diff options
Diffstat (limited to 'dom/plugins')
-rw-r--r-- | dom/plugins/base/PluginPRLibrary.cpp | 6 | ||||
-rw-r--r-- | dom/plugins/base/PluginPRLibrary.h | 2 | ||||
-rw-r--r-- | dom/plugins/base/nsNPAPIPlugin.cpp | 1 | ||||
-rw-r--r-- | dom/plugins/base/nsPluginInstanceOwner.cpp | 28 | ||||
-rw-r--r-- | dom/plugins/base/nsPluginStreamListenerPeer.cpp | 18 | ||||
-rw-r--r-- | dom/plugins/base/nsPluginTags.cpp | 25 | ||||
-rw-r--r-- | dom/plugins/base/nsPluginTags.h | 1 | ||||
-rw-r--r-- | dom/plugins/ipc/PPluginModule.ipdl | 15 | ||||
-rw-r--r-- | dom/plugins/ipc/PluginLibrary.h | 2 | ||||
-rw-r--r-- | dom/plugins/ipc/PluginModuleChild.cpp | 68 | ||||
-rw-r--r-- | dom/plugins/ipc/PluginModuleChild.h | 19 | ||||
-rwxr-xr-x | dom/plugins/ipc/PluginModuleParent.cpp | 202 | ||||
-rw-r--r-- | dom/plugins/ipc/PluginModuleParent.h | 50 | ||||
-rw-r--r-- | dom/plugins/ipc/PluginProcessChild.cpp | 10 | ||||
-rw-r--r-- | dom/plugins/ipc/PluginProcessParent.cpp | 85 | ||||
-rw-r--r-- | dom/plugins/ipc/moz.build | 6 | ||||
-rw-r--r-- | dom/plugins/test/mochitest/test_bug813906.html | 22 | ||||
-rw-r--r-- | dom/plugins/test/mochitest/test_pluginstream_err.html | 8 | ||||
-rw-r--r-- | dom/plugins/test/unit/xpcshell.ini | 1 |
19 files changed, 57 insertions, 512 deletions
diff --git a/dom/plugins/base/PluginPRLibrary.cpp b/dom/plugins/base/PluginPRLibrary.cpp index a7ad76ea4..ecc55d455 100644 --- a/dom/plugins/base/PluginPRLibrary.cpp +++ b/dom/plugins/base/PluginPRLibrary.cpp @@ -57,12 +57,6 @@ PluginPRLibrary::NP_Initialize(NPNetscapeFuncs* bFuncs, mNPP_GetSitesWithData = pFuncs->getsiteswithdata; return NS_OK; } -#elif defined(MOZ_WIDGET_GONK) -nsresult -PluginPRLibrary::NP_Initialize(NPNetscapeFuncs* bFuncs, NPError* error) -{ - return NS_OK; -} #elif defined(XP_UNIX) && !defined(XP_MACOSX) nsresult PluginPRLibrary::NP_Initialize(NPNetscapeFuncs* bFuncs, diff --git a/dom/plugins/base/PluginPRLibrary.h b/dom/plugins/base/PluginPRLibrary.h index 602ad8cf8..ffd3de934 100644 --- a/dom/plugins/base/PluginPRLibrary.h +++ b/dom/plugins/base/PluginPRLibrary.h @@ -81,7 +81,7 @@ public: return true; } -#if defined(XP_UNIX) && !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) +#if defined(XP_UNIX) && !defined(XP_MACOSX) virtual nsresult NP_Initialize(NPNetscapeFuncs* aNetscapeFuncs, NPPluginFuncs* aFuncs, NPError* aError) override; #else diff --git a/dom/plugins/base/nsNPAPIPlugin.cpp b/dom/plugins/base/nsNPAPIPlugin.cpp index 1bea269cd..697bfacd4 100644 --- a/dom/plugins/base/nsNPAPIPlugin.cpp +++ b/dom/plugins/base/nsNPAPIPlugin.cpp @@ -320,7 +320,6 @@ nsNPAPIPlugin::CreatePlugin(nsPluginTag *aPluginTag, nsNPAPIPlugin** aResult) if (rv != NS_OK || pluginCallError != NPERR_NO_ERROR) { return NS_ERROR_FAILURE; } -#elif defined(MOZ_WIDGET_GONK) #else NPError pluginCallError; nsresult rv = pluginLib->NP_Initialize(&sBrowserFuncs, &plugin->mPluginFuncs, &pluginCallError); diff --git a/dom/plugins/base/nsPluginInstanceOwner.cpp b/dom/plugins/base/nsPluginInstanceOwner.cpp index b7651be1a..d5b1eb9ea 100644 --- a/dom/plugins/base/nsPluginInstanceOwner.cpp +++ b/dom/plugins/base/nsPluginInstanceOwner.cpp @@ -535,16 +535,6 @@ NS_IMETHODIMP nsPluginInstanceOwner::GetURL(const char *aURL, nsresult rv = NS_NewURI(getter_AddRefs(uri), aURL, baseURI); NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE); - if (aDoCheckLoadURIChecks) { - nsCOMPtr<nsIScriptSecurityManager> secMan( - do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv)); - NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE); - - rv = secMan->CheckLoadURIWithPrincipal(content->NodePrincipal(), uri, - nsIScriptSecurityManager::STANDARD); - NS_ENSURE_SUCCESS(rv, rv); - } - nsCOMPtr<nsIInputStream> headersDataStream; if (aPostStream && aHeadersData) { if (!aHeadersDataLen) @@ -563,8 +553,21 @@ NS_IMETHODIMP nsPluginInstanceOwner::GetURL(const char *aURL, Preferences::GetInt("privacy.popups.disable_from_plugins"); nsAutoPopupStatePusher popupStatePusher((PopupControlState)blockPopups); + + // if security checks (in particular CheckLoadURIWithPrincipal) needs + // to be skipped we are creating a codebasePrincipal to make sure + // that security check succeeds. Please note that we do not want to + // fall back to using the systemPrincipal, because that would also + // bypass ContentPolicy checks which should still be enforced. + nsCOMPtr<nsIPrincipal> triggeringPrincipal; + if (!aDoCheckLoadURIChecks) { + mozilla::PrincipalOriginAttributes