From ae14556114dcae29f679db7c15f0bc9b707bb89a Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 15 Apr 2018 07:29:18 +0200 Subject: moebius#130: URL parser - fix: don't allow empty host name https://github.com/MoonchildProductions/moebius/issues/130 --- docshell/test/unit/test_nsDefaultURIFixup_info.js | 6 ------ 1 file changed, 6 deletions(-) (limited to 'docshell') diff --git a/docshell/test/unit/test_nsDefaultURIFixup_info.js b/docshell/test/unit/test_nsDefaultURIFixup_info.js index 9e33ea484..c606ac32e 100644 --- a/docshell/test/unit/test_nsDefaultURIFixup_info.js +++ b/docshell/test/unit/test_nsDefaultURIFixup_info.js @@ -426,8 +426,6 @@ var testcases = [ { protocolChange: true, }, { input: "?'.com", - fixedURI: "http:///?%27.com", - alternateURI: "http://www..com/?%27.com", keywordLookup: true, protocolChange: true, }, { @@ -436,14 +434,10 @@ var testcases = [ { protocolChange: true }, { input: "?mozilla", - fixedURI: "http:///?mozilla", - alternateURI: "http://www..com/?mozilla", keywordLookup: true, protocolChange: true, }, { input: "??mozilla", - fixedURI: "http:///??mozilla", - alternateURI: "http://www..com/??mozilla", keywordLookup: true, protocolChange: true, }, { -- cgit v1.2.3 From f138ec95d9d2c9faba019e52467beeed2a73b4f5 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 15 Apr 2018 08:09:17 +0200 Subject: moebius#131: URL parser - stop preserving empty passwords https://github.com/MoonchildProductions/moebius/issues/131 --- docshell/test/unit/test_nsDefaultURIFixup_search.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docshell') diff --git a/docshell/test/unit/test_nsDefaultURIFixup_search.js b/docshell/test/unit/test_nsDefaultURIFixup_search.js index c00b6a85f..c84452b5d 100644 --- a/docshell/test/unit/test_nsDefaultURIFixup_search.js +++ b/docshell/test/unit/test_nsDefaultURIFixup_search.js @@ -74,7 +74,7 @@ var data = [ }, { wrong: 'user:@example.com:8080/this/is/a/test.html', - fixed: 'http://user:@example.com:8080/this/is/a/test.html', + fixed: 'http://user@example.com:8080/this/is/a/test.html', }, { wrong: '//user:pass@example.com:8080/this/is/a/test.html', -- cgit v1.2.3 From 1b4c4256ee7705724b02919b4d432b2a391bcd04 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 18:51:38 +0200 Subject: moebius#223: Consider blocking top level window data: URIs (part 1/3 without tests) https://github.com/MoonchildProductions/moebius/pull/223 --- docshell/base/nsDocShell.cpp | 16 +++++++++++++++- docshell/base/nsDocShell.h | 1 + 2 files changed, 16 insertions(+), 1 deletion(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 58c182cbb..ae97a7c9e 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -42,6 +42,7 @@ #include "nsArray.h" #include "nsArrayUtils.h" +#include "nsContentSecurityManager.h" #include "nsICaptivePortalService.h" #include "nsIDOMStorage.h" #include "nsIContentViewer.h" @@ -9884,6 +9885,15 @@ nsDocShell::InternalLoad(nsIURI* aURI, contentType = nsIContentPolicy::TYPE_DOCUMENT; } + if (!nsContentSecurityManager::AllowTopLevelNavigationToDataURI( + aURI, + contentType, + aTriggeringPrincipal, + (aLoadType == LOAD_NORMAL_EXTERNAL))) { + // logging to console happens within AllowTopLevelNavigationToDataURI + return NS_OK; + } + // If there's no targetDocShell, that means we are about to create a new window, // perform a content policy check before creating the window. if (!targetDocShell) { @@ -10232,8 +10242,11 @@ nsDocShell::InternalLoad(nsIURI* aURI, } } + bool loadFromExternal = false; + // Before going any further vet loads initiated by external programs. if (aLoadType == LOAD_NORMAL_EXTERNAL) { + loadFromExternal = true; // Disallow external chrome: loads targetted at content windows bool isChrome = false; if (NS_SUCCEEDED(aURI->SchemeIs("chrome", &isChrome)) && isChrome) { @@ -10724,7 +10737,7 @@ nsDocShell::InternalLoad(nsIURI* aURI, nsINetworkPredictor::PREDICT_LOAD, this, nullptr); nsCOMPtr req; - rv = DoURILoad(aURI, aOriginalURI, aLoadReplace, aReferrer, + rv = DoURILoad(aURI, aOriginalURI, aLoadReplace, loadFromExternal, aReferrer, !