Bug 1331769 - Properly check whether new origin permissions are a subset of old origin permissions. r?aswan
This prevents prompts occuring in cases where the new permissions are more
specific but still covered by the old permissions.
e.g.:
["<all_urls>"] -> ["<all_urls>", "*://*.example.com"]
["*://*.example.com"] -> ["http://subdomain.example.com"]
MozReview-Commit-ID: B685pJ6kTNa
--- a/toolkit/components/extensions/Extension.jsm
+++ b/toolkit/components/extensions/Extension.jsm
@@ -482,23 +482,19 @@ this.ExtensionData = class {
result.permissions = [...this.permissions]
.filter(p => !result.origins.includes(p) && !EXP_PATTERN.test(p));
return result;
}
// Compute the difference between two sets of permissions, suitable
// for presenting to the user.
static comparePermissions(oldPermissions, newPermissions) {
- // See bug 1331769: should we do something more complicated to
- // compare host permissions?
- // e.g., if we go from <all_urls> to a specific host or from
- // a *.domain.com to specific-host.domain.com that's actually a
- // drop in permissions but the simple test below will cause a prompt.
+ let oldMatcher = new MatchPatternSet(oldPermissions.origins);
return {
- origins: newPermissions.origins.filter(perm => !oldPermissions.origins.includes(perm)),
+ origins: newPermissions.origins.filter(perm => !oldMatcher.subsumes(new MatchPattern(perm))),
permissions: newPermissions.permissions.filter(perm => !oldPermissions.permissions.includes(perm)),
};
}
async parseManifest() {
let [manifest] = await Promise.all([
this.readJSON("manifest.json"),
Management.lazyInit(),