attrs = + BasePrincipal::Cast(content->NodePrincipal())->OriginAttributesRef(); + triggeringPrincipal = BasePrincipal::CreateCodebasePrincipal(uri, attrs); + } + rv = lh->OnLinkClick(content, uri, unitarget.get(), NullString(), - aPostStream, headersDataStream, true); + aPostStream, headersDataStream, true, triggeringPrincipal); return rv; } @@ -2532,6 +2535,7 @@ nsEventStatus nsPluginInstanceOwner::ProcessEvent(const WidgetGUIEvent& anEvent) NS_ASSERTION(anEvent.mMessage == eMouseDown || anEvent.mMessage == eMouseUp || anEvent.mMessage == eMouseDoubleClick || + anEvent.mMessage == eMouseAuxClick || anEvent.mMessage == eMouseOver || anEvent.mMessage == eMouseOut || anEvent.mMessage == eMouseMove || @@ -2594,6 +2598,7 @@ nsEventStatus nsPluginInstanceOwner::ProcessEvent(const WidgetGUIEvent& anEvent) switch (anEvent.mMessage) { case eMouseClick: case eMouseDoubleClick: + case eMouseAuxClick: // Button up/down events sent instead. return rv; default: @@ -2797,6 +2802,7 @@ nsEventStatus nsPluginInstanceOwner::ProcessEvent(const WidgetGUIEvent& anEvent) switch (anEvent.mMessage) { case eMouseClick: case eMouseDoubleClick: + case eMouseAuxClick: // Button up/down events sent instead. return rv; default: diff --git a/dom/plugins/base/nsPluginStreamListenerPeer.cpp b/dom/plugins/base/nsPluginStreamListenerPeer.cpp index 26e0318e3..665e11ec1 100644 --- a/dom/plugins/base/nsPluginStreamListenerPeer.cpp +++ b/dom/plugins/base/nsPluginStreamListenerPeer.cpp @@ -1381,15 +1381,6 @@ nsPluginStreamListenerPeer::AsyncOnChannelRedirect(nsIChannel *oldChannel, nsICh return NS_ERROR_FAILURE; } - nsCOMPtr<nsIAsyncVerifyRedirectCallback> proxyCallback = - new ChannelRedirectProxyCallback(this, callback, oldChannel, newChannel); - - // Give NPAPI a chance to control redirects. - bool notificationHandled = mPStreamListener->HandleRedirectNotification(oldChannel, newChannel, proxyCallback); - if (notificationHandled) { - return NS_OK; - } - // Don't allow cross-origin 307 POST redirects. nsCOMPtr<nsIHttpChannel> oldHttpChannel(do_QueryInterface(oldChannel)); if (oldHttpChannel) { @@ -1413,6 +1404,15 @@ nsPluginStreamListenerPeer::AsyncOnChannelRedirect(nsIChannel *oldChannel, nsICh } } + nsCOMPtr<nsIAsyncVerifyRedirectCallback> proxyCallback = + new ChannelRedirectProxyCallback(this, callback, oldChannel, newChannel); + + // Give NPAPI a chance to control redirects. + bool notificationHandled = mPStreamListener->HandleRedirectNotification(oldChannel, newChannel, proxyCallback); + if (notificationHandled) { + return NS_OK; + } + // Fall back to channel event sink for window. nsCOMPtr<nsIChannelEventSink> channelEventSink; nsresult rv = GetInterfaceGlobal(NS_GET_IID(nsIChannelEventSink), getter_AddRefs(channelEventSink)); diff --git a/dom/plugins/base/nsPluginTags.cpp b/dom/plugins/base/nsPluginTags.cpp index ddc3968fd..a794c416c 100644 --- a/dom/plugins/base/nsPluginTags.cpp +++ b/dom/plugins/base/nsPluginTags.cpp @@ -248,7 +248,6 @@ nsPluginTag::nsPluginTag(nsPluginInfo* aPluginInfo, aPluginInfo->fMimeDescriptionArray, aPluginInfo->fExtensionArray, aPluginInfo->fVariantCount); - InitSandboxLevel(); EnsureMembersAreUTF8(); FixupVersion(); } @@ -283,7 +282,6 @@ nsPluginTag::nsPluginTag(const char* aName, { InitMime(aMimeTypes, aMimeDescriptions, aExtensions, static_cast<uint32_t>(aVariants)); - InitSandboxLevel(); if (!aArgsAreUTF8) EnsureMembersAreUTF8(); FixupVersion(); @@ -424,29 +422,6 @@ void nsPluginTag::InitMime(const char* const* aMimeTypes, } } -void -nsPluginTag::InitSandboxLevel() -{ -#if defined(XP_WIN) && defined(MOZ_SANDBOX) - nsAutoCString sandboxPref("dom.ipc.plugins.sandbox-level."); - sandboxPref.Append(GetNiceFileName()); - if (NS_FAILED(Preferences::GetInt(sandboxPref.get(), &mSandboxLevel))) { - mSandboxLevel = Preferences::GetInt("dom.ipc.plugins.sandbox-level.default" -); - } - -#if defined(_AMD64_) - // As level 2 is now the default NPAPI sandbox level for 64-bit flash, we - // don't want to allow a lower setting unless this environment variable is - // set. This should be changed if the firefox.js pref file is changed. - if (mIsFlashPlugin && - !PR_GetEnv("MOZ_ALLOW_WEAKER_SANDBOX") && mSandboxLevel < 2) { - mSandboxLevel = 2; - } -#endif -#endif -} - #if !defined(XP_WIN) && !defined(XP_MACOSX) static nsresult ConvertToUTF8(nsIUnicodeDecoder *aUnicodeDecoder, nsAFlatCString& aString) diff --git a/dom/plugins/base/nsPluginTags.h