(aFlags & INTERNAL_LOAD_FLAGS_DONT_SEND_REFERRER), aReferrerPolicy, aTriggeringPrincipal, principalToInherit, aTypeHint, @@ -10804,6 +10817,7 @@ nsresult nsDocShell::DoURILoad(nsIURI* aURI, nsIURI* aOriginalURI, bool aLoadReplace, + bool aLoadFromExternal, nsIURI* aReferrerURI, bool aSendReferrer, uint32_t aReferrerPolicy, diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h index 3ca9e0b34..549d7f540 100644 --- a/docshell/base/nsDocShell.h +++ b/docshell/base/nsDocShell.h @@ -369,6 +369,7 @@ protected: nsresult DoURILoad(nsIURI* aURI, nsIURI* aOriginalURI, bool aLoadReplace, + bool aLoadFromExternal, nsIURI* aReferrer, bool aSendReferrer, uint32_t aReferrerPolicy, -- cgit v1.2.3 From f1e5578718ea8883438cfea06d3c55d25f5c0278 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 19:03:22 +0200 Subject: moebius#226: Consider blocking top level window data: URIs (part 2/2 without tests) https://github.com/MoonchildProductions/moebius/pull/226 --- docshell/base/nsDSURIContentListener.cpp | 9 +++++++++ docshell/base/nsDocShell.cpp | 10 +--------- 2 files changed, 10 insertions(+), 9 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDSURIContentListener.cpp b/docshell/base/nsDSURIContentListener.cpp index 93ce3cb26..ee6a4dd62 100644 --- a/docshell/base/nsDSURIContentListener.cpp +++ b/docshell/base/nsDSURIContentListener.cpp @@ -17,6 +17,7 @@ #include "nsIHttpChannel.h" #include "nsIScriptSecurityManager.h" #include "nsError.h" +#include "nsContentSecurityManager.h" #include "nsCharSeparatedTokenizer.h" #include "nsIConsoleService.h" #include "nsIScriptError.h" @@ -93,6 +94,14 @@ nsDSURIContentListener::DoContent(const nsACString& aContentType, if (aOpenedChannel) { aOpenedChannel->GetLoadFlags(&loadFlags); + + // block top-level data URI navigations if triggered by the web + if (!nsContentSecurityManager::AllowTopLevelNavigationToDataURI(aOpenedChannel)) { + // logging to console happens within AllowTopLevelNavigationToDataURI + aRequest->Cancel(NS_ERROR_DOM_BAD_URI); + *aAbortProcess = true; + return NS_OK; + } } if (loadFlags & nsIChannel::LOAD_RETARGETED_DOCUMENT_URI) { diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index ae97a7c9e..596bd5d84 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -9885,15 +9885,6 @@ nsDocShell::InternalLoad(nsIURI* aURI, contentType = nsIContentPolicy::TYPE_DOCUMENT; } - if (!nsContentSecurityManager::AllowTopLevelNavigationToDataURI( - aURI, - contentType, - aTriggeringPrincipal, - (aLoadType == LOAD_NORMAL_EXTERNAL))) { - // logging to console happens within AllowTopLevelNavigationToDataURI - return NS_OK; - } - // If there's no targetDocShell, that means we are about to create a new window, // perform a content policy check before creating the window. if (!targetDocShell) { @@ -10962,6 +10953,7 @@ nsDocShell::DoURILoad(nsIURI* aURI, if (aPrincipalToInherit) { loadInfo->SetPrincipalToInherit(aPrincipalToInherit); } + loadInfo->SetLoadTriggeredFromExternal(aLoadFromExternal); // We have to do this in case our OriginAttributes are different from the // OriginAttributes of the parent