Brad Lassey wrote on 03.07.2015 02:14:
Seems like the right thing to do is to ship with whatever the current
override list is at the build time and then update it dynamically.
That's a sane path anyway.
But the other parts - fetch, verify, cache last known working one on
disk - are still necessarily. Esp. the verify step is critically
important for security and reliability.
http://mxr.mozilla.org/mozilla-central/source/netwerk/protocol/http/UserAgentOverrides.jsm#54
I looked at the code, but couldn't read it. I did not find:
* where in the code the server fetch happens
* documentation about the file format that comes from the server
* where in the code the server response is security-checked and
sanity-checked and verified.
For example, for the phishing filter sanity check, we checked that
https://www.google.com and http://google.com are still reachable.
For the security check, threw in some checks against buffer overflows,
then applied the standard URL checkers (nsIURL and friends), and on top
also checked that the scheme is not javascript: or data: or something.
_______________________________________________
mobile-firefox-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/mobile-firefox-dev