b/dom/plugins/base/nsPluginTags.h index f1f03169b..9686d7e7a 100644 --- a/dom/plugins/base/nsPluginTags.h +++ b/dom/plugins/base/nsPluginTags.h @@ -190,7 +190,6 @@ private: const char* const* aMimeDescriptions, const char* const* aExtensions, uint32_t aVariantCount); - void InitSandboxLevel(); nsresult EnsureMembersAreUTF8(); void FixupVersion(); diff --git a/dom/plugins/ipc/PPluginModule.ipdl b/dom/plugins/ipc/PPluginModule.ipdl index ecde41b63..6797b49a7 100644 --- a/dom/plugins/ipc/PPluginModule.ipdl +++ b/dom/plugins/ipc/PPluginModule.ipdl @@ -5,7 +5,6 @@ include protocol PPluginInstance; include protocol PPluginScriptableObject; -include protocol PCrashReporter; include protocol PContent; include ProfilerTypes; @@ -39,7 +38,6 @@ intr protocol PPluginModule bridges PContent, PPluginModule; manages PPluginInstance; - manages PCrashReporter; both: // Window-specific message which instructs the interrupt mechanism to enter @@ -94,17 +92,6 @@ child: async SetParentHangTimeout(uint32_t seconds); - intr PCrashReporter() - returns (NativeThreadId tid, uint32_t processType); - - /** - * Control the Gecko Profiler in the plugin process. - */ - async StartProfiler(ProfilerInitParams params); - async StopProfiler(); - - async GatherProfile(); - async SettingChanged(PluginSettings settings); async NPP_SetValue_NPNVaudioDeviceChangeDetails(NPAudioDeviceChangeDetailsIPC changeDetails); @@ -153,8 +140,6 @@ parent: // down the plugin process in response. async NotifyContentModuleDestroyed(); - async Profile(nsCString aProfile); - // Answers to request about site data async ReturnClearSiteData(NPError aRv, uint64_t aCallbackId); diff --git a/dom/plugins/ipc/PluginLibrary.h b/dom/plugins/ipc/PluginLibrary.h index c9499ee0d..2f9a3f81b 100644 --- a/dom/plugins/ipc/PluginLibrary.h +++ b/dom/plugins/ipc/PluginLibrary.h @@ -57,7 +57,7 @@ public: virtual bool HasRequiredFunctions() = 0; -#if defined(XP_UNIX) && !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) +#if defined(XP_UNIX) && !defined(XP_MACOSX) virtual nsresult NP_Initialize(NPNetscapeFuncs* bFuncs, NPPluginFuncs* pFuncs, NPError* error) = 0; #else virtual nsresult NP_Initialize(NPNetscapeFuncs* bFuncs, NPError* error) = 0; diff --git a/dom/plugins/ipc/PluginModuleChild.cpp b/dom/plugins/ipc/PluginModuleChild.cpp index 7350a7fa7..cbf6e509f 100644 --- a/dom/plugins/ipc/PluginModuleChild.cpp +++ b/dom/plugins/ipc/PluginModuleChild.cpp @@ -32,7 +32,6 @@ #include "mozilla/plugins/StreamNotifyChild.h" #include "mozilla/plugins/BrowserStreamChild.h" #include "mozilla/plugins/PluginStreamChild.h" -#include "mozilla/dom/CrashReporterChild.h" #include "mozilla/Sprintf.h" #include "mozilla/Unused.h" @@ -56,8 +55,6 @@ using namespace mozilla; using namespace mozilla::ipc; using namespace mozilla::plugins; using namespace mozilla::widget; -using mozilla::dom::CrashReporterChild; -using mozilla::dom::PCrashReporterChild; #if defined(XP_WIN) const wchar_t * kFlashFullscreenClass = L"ShockwaveFlashFullScreen"; @@ -733,29 +730,6 @@ PluginModuleChild::AllocPPluginModuleChild(mozilla::ipc::Transport* aTransport, return PluginModuleChild::CreateForContentProcess(aTransport, aOtherPid); } -PCrashReporterChild* -PluginModuleChild::AllocPCrashReporterChild(mozilla::dom::NativeThreadId* id, - uint32_t* processType) -{ - return new CrashReporterChild(); -} - -bool -PluginModuleChild::DeallocPCrashReporterChild(PCrashReporterChild* actor) -{ - delete actor; - return true; -} - -bool -PluginModuleChild::AnswerPCrashReporterConstructor( - PCrashReporterChild* actor, - mozilla::dom::NativeThreadId* id, - uint32_t* processType) -{ - return true; -} - void PluginModuleChild::ActorDestroy(ActorDestroyReason why) { @@ -2575,48 +2549,6 @@ PluginModuleChild::ProcessNativeEvents() { } #endif -bool -PluginModuleChild::RecvStartProfiler(const ProfilerInitParams& params) -{ - nsTArray<const char*> featureArray; - for (size_t i = 0; i < params.features().Length(); ++i) { - featureArray.AppendElement(params.features()[i].get()); - } - - nsTArray<const char*> threadNameFilterArray; - for (size_t i = 0; i < params.threadFilters().Length(); ++i) { - threadNameFilterArray.AppendElement(params.threadFilters()[i].get()); - } - - profiler_start(params.entries(), params.interval(), - featureArray.Elements(), featureArray.Length(), - threadNameFilterArray.Elements(), threadNameFilterArray.Length()); - - return true; -} - -bool -PluginModuleChild::RecvStopProfiler() -{ - profiler_stop(); - return true; -} - -bool -PluginModuleChild::RecvGatherProfile() -{ - nsCString profileCString; - UniquePtr<char[]> profile = profiler_get_profile(); - if (profile != nullptr) { - profileCString = nsCString(profile.get(), strlen(profile.get())); - } else { - profileCString = nsCString("", 0); - } - - Unused << SendProfile(profileCString); - return true; -} - NPError PluginModuleChild::PluginRequiresAudioDeviceChanges( PluginInstanceChild* aInstance, diff --git a/dom/plugins/ipc/PluginModuleChild.h b/dom/plugins/ipc/PluginModuleChild.h index 233a95369..681743582 100644 --- a/dom/plugins/ipc/PluginModuleChild.h +++ b/dom/plugins/ipc/PluginModuleChild.h @@ -46,17 +46,12 @@ typedef NS_NPAPIPLUGIN_CALLBACK(NPError, NP_PLUGINUNIXINIT) (const NPNetscapeFun typedef NS_NPAPIPLUGIN_CALLBACK(NPError, NP_PLUGINSHUTDOWN) (void); namespace mozilla { -namespace dom { -class PCrashReporterChild; -} // namespace dom - namespace plugins { class PluginInstanceChild; class PluginModuleChild : public PPluginModuleChild { - typedef mozilla::dom::PCrashReporterChild PCrashReporterChild; protected: virtual mozilla::ipc::RacyInterruptPolicy MediateInterruptRace(const MessageInfo& parent, @@ -124,26 +119,12 @@ protected: virtual bool RecvSetParentHangTimeout(const uint32_t& aSeconds) override; - virtual PCrashReporterChild* - AllocPCrashReporterChild(mozilla::dom::NativeThreadId* id, - uint32_t* processType) override; - virtual bool - DeallocPCrashReporterChild(PCrashReporterChild* actor) override; - virtual bool - AnswerPCrashReporterConstructor(PCrashReporterChild* actor, - mozilla::dom::NativeThreadId* id, - uint32_t* processType) override; - virtual void ActorDestroy(ActorDestroyReason why) override; virtual bool RecvProcessNativeEventsInInterruptCall() override; - virtual bool RecvStartProfiler(const ProfilerInitParams& params) override; - virtual bool RecvStopProfiler() override; - virtual bool RecvGatherProfile() override; - virtual bool AnswerModuleSupportsAsyncRender(bool* aResult) override; public: diff --git a/dom/plugins/ipc/PluginModuleParent.cpp b/dom/plugins/ipc/PluginModuleParent.cpp index 73f9c1025..2489baf16 100755 --- a/dom/plugins/ipc/PluginModuleParent.cpp +++ b/dom/plugins/ipc/PluginModuleParent.cpp @@ -10,7 +10,6 @@ #include "mozilla/Attributes.h" #include "mozilla/dom/ContentParent.h" #include "mozilla/dom/ContentChild.h" -#include "mozilla/dom/PCrashReporterParent.h" #include "mozilla/ipc/GeckoChildProcessHost.h" #include "mozilla/ipc/MessageChannel.h" #include "mozilla/ipc/ProtocolUtils.h" @@ -19,9 +18,6 @@ #include "mozilla/plugins/PluginBridge.h" #include "mozilla/plugins/PluginInstanceParent.h" #include "mozilla/Preferences.h" -#ifdef MOZ_ENABLE_PROFILER_SPS -#include "mozilla/ProfileGatherer.h" -#endif #include "mozilla/ProcessHangMonitor.h" #include "mozilla/Services.h" #include "mozilla/Telemetry.h" @@ -47,11 +43,6 @@ #include "PluginUtilsWin.h" #endif -#ifdef MOZ_ENABLE_PROFILER_SPS -#include "nsIProfiler.h" -#include "nsIProfileSaveEvent.h" -#endif - #ifdef MOZ_WIDGET_GTK #include <glib.h> #elif XP_MACOSX @@ -62,13 +53,8 @@ using base::KillProcess; using mozilla::PluginLibrary; -#ifdef MOZ_ENABLE_PROFILER_SPS -using mozilla::ProfileGatherer; -#endif using mozilla::ipc::MessageChannel; using mozilla::ipc::GeckoChildProcessHost; -using mozilla::dom::PCrashReporterParent; -using mozilla::dom::CrashReporterParent; using namespace mozilla; using namespace mozilla::plugins; @@ -529,7 +515,7 @@ PluginModuleChromeParent::OnProcessLaunched(const bool aSucceeded) if (NS_SUCCEEDED(mAsyncInitRv)) #endif { -#if defined(XP_UNIX) && !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) +#if defined(XP_UNIX) && !defined(XP_MACOSX) mAsyncInitRv = NP_Initialize(mNPNIface, mNPPIface, &mAsyncInitError); @@ -546,25 +532,6 @@ PluginModuleChromeParent::OnProcessLaunched(const bool aSucceeded) } #endif } - -#ifdef MOZ_ENABLE_PROFILER_SPS - nsCOMPtr<nsIProfiler> profiler(do_GetService("@mozilla.org/tools/profiler;1")); - bool profilerActive = false; - DebugOnly<nsresult> rv = profiler->IsActive(&profilerActive); - MOZ_ASSERT(NS_SUCCEEDED(rv)); - if (profilerActive) { - nsCOMPtr<nsIProfilerStartParams> currentProfilerParams; - rv = profiler->GetStartParams(getter_AddRefs(currentProfilerParams)); - MOZ_ASSERT(NS_SUCCEEDED(rv)); - - nsCOMPtr<nsISupports> gatherer; - rv = profiler->GetProfileGatherer(getter_AddRefs(gatherer)); - MOZ_ASSERT(NS_SUCCEEDED(rv)); - mGatherer = static_cast<ProfileGatherer*>(gatherer.get()); - - StartProfiler(currentProfilerParams); - } -#endif } bool @@ -650,10 +617,6 @@ PluginModuleChromeParent::PluginModuleChromeParent(const char* aFilePath, mSandboxLevel = aSandboxLevel; mRunID = GeckoChildProcessHost::GetUniqueID(); -#ifdef MOZ_ENABLE_PROFILER_SPS - InitPluginProfiling(); -#endif - mozilla::HangMonitor::RegisterAnnotator(*this); } @@ -663,10 +626,6 @@ PluginModuleChromeParent::~PluginModuleChromeParent() NS_RUNTIMEABORT("unsafe destruction"); } -#ifdef MOZ_ENABLE_PROFILER_SPS - ShutdownPluginProfiling(); -#endif - #ifdef XP_WIN // If we registered for audio notifications, stop. mozilla::plugins::PluginUtilsWin::RegisterForAudioDeviceChanges(this, @@ -1745,7 +1704,7 @@ PluginModuleChromeParent::CachedSettingChanged(const char* aPref, void* aModule) module->CachedSettingChanged(); } -#if defined(XP_UNIX) && !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) +#if defined(XP_UNIX) && !defined(XP_MACOSX) nsresult PluginModuleParent::NP_Initialize(NPNetscapeFuncs* bFuncs, NPPluginFuncs* pFuncs, NPError* error) { @@ -2525,33 +2484,6 @@ PluginModuleParent::RecvPluginHideWindow(const uint32_t& aWindowId) #endif } -PCrashReporterParent* -PluginModuleParent::AllocPCrashReporterParent(mozilla::dom::NativeThreadId* id, - uint32_t* processType) -{ - MOZ_CRASH("unreachable"); -} - -bool -PluginModuleParent::DeallocPCrashReporterParent(PCrashReporterParent* actor) -{ - MOZ_CRASH("unreachable"); -} - -PCrashReporterParent* -PluginModuleChromeParent::AllocPCrashReporterParent(mozilla::dom::NativeThreadId* id, - uint32_t* processType) -{ - return nullptr; -} - -bool -PluginModuleChromeParent::DeallocPCrashReporterParent(PCrashReporterParent* actor) -{ - delete actor; - return true; -} - bool PluginModuleParent::RecvSetCursor(const NSCursorInfo& aCursorInfo) { @@ -2709,136 +2641,6 @@ PluginModuleParent::AnswerNPN_SetValue_NPPVpluginRequiresAudioDeviceChanges( return true; } -#ifdef MOZ_ENABLE_PROFILER_SPS -class PluginProfilerObserver final : public nsIObserver, - public nsSupportsWeakReference -{ -public: - NS_DECL_ISUPPORTS - NS_DECL_NSIOBSERVER - - explicit PluginProfilerObserver(PluginModuleChromeParent* pmp) - : mPmp(pmp) - {} - -private: - ~PluginProfilerObserver() {} - PluginModuleChromeParent* mPmp; -}; - -NS_IMPL_ISUPPORTS(PluginProfilerObserver, nsIObserver, nsISupportsWeakReference) - -NS_IMETHODIMP -PluginProfilerObserver::Observe(nsISupports *aSubject, - const char *aTopic, - const char16_t *aData) -{ - if (!strcmp(aTopic, "profiler-started")) { - nsCOMPtr<nsIProfilerStartParams> params(do_QueryInterface(aSubject)); - mPmp->StartProfiler(params); - } else if (!strcmp(aTopic, "profiler-stopped")) { - mPmp->StopProfiler(); - } else if (!strcmp(aTopic, "profiler-subprocess-gather")) { - mPmp->GatherAsyncProfile(); - } else if (!strcmp(aTopic, "profiler-subprocess")) { - nsCOMPtr<nsIProfileSaveEvent> pse = do_QueryInterface(aSubject); - mPmp->GatheredAsyncProfile(pse); - } - return NS_OK; -} - -void -PluginModuleChromeParent::InitPluginProfiling() -{ - nsCOMPtr<nsIObserverService> observerService = mozilla::services::GetObserverService(); - if (observerService) { - mProfilerObserver = new PluginProfilerObserver(this); - observerService->AddObserver(mProfilerObserver, "profiler-started", false); - observerService->AddObserver(mProfilerObserver, "profiler-stopped", false); - observerService->AddObserver(mProfilerObserver, "profiler-subprocess-gather", false); - observerService->AddObserver(mProfilerObserver, "profiler-subprocess", false); - } -} - -void -PluginModuleChromeParent::ShutdownPluginProfiling() -{ - nsCOMPtr<nsIObserverService> observerService = mozilla::services::GetObserverService(); - if (observerService) { - observerService->RemoveObserver(mProfilerObserver, "profiler-started"); - observerService->RemoveObserver(mProfilerObserver, "profiler-stopped"); - observerService->RemoveObserver(mProfilerObserver, "profiler-subprocess-gather"); - observerService->RemoveObserver(mProfilerObserver, "profiler-subprocess"); - } -} - -void -PluginModuleChromeParent::StartProfiler(nsIProfilerStartParams* aParams) -{ - if (NS_WARN_IF(!aParams)) { - return; - } - - ProfilerInitParams ipcParams; - - ipcParams.enabled() = true; - aParams->GetEntries(&ipcParams.entries()); - aParams->GetInterval(&ipcParams.interval()); - ipcParams.features() = aParams->GetFeatures(); - ipcParams.threadFilters() = aParams->GetThreadFilterNames(); - - Unused << SendStartProfiler(ipcParams); - - nsCOMPtr<nsIProfiler> profiler(do_GetService("@mozilla.org/tools/profiler;1")); - if (NS_WARN_IF(!profiler)) { - return; - } - nsCOMPtr<nsISupports> gatherer; - profiler->GetProfileGatherer(getter_AddRefs(gatherer)); - mGatherer = static_cast<ProfileGatherer*>(gatherer.get()); -} - -void -PluginModuleChromeParent::StopProfiler() -{ - mGatherer = nullptr; - Unused << SendStopProfiler(); -} - -void -PluginModuleChromeParent::GatherAsyncProfile() -{ - if (NS_WARN_IF(!mGatherer)) { - return; - } - mGatherer->WillGatherOOPProfile(); - Unused << SendGatherProfile(); -} - -void -PluginModuleChromeParent::GatheredAsyncProfile(nsIProfileSaveEvent* aSaveEvent) -{ - if (aSaveEvent && !mProfile.IsEmpty()) { - aSaveEvent->AddSubProfile(mProfile.get()); - mProfile.Truncate(); - } -} -#endif // MOZ_ENABLE_PROFILER_SPS - -bool -PluginModuleChromeParent::RecvProfile(const nsCString& aProfile) -{ -#ifdef MOZ_ENABLE_PROFILER_SPS - if (NS_WARN_IF(!mGatherer)) { - return true; - } - - mProfile = aProfile; - mGatherer->GatheredOOPProfile(); -#endif - return true; -} - bool PluginModuleParent::AnswerGetKeyState(const int32_t& aVirtKey, int16_t* aRet) { diff --git a/dom/plugins/ipc/PluginModuleParent.h b/dom/plugins/ipc/PluginModuleParent.h index 946d4c236..0ceed6efd 100644 --- a/dom/plugins/ipc/PluginModuleParent.h +++ b/dom/plugins/ipc/PluginModuleParent.h @@ -30,14 +30,6 @@ class nsIProfileSaveEvent; class nsPluginTag; namespace mozilla { -#ifdef MOZ_ENABLE_PROFILER_SPS -class ProfileGatherer; -#endif -namespace dom { -class PCrashReporterParent; -class CrashReporterParent; -} // namespace dom - namespace layers { class TextureClientRecycleAllocator; } // namespace layers @@ -76,8 +68,6 @@ class PluginModuleParent { protected: typedef mozilla::PluginLibrary PluginLibrary; - typedef mozilla::dom::PCrashReporterParent PCrashReporterParent; - typedef mozilla::dom::CrashReporterParent CrashReporterParent; PPluginInstanceParent* AllocPPluginInstanceParent(const nsCString& aMimeType, @@ -158,12 +148,6 @@ protected: virtual bool RecvPluginHideWindow(const uint32_t& aWindowId) override; - virtual PCrashReporterParent* - AllocPCrashReporterParent(mozilla::dom::NativeThreadId* id, - uint32_t* processType) override; - virtual bool - DeallocPCrashReporterParent(PCrashReporterParent* actor) override; - virtual bool RecvSetCursor(const NSCursorInfo& aCursorInfo) override; @@ -201,8 +185,6 @@ protected: virtual bool RecvNotifyContentModuleDestroyed() override { return true; } - virtual bool RecvProfile(const nsCString& aProfile) override { return true; } - virtual bool AnswerGetKeyState(const int32_t& aVirtKey, int16_t* aRet) override; virtual bool RecvReturnClearSiteData(const NPError& aRv, @@ -267,7 +249,7 @@ protected: const mozilla::NativeEventData& aNativeKeyData, bool aIsConsumed) override; -#if defined(XP_UNIX) && !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) +#if defined(XP_UNIX) && !defined(XP_MACOSX) virtual nsresult NP_Initialize(NPNetscapeFuncs* bFuncs, NPPluginFuncs* pFuncs, NPError* error) override; #else virtual nsresult NP_Initialize(NPNetscapeFuncs* bFuncs, NPError* error) override; @@ -348,7 +330,6 @@ protected: bool GetPluginDetails(); - friend class mozilla::dom::CrashReporterParent; friend class mozilla::plugins::PluginAsyncSurrogate; bool mIsStartingAsync; @@ -480,16 +461,6 @@ class PluginModuleChromeParent void CachedSettingChanged(); -#ifdef MOZ_ENABLE_PROFILER_SPS - void GatherAsyncProfile(); - void GatheredAsyncProfile(nsIProfileSaveEvent* aSaveEvent); - void StartProfiler(nsIProfilerStartParams* aParams); - void StopProfiler(); -#endif - - virtual bool - RecvProfile(const nsCString& aProfile) override; - virtual bool AnswerGetKeyState(const int32_t& aVirtKey, int16_t* aRet) override; @@ -508,16 +479,10 @@ private: virtual bool ShouldContinueFromReplyTimeout() override; - virtual PCrashReporterParent* - AllocPCrashReporterParent(mozilla::dom::NativeThreadId* id, - uint32_t* processType) override; - virtual bool - DeallocPCrashReporterParent(PCrashReporterParent* actor) override; - PluginProcessParent* Process() const { return mSubprocess; } base::ProcessHandle ChildProcessHandle() { return mSubprocess->GetChildProcessHandle(); } -#if defined(XP_UNIX) && !defined(XP_MACOSX) && !defined(MOZ_WIDGET_GONK) +#if defined(XP_UNIX) && !defined(XP_MACOSX) virtual nsresult