document. Or in case there isn't a -- cgit v1.2.3 From 660d01438a6a29ebd43f592ac7d6df2dad6a6962 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 20:28:18 +0200 Subject: moebius#230: Consider blocking top level window data: URIs (part 3/3 without tests) https://github.com/MoonchildProductions/moebius/pull/230 --- docshell/base/nsDocShell.cpp | 17 ++++++++++++++++- docshell/base/nsDocShell.h | 1 + docshell/base/nsDocShellLoadInfo.cpp | 15 +++++++++++++++ docshell/base/nsDocShellLoadInfo.h | 1 + docshell/base/nsIDocShell.idl | 3 +++ docshell/base/nsIDocShellLoadInfo.idl | 6 ++++++ docshell/base/nsIWebNavigation.idl | 6 ++++++ 7 files changed, 48 insertions(+), 1 deletion(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 596bd5d84..f3db4a3cb 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -1273,6 +1273,7 @@ nsDocShell::LoadURI(nsIURI* aURI, nsCOMPtr shEntry; nsXPIDLString target; nsAutoString srcdoc; + bool forceAllowDataURI = false; nsCOMPtr sourceDocShell; nsCOMPtr baseURI; @@ -1308,6 +1309,7 @@ nsDocShell::LoadURI(nsIURI* aURI, aLoadInfo->GetSrcdocData(srcdoc); aLoadInfo->GetSourceDocShell(getter_AddRefs(sourceDocShell)); aLoadInfo->GetBaseURI(getter_AddRefs(baseURI)); + aLoadInfo->GetForceAllowDataURI(&forceAllowDataURI); } #if defined(DEBUG) @@ -1561,6 +1563,10 @@ nsDocShell::LoadURI(nsIURI* aURI, flags |= INTERNAL_LOAD_FLAGS_IS_SRCDOC; } + if (forceAllowDataURI) { + flags |= INTERNAL_LOAD_FLAGS_FORCE_ALLOW_DATA_URI; + } + return InternalLoad(aURI, originalURI, loadReplace, @@ -4822,6 +4828,9 @@ nsDocShell::LoadURIWithOptions(const char16_t* aURI, } nsAutoPopupStatePusher statePusher(popupState); + bool forceAllowDataURI = + aLoadFlags & LOAD_FLAGS_FORCE_ALLOW_DATA_URI; + // Don't pass certain flags that aren't needed and end up confusing // ConvertLoadTypeToDocShellLoadInfo. We do need to ensure that they are // passed to LoadURI though, since it uses them. @@ -4851,6 +4860,7 @@ nsDocShell::LoadURIWithOptions(const char16_t* aURI, loadInfo->SetReferrerPolicy(aReferrerPolicy); loadInfo->SetHeadersStream(aHeaderStream); loadInfo->SetBaseURI(aBaseURI); + loadInfo->SetForceAllowDataURI(forceAllowDataURI); if (fixupInfo) { nsAutoString searchProvider, keyword; @@ -10083,6 +10093,7 @@ nsDocShell::InternalLoad(nsIURI* aURI, // principal to inherit is: it should be aTriggeringPrincipal. loadInfo->SetPrincipalIsExplicit(true); loadInfo->SetLoadType(ConvertLoadTypeToDocShellLoadInfo(LOAD_LINK)); + loadInfo->SetForceAllowDataURI(aFlags & INTERNAL_LOAD_FLAGS_FORCE_ALLOW_DATA_URI); rv = win->Open(NS_ConvertUTF8toUTF16(spec), aWindowTarget, // window name @@ -10728,7 +10739,9 @@ nsDocShell::InternalLoad(nsIURI* aURI, nsINetworkPredictor::PREDICT_LOAD, this, nullptr); nsCOMPtr req; - rv = DoURILoad(aURI, aOriginalURI, aLoadReplace, loadFromExternal, aReferrer, + rv = DoURILoad(aURI, aOriginalURI, aLoadReplace, loadFromExternal, + (aFlags & INTERNAL_LOAD_FLAGS_FORCE_ALLOW_DATA_URI), + aReferrer, !(aFlags & INTERNAL_LOAD_FLAGS_DONT_SEND_REFERRER), aReferrerPolicy, aTriggeringPrincipal, principalToInherit, aTypeHint, @@ -10809,6 +10822,7 @@ nsDocShell::DoURILoad(nsIURI* aURI, nsIURI* aOriginalURI, bool aLoadReplace, bool aLoadFromExternal, + bool aForceAllowDataURI, nsIURI* aReferrerURI, bool aSendReferrer, uint32_t aReferrerPolicy, @@ -10954,6 +10968,7 @@ nsDocShell::DoURILoad(nsIURI* aURI, loadInfo->SetPrincipalToInherit(aPrincipalToInherit); } loadInfo->SetLoadTriggeredFromExternal(aLoadFromExternal); + loadInfo->SetForceAllowDataURI(aForceAllowDataURI); // We have to do this in case our OriginAttributes