Page info window's security section broken

joydivision47 · Unread post by **joydivision47** » 2023-12-30, 01:53

Whenever I try to visit more information while clicking on the green lock icon in the URL, the security tab does not show anything, and none of the buttons in the section work (For example I cannot delete a site's cookies as nothing happens.)
I am on Basilisk 2023.12.09 (64-bit)

adoxa · Unread post by **adoxa** » 2023-12-30, 05:35

Works for me (same browser, and OS by the looks).

joydivision47 · Unread post by **joydivision47** » 2023-12-30, 06:40

adoxa wrote: ↑
2023-12-30, 05:35
Works for me (same browser, and OS by the looks).

Odd, I restarted basilisk in safe mode as well and the issue was still there, I remember it used to work.

joydivision47 · Unread post by **joydivision47** » 2023-12-30, 07:44

Im really sorry for not mentioning this in my first post as well but I have also created a fresh profile, this didn't fix it.

My Add-ons · Unread post by **FranklinDM** » 2023-12-30, 09:34

Confirmed. This is likely related to plug-ins - do you have Flash Player installed?

Code: Select all

NS_ERROR_NOT_AVAILABLE: Component returned failure code: 0x80040111 (NS_ERROR_NOT_AVAILABLE) [nsIPluginHost.getPermissionStringForType]  
permissions.js:226

Code: Select all

function initPluginsRow() {
  let vulnerableLabel = document.getElementById("browserBundle").getString("pluginActivateVulnerable.label");
  let pluginHost = Components.classes["@mozilla.org/plugin/host;1"].getService(Components.interfaces.nsIPluginHost);

  let permissionMap = new Map();

  for (let plugin of pluginHost.getPluginTags()) {
    if (plugin.disabled) {
      continue;
    }
    for (let mimeType of plugin.getMimeTypes()) {
      let permString = pluginHost.getPermissionStringForType(mimeType); // emphasis mine: offending line.
      if (!permissionMap.has(permString)) {
        let name = BrowserUtils.makeNicePluginName(plugin.name);
        if (permString.startsWith("plugin-vulnerable:")) {
          name += " \u2014 " + vulnerableLabel;
        }
        permissionMap.set(permString, name);
      }
    }
  }

joydivision47 · Unread post by **joydivision47** » 2023-12-30, 09:41

FranklinDM wrote: ↑

2023-12-30, 09:34

Confirmed. This is likely related to plug-ins - do you have Flash Player installed?

Code: Select all

NS_ERROR_NOT_AVAILABLE: Component returned failure code: 0x80040111 (NS_ERROR_NOT_AVAILABLE) [nsIPluginHost.getPermissionStringForType]  
permissions.js:226

Code: Select all

function initPluginsRow() {
  let vulnerableLabel = document.getElementById("browserBundle").getString("pluginActivateVulnerable.label");
  let pluginHost = Components.classes["@mozilla.org/plugin/host;1"].getService(Components.interfaces.nsIPluginHost);

  let permissionMap = new Map();

  for (let plugin of pluginHost.getPluginTags()) {
    if (plugin.disabled) {
      continue;
    }
    for (let mimeType of plugin.getMimeTypes()) {
      let permString = pluginHost.getPermissionStringForType(mimeType); // emphasis mine: offending line.
      if (!permissionMap.has(permString)) {
        let name = BrowserUtils.makeNicePluginName(plugin.name);
        if (permString.startsWith("plugin-vulnerable:")) {
          name += " \u2014 " + vulnerableLabel;
        }
        permissionMap.set(permString, name);
      }
    }
  }

Not Flash player, but it was an NPAPI plugin. I figured out it was the Java(TM) Platform SE 8 U391 plugin that got installed after I installed Java 8 JRE from Oracle. Disabling the plugin fixes the security tab.

Unread post by **Moonchild** » 2023-12-30, 09:55

I think this may be an issue in the actual front-end script in Basilisk though. the moment any plugin is installed and it tries to get info on the permissions assigned to them (for one of the displayed categories) it fails and breaks the entire dialog due to aborted js.

My Add-ons · Unread post by **FranklinDM** » 2024-02-01, 08:30

This started happening to me as well after updating from an obsolete installation of JDK 8. It seems like someone at Oracle likely messed up the list of MIME types returned by the Java NPAPI plug-in (which oddly enough, is still receiving updates) and included a trailing empty MIME type entry in the list that previously wasn't there in older versions of the plug-in. getPermissionStringForType throws an exception if it receives an empty string for the MIME type, which causes the permissions section (both about:permissions and Page Info) to break.

Will be sending a PR for Pale Moon's FE (Issue #1956), I'm assuming a similar change will have to be done for Basilisk.

Unread post by **Basilisk-Dev** » 2024-02-03, 19:57

FranklinDM wrote: ↑
2024-02-01, 08:30
Will be sending a PR for Pale Moon's FE (Issue #1956), I'm assuming a similar change will have to be done for Basilisk.

I merged in the parts of your Pale Moon PR that should be applicable to Basilisk. This should be resolved.

Pale Moon forum

Page info window's security section broken Topic is solved

Page info window's security section broken

Re: Page info window's security section broken

Re: Page info window's security section broken

Re: Page info window's security section broken

Re: Page info window's security section broken

Re: Page info window's security section broken

Re: Page info window's security section broken

Re: Page info window's security section broken

Re: Page info window's security section broken