NP_Initialize(NPNetscapeFuncs* bFuncs, NPPluginFuncs* pFuncs, NPError* error) override; #else virtual nsresult NP_Initialize(NPNetscapeFuncs* bFuncs, NPError* error) override; @@ -534,17 +499,10 @@ private: int32_t aSandboxLevel, bool aAllowAsyncInit); - CrashReporterParent* CrashReporter(); - void CleanupFromTimeout(const bool aByHangUI); virtual void UpdatePluginTimeout() override; -#ifdef MOZ_ENABLE_PROFILER_SPS - void InitPluginProfiling(); - void ShutdownPluginProfiling(); -#endif - void RegisterSettingsCallbacks(); void UnregisterSettingsCallbacks(); @@ -593,7 +551,6 @@ private: FinishHangUI(); #endif - friend class mozilla::dom::CrashReporterParent; friend class mozilla::plugins::PluginAsyncSurrogate; void OnProcessLaunched(const bool aSucceeded); @@ -628,9 +585,6 @@ private: // processes in existence! dom::ContentParent* mContentParent; nsCOMPtr<nsIObserver> mPluginOfflineObserver; -#ifdef MOZ_ENABLE_PROFILER_SPS - RefPtr<mozilla::ProfileGatherer> mGatherer; -#endif nsCString mProfile; bool mIsBlocklisted; static bool sInstantiated; diff --git a/dom/plugins/ipc/PluginProcessChild.cpp b/dom/plugins/ipc/PluginProcessChild.cpp index eb698e8af..32bf06215 100644 --- a/dom/plugins/ipc/PluginProcessChild.cpp +++ b/dom/plugins/ipc/PluginProcessChild.cpp @@ -22,10 +22,6 @@ extern "C" CGError CGSSetDebugOptions(int options); #ifdef XP_WIN bool ShouldProtectPluginCurrentDirectory(char16ptr_t pluginFilePath); -#if defined(MOZ_SANDBOX) -#define TARGET_SANDBOX_EXPORTS -#include "mozilla/sandboxTarget.h" -#endif #endif using mozilla::ipc::IOThreadChild; @@ -107,12 +103,6 @@ PluginProcessChild::Init() pluginFilename = WideToUTF8(values[0]); -#if defined(MOZ_SANDBOX) - // This is probably the earliest we would want to start the sandbox. - // As we attempt to tighten the sandbox, we may need to consider moving this - // to later in the plugin initialization. - mozilla::SandboxTarget::Instance()->StartSandbox(); -#endif #else # error Sorry #endif diff --git a/dom/plugins/ipc/PluginProcessParent.cpp b/dom/plugins/ipc/PluginProcessParent.cpp index 2a73bce51..fb0e18246 100644 --- a/dom/plugins/ipc/PluginProcessParent.cpp +++ b/dom/plugins/ipc/PluginProcessParent.cpp @@ -14,10 +14,6 @@ #include "mozilla/Telemetry.h" #include "nsThreadUtils.h" -#if defined(XP_WIN) && defined(MOZ_SANDBOX) -#include "nsDirectoryServiceDefs.h" -#endif - using std::vector; using std::string; @@ -40,95 +36,14 @@ PluginProcessParent::~PluginProcessParent() { } -#if defined(XP_WIN) && defined(MOZ_SANDBOX) -static void -AddSandboxAllowedFile(vector<std::wstring>& aAllowedFiles, nsIProperties* aDirSvc, - const char* aDir, const nsAString& aSuffix = EmptyString()) -{ - nsCOMPtr<nsIFile> userDir; - nsresult rv = aDirSvc->Get(aDir, NS_GET_IID(nsIFile), getter_AddRefs(userDir)); - if (NS_WARN_IF(NS_FAILED(rv))) { - return; - } - - nsAutoString userDirPath; - rv = userDir->GetPath(userDirPath); - if (NS_WARN_IF(NS_FAILED(rv))) { - return; - } - - if (!aSuffix.IsEmpty()) { - userDirPath.Append(aSuffix); - } - aAllowedFiles.push_back(std::wstring(userDirPath.get())); - return; -} - -static void -AddSandboxAllowedFiles(int32_t aSandboxLevel, - vector<std::wstring>& aAllowedFilesRead, - vector<std::wstring>& aAllowedFilesReadWrite, - vector<std::wstring>& aAllowedDirectories) -{ - if (aSandboxLevel < 2) { - return; - } - - nsresult rv; - nsCOMPtr<nsIProperties> dirSvc = - do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID, &rv); - if (NS_WARN_IF(NS_FAILED(rv))) { - return; - } - - // Higher than level 2 currently removes the users own rights. - if (aSandboxLevel > 2) { - AddSandboxAllowedFile(aAllowedFilesRead, dirSvc, NS_WIN_HOME_DIR); - AddSandboxAllowedFile(aAllowedFilesRead, dirSvc, NS_WIN_HOME_DIR, - NS_LITERAL_STRING("\\*")); - } - - // Level 2 and above is now using low integrity, so we need to give write - // access to the Flash directories. - // This should be made Flash specific (Bug 1171396). - AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia\\Flash Player\\*")); - AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_LOCAL_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia\\Flash Player\\*")); - AddSandboxAllowedFile(aAllowedFilesReadWrite, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Adobe\\Flash Player\\*")); - - // Access also has to be given to create the parent directories as they may - // not exist. - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia")); - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia\\Flash