are different from the // OriginAttributes of the parent document. Or in case there isn't a diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h index 549d7f540..63a4e3358 100644 --- a/docshell/base/nsDocShell.h +++ b/docshell/base/nsDocShell.h @@ -370,6 +370,7 @@ protected: nsIURI* aOriginalURI, bool aLoadReplace, bool aLoadFromExternal, + bool aForceAllowDataURI, nsIURI* aReferrer, bool aSendReferrer, uint32_t aReferrerPolicy, diff --git a/docshell/base/nsDocShellLoadInfo.cpp b/docshell/base/nsDocShellLoadInfo.cpp index 7d0034b04..b00e8e360 100644 --- a/docshell/base/nsDocShellLoadInfo.cpp +++ b/docshell/base/nsDocShellLoadInfo.cpp @@ -15,6 +15,7 @@ nsDocShellLoadInfo::nsDocShellLoadInfo() : mLoadReplace(false) , mInheritPrincipal(false) , mPrincipalIsExplicit(false) + , mForceAllowDataURI(false) , mSendReferrer(true) , mReferrerPolicy(mozilla::net::RP_Default) , mLoadType(nsIDocShellLoadInfo::loadNormal) @@ -126,6 +127,20 @@ nsDocShellLoadInfo::SetPrincipalIsExplicit(bool aPrincipalIsExplicit) return NS_OK; } +NS_IMETHODIMP +nsDocShellLoadInfo::GetForceAllowDataURI(bool* aForceAllowDataURI) +{ + *aForceAllowDataURI = mForceAllowDataURI; + return NS_OK; +} + +NS_IMETHODIMP +nsDocShellLoadInfo::SetForceAllowDataURI(bool aForceAllowDataURI) +{ + mForceAllowDataURI = aForceAllowDataURI; + return NS_OK; +} + NS_IMETHODIMP nsDocShellLoadInfo::GetLoadType(nsDocShellInfoLoadType* aLoadType) { diff --git a/docshell/base/nsDocShellLoadInfo.h b/docshell/base/nsDocShellLoadInfo.h index b7eaed832..f3ddcca1e 100644 --- a/docshell/base/nsDocShellLoadInfo.h +++ b/docshell/base/nsDocShellLoadInfo.h @@ -37,6 +37,7 @@ protected: bool mLoadReplace; bool mInheritPrincipal; bool mPrincipalIsExplicit; + bool mForceAllowDataURI; bool mSendReferrer; nsDocShellInfoReferrerPolicy mReferrerPolicy; nsDocShellInfoLoadType mLoadType; diff --git a/docshell/base/nsIDocShell.idl b/docshell/base/nsIDocShell.idl index 8261c45dc..e34e6adfd 100644 --- a/docshell/base/nsIDocShell.idl +++ b/docshell/base/nsIDocShell.idl @@ -116,6 +116,9 @@ interface nsIDocShell : nsIDocShellTreeItem const long INTERNAL_LOAD_FLAGS_NO_OPENER = 0x100; + // Whether a top-level data URI navigation is allowed for that load + const long INTERNAL_LOAD_FLAGS_FORCE_ALLOW_DATA_URI = 0x200; + // NB: 0x80 is available. /** diff --git a/docshell/base/nsIDocShellLoadInfo.idl b/docshell/base/nsIDocShellLoadInfo.idl index 113c0a4c1..8804f63a3 100644 --- a/docshell/base/nsIDocShellLoadInfo.idl +++ b/docshell/base/nsIDocShellLoadInfo.idl @@ -55,6 +55,12 @@ interface nsIDocShellLoadInfo : nsISupports */ attribute boolean principalIsExplicit; + /** + * If this attribute is true, then a top-level navigation + * to a data URI will be allowed. + */ + attribute boolean forceAllowDataURI; + /* these are load type enums... */ const long loadNormal = 0; // Normal Load const long loadNormalReplace = 1; // Normal Load but replaces current history slot diff --git a/docshell/base/nsIWebNavigation.idl b/docshell/base/nsIWebNavigation.idl index 042b1c547..241d0731c 100644 --- a/docshell/base/nsIWebNavigation.idl +++ b/docshell/base/nsIWebNavigation.idl @@ -205,6 +205,12 @@ interface nsIWebNavigation : nsISupports */ const unsigned long LOAD_FLAGS_FIXUP_SCHEME_TYPOS = 0x200000; + /** + * Allows a top-level data: navigation to occur. E.g. view-image + * is an explicit user action which should be allowed. + */ + const unsigned long LOAD_FLAGS_FORCE_ALLOW_DATA_URI = 0x400000; + /** * Loads a given URI. This will give priority to loading the requested URI * in the object implementing this interface. If it can't be loaded here -- cgit v1.2.3 From a38e87d455f6ad3637deeae20d2ddc57430b498d Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 20:37:09 +0200 Subject: Bug 1329288 - Test ContentPolicy blocks opening a new window --- .../file_contentpolicy_block_window.html | 5 ++ docshell/test/navigation/mochitest.ini | 2 + .../test_contentpolicy_block_window.html | 96 ++++++++++++++++++++++ 3 files changed, 103 insertions(+) create mode 100644 docshell/test/navigation/file_contentpolicy_block_window.html create mode 100644 docshell/test/navigation/test_contentpolicy_block_window.html (limited to 'docshell') diff --git a/docshell/test/navigation/file_contentpolicy_block_window.html b/docshell/test/navigation/file_contentpolicy_block_window.html new file mode 100644 index 000000000..c51e574e5 --- /dev/null +++ b/docshell/test/navigation/file_contentpolicy_block_window.html @@ -0,0 +1,5 @@ + + +This window should never be openend! + + diff --git a/docshell/test/navigation/mochitest.ini b/docshell/test/navigation/mochitest.ini index 0c35cf352..764e400a8 100644 --- a/docshell/test/navigation/mochitest.ini +++ b/docshell/test/navigation/mochitest.ini @@ -36,6 +36,7 @@ support-files = file_bug1300461_redirect.html file_bug1300461_redirect.html^headers^ file_bug1300461_back.html + file_contentpolicy_block_window.html [test_bug13871.html] [test_bug270414.html] @@ -62,3 +63,4 @@ skip-if = toolkit == 'android' #RANDOM [test_triggeringprincipal_window_open.html] [test_triggeringprincipal_parent_iframe_window_open.html] [test_triggeringprincipal_iframe_iframe_window_open.html] +[test_contentpolicy_block_window.html] diff --git a/docshell/test/navigation/test_contentpolicy_block_window.html b/docshell/test/navigation/test_contentpolicy_block_window.html new file mode 100644 index 000000000..651be825c --- /dev/null +++ b/docshell/test/navigation/test_contentpolicy_block_window.html @@ -0,0 +1,96 @@ + + + + + Test for Bug 1329288 + + + + +Mozilla Bug 1329288 + + + +This is a link + + + + -- cgit v1.2.3 From 95c46082414632687e3ddd52435d476ab9dc320f Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 20:38:02 +0200 Subject: Bug 1329288: Allow content policy consumers to identify contentPolicy checks from docshell --- docshell/base/nsDocShell.cpp | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index f3db4a3cb..b1fcc5c23 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -139,6 +139,7 @@ #include "nsISiteSecurityService.h" #include "nsStructuredCloneContainer.h" #include "nsIStructuredCloneContainer.h" +#include "nsISupportsPrimitives.h" #ifdef MOZ_PLACES #include "nsIFaviconService.h" #include "mozIPlacesPendingOperation.h" @@ -9931,13 +9932,24 @@ nsDocShell::InternalLoad(nsIURI* aURI, #endif } + // Since Content Policy checks are performed within docShell as well as + // the ContentSecurityManager we need a reliable way to let certain + // nsIContentPolicy consumers ignore duplicate calls. Let's use the 'extra' + // argument to pass a specific identifier. + nsCOMPtr extraStr = + do_CreateInstance(NS_SUPPORTS_STRING_CONTRACTID, &rv); + NS_ENSURE_SUCCESS(rv, rv); + NS_NAMED_LITERAL_STRING(msg, "conPolCheckFromDocShell"); + rv = extraStr->SetData(msg); + NS_ENSURE_SUCCESS(rv, rv); + int16_t shouldLoad = nsIContentPolicy::ACCEPT; rv = NS_CheckContentLoadPolicy(contentType, aURI, aTriggeringPrincipal, requestingContext, EmptyCString(), // mime guess - nullptr, // extra + extraStr, // extra &shouldLoad); if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) { -- cgit v1.2.3 From 29bd11c3cd6ff41f7167530f9bbcd9d195b7c427 