossdomain XHR requests to chrome:// and resource:// URLs that are apparently now blocked in Firefox 19 (they weren't blocked in

Re: Object prototypes and the content/chrome barrier

Obviously I meant: scriptLoader.loadSubScript(spec, context); (I also meant its prototype not it's prototype. :-) On Aug 7, 2012, at 3:51 PM, Matthew Gertner wrote: I am using the content-document-global-created observer topic to add a function to content windows when they are created

Registering XPTs in a bootstrapped extension

I guess the interfaces directive is not support in the chrome.manifest of bootstrapped extensions. We're using nsIComponentRegistrar.registerFactory to register XPCOM components, but we also need to register some additional XPCOM interfaces. I spent some time looking into this but I couldn't