From b8ccd3b59c13a246cc21967ff3d69f767d29c85c Mon Sep 17 00:00:00 2001 From: Manish Goregaokar Date: Thu, 31 Jul 2014 22:05:00 -0400 Subject: [PATCH] Bug 1015314 - Reduce self-xss prevention threshhold to 5. r=jwalker --- browser/app/profile/firefox.js | 2 +- .../test/browser_webconsole_autocomplete_and_selfxss.js | 4 ++-- toolkit/devtools/webconsole/utils.js | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js index 8ddf69e6b01..d82b4f1e1e0 100644 --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js @@ -1455,7 +1455,7 @@ pref("devtools.browserconsole.filter.secwarn", true); pref("devtools.webconsole.fontSize", 0); // Number of usages of the web console or scratchpad. -// If this is less than 10, then pasting code into the web console or scratchpad is disabled +// If this is less than 5, then pasting code into the web console or scratchpad is disabled pref("devtools.selfxss.count", 0); // Persistent logging: |true| if you want the Web Console to keep all of the diff --git a/browser/devtools/webconsole/test/browser_webconsole_autocomplete_and_selfxss.js b/browser/devtools/webconsole/test/browser_webconsole_autocomplete_and_selfxss.js index d6f2b33de35..4a269975102 100644 --- a/browser/devtools/webconsole/test/browser_webconsole_autocomplete_and_selfxss.js +++ b/browser/devtools/webconsole/test/browser_webconsole_autocomplete_and_selfxss.js @@ -52,11 +52,11 @@ function consoleOpened(HUD) { WebConsoleUtils.usageCount = 0; is(WebConsoleUtils.usageCount, 0, "Test for usage count getter") // Input some commands to check if usage counting is working - for(let i = 0; i <= 5; i++){ + for(let i = 0; i <= 3; i++){ jsterm.setInputValue(i); jsterm.execute(); } - is(WebConsoleUtils.usageCount, 6, "Usage count incremented") + is(WebConsoleUtils.usageCount, 4, "Usage count incremented") WebConsoleUtils.usageCount = 0; updateEditUIVisibility(); diff --git a/toolkit/devtools/webconsole/utils.js b/toolkit/devtools/webconsole/utils.js index d32848f486a..0074c275980 100644 --- a/toolkit/devtools/webconsole/utils.js +++ b/toolkit/devtools/webconsole/utils.js @@ -32,7 +32,7 @@ const REGEX_MATCH_FUNCTION_NAME = /^\(?function\s+([^(\s]+)\s*\(/; const REGEX_MATCH_FUNCTION_ARGS = /^\(?function\s*[^\s(]*\s*\((.+?)\)/; // Number of terminal entries for the self-xss prevention to go away -const CONSOLE_ENTRY_THRESHOLD = 10 +const CONSOLE_ENTRY_THRESHOLD = 5 let WebConsoleUtils = { /** * Convenience function to unwrap a wrapped object.