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 21:47:27 +0200 Subject: Bug 1182569: Use AsyncOpen2 for docshell loads native in moebius --- docshell/base/nsDocShell.cpp | 23 +++-------------------- 1 file changed, 3 insertions(+), 20 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index b1fcc5c23..6810d0179 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -69,7 +69,6 @@ #include "nsIScriptSecurityManager.h" #include "nsIScriptObjectPrincipal.h" #include "nsIScrollableFrame.h" -#include "nsContentPolicyUtils.h" // NS_CheckContentLoadPolicy(...) #include "nsISeekableStream.h" #include "nsAutoPtr.h" #include "nsQueryObject.h" @@ -1644,7 +1643,7 @@ nsDocShell::LoadStream(nsIInputStream* aStream, nsIURI* aURI, uri, aStream, triggeringPrincipal, - nsILoadInfo::SEC_NORMAL, + nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL, nsIContentPolicy::TYPE_OTHER, aContentType, aContentCharset); @@ -9943,23 +9942,6 @@ nsDocShell::InternalLoad(nsIURI* aURI, rv = extraStr->SetData(msg); NS_ENSURE_SUCCESS(rv, rv); - int16_t shouldLoad = nsIContentPolicy::ACCEPT; - rv = NS_CheckContentLoadPolicy(contentType, - aURI, - aTriggeringPrincipal, - requestingContext, - EmptyCString(), // mime guess - extraStr, // extra - &shouldLoad); - - if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) { - if (NS_SUCCEEDED(rv) && shouldLoad == nsIContentPolicy::REJECT_TYPE) { - return NS_ERROR_CONTENT_BLOCKED_SHOW_ALT; - } - - return NS_ERROR_CONTENT_BLOCKED; - } - // If HSTS priming was set by nsMixedContentBlocker::ShouldLoad, and we // would block due to mixed content, go ahead and block here. If we try to // proceed with priming, we will error out later on. @@ -10949,7 +10931,8 @@ nsDocShell::DoURILoad(nsIURI* aURI, } nsLoadFlags loadFlags = mDefaultLoadFlags; - nsSecurityFlags securityFlags = nsILoadInfo::SEC_NORMAL; + nsSecurityFlags securityFlags = + nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL; if (aFirstParty) { // tag first party URL loads -- cgit v1.2.3 From 5b0f4649b3fee771379af60ec04d43b8a525cf80 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 21:59:46 +0200 Subject: Bug 1182569 - Skip security check for plugins using newstream attribute native in moebius --- docshell/base/nsDocShell.cpp | 28 ++++++++++++++++++++-------- docshell/base/nsDocShell.h | 6 ++++-- docshell/base/nsILinkHandler.h | 10 ++++++++-- 3 files changed, 32 insertions(+), 12 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 6810d0179..8167a76ec 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -13888,7 +13888,8 @@ public: const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted); + bool aIsTrusted, + nsIPrincipal* aTriggeringPrincipal); NS_IMETHOD Run() override { @@ -13904,7 +13905,7 @@ public: mHandler->OnLinkClickSync(mContent, mURI, mTargetSpec.get(), mFileName, mPostDataStream, mHeadersDataStream, - nullptr, nullptr); + nullptr, nullptr, mTriggeringPrincipal); } return NS_OK; } @@ -13919,6 +13920,7 @@ private: nsCOMPtr mContent; PopupControlState mPopupState; bool mIsTrusted; + nsCOMPtr mTriggeringPrincipal; }; OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler, @@ -13928,7 +13930,8 @@ OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler, const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted) + bool aIsTrusted, + nsIPrincipal* aTriggeringPrincipal) : mHandler(aHandler) , mURI(aURI) , mTargetSpec(aTargetSpec) @@ -13938,6 +13941,7 @@ OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler, , mContent(aContent) , mPopupState(mHandler->mScriptGlobal->GetPopupControlState()) , mIsTrusted(