Player")); - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_LOCAL_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia")); - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_LOCAL_APPDATA_DIR, - NS_LITERAL_STRING("\\Macromedia\\Flash Player")); - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Adobe")); - AddSandboxAllowedFile(aAllowedDirectories, dirSvc, NS_WIN_APPDATA_DIR, - NS_LITERAL_STRING("\\Adobe\\Flash Player")); -} -#endif - bool PluginProcessParent::Launch(mozilla::UniquePtr<LaunchCompleteTask> aLaunchCompleteTask, int32_t aSandboxLevel) { -#if defined(XP_WIN) && defined(MOZ_SANDBOX) - mSandboxLevel = aSandboxLevel; - AddSandboxAllowedFiles(mSandboxLevel, mAllowedFilesRead, - mAllowedFilesReadWrite, mAllowedDirectories); -#else if (aSandboxLevel != 0) { MOZ_ASSERT(false, "Can't enable an NPAPI process sandbox for platform/build."); } -#endif ProcessArchitecture currentArchitecture = base::GetCurrentProcessArchitecture(); uint32_t containerArchitectures = GetSupportedArchitecturesForProcessType(GeckoProcessType_Plugin); diff --git a/dom/plugins/ipc/moz.build b/dom/plugins/ipc/moz.build index b569aeb4c..15ed6410d 100644 --- a/dom/plugins/ipc/moz.build +++ b/dom/plugins/ipc/moz.build @@ -125,12 +125,6 @@ LOCAL_INCLUDES += [ '/xpcom/base/', ] -if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'WINNT': - LOCAL_INCLUDES += [ - '/security/sandbox/chromium', - '/security/sandbox/chromium-shim', - ] - DEFINES['FORCE_PR_LOG'] = True if CONFIG['MOZ_WIDGET_TOOLKIT'] != 'gtk3': diff --git a/dom/plugins/test/mochitest/test_bug813906.html b/dom/plugins/test/mochitest/test_bug813906.html index 04c34daaf..d18dbbff2 100644 --- a/dom/plugins/test/mochitest/test_bug813906.html +++ b/dom/plugins/test/mochitest/test_bug813906.html @@ -18,21 +18,35 @@ function f() { </script> <script type="application/javascript"> +SimpleTest.requestFlakyTimeout( + "Blocking an iframe does not cause the onerror event to be fired"); + SimpleTest.waitForExplicitFinish(); setTestPluginEnabledState(SpecialPowers.Ci.nsIPluginTag.STATE_ENABLED); var frameLoadCount = 0; + +function frameNavBlocked() { + isnot(SpecialPowers.wrap(window.frame1).location.href.indexOf('chrome://'), + 0, 'plugin shouldnt be able to cause navigation to chrome URLs'); + SimpleTest.finish(); +} + function frameLoaded() { frameLoadCount++; if (frameLoadCount == 1) { document.getElementsByTagName("object")[0].type = "application/x-test"; document.getElementsByTagName("use")[0].setAttributeNS("http://www.w3.org/1999/xlink", "href", location.href + "#a"); - } else if (frameLoadCount == 2) { - isnot(SpecialPowers.wrap(window.frame1).location.href.indexOf('chrome://'), - 0, 'plugin shouldnt be able to cause navigation to chrome URLs'); - SimpleTest.finish(); + + // wait two seconds and verify that frame navigation did not succeed + setTimeout(frameNavBlocked, 2000); + return; } + // we should never get here, but just in case, make sure the test fails in that case. + ok(false, "onload() event should not fire for blocked navigation"); + SimpleTest.finish(); } + </script> <!-- Note that <svg:use> ends up creating an anonymous subtree, which means that the plugin diff --git a/dom/plugins/test/mochitest/test_pluginstream_err.html b/dom/plugins/test/mochitest/test_pluginstream_err.html index 0ac2a5efc..79f06154c 100644 --- a/dom/plugins/test/mochitest/test_pluginstream_err.html +++ b/dom/plugins/test/mochitest/test_pluginstream_err.html @@ -13,7 +13,7 @@ Tests for plugin stream error conditions. <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> </head> -<body onload="runNextTest()"> +<body onload="startTests()"> <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=517078"> Mozilla Bug 517078</a> - Plugin Stream Error Tests <p id="display"></p> @@ -158,6 +158,12 @@ function continueTest() { index++; } +function startTests() { + SpecialPowers.pushPrefEnv({"set": [ + ["security.data_uri.block_toplevel_data_uri_navigations", false], + ]}, runNextTest); +} + </script> </div> </body> diff --git a/dom/plugins/test/unit/xpcshell.ini b/dom/plugins/test/unit/xpcshell.ini index 69b6731b2..2665c82b5 100644 --- a/dom/plugins/test/unit/xpcshell.ini +++ b/dom/plugins/test/unit/xpcshell.ini @@ -5,7 +5,6 @@ tail = tags = addons firefox-appdir = browser support-files = - !/toolkit/mozapps/webextensions/test/xpcshell/head_addons.js [test_allowed_types.js] skip-if = appname == "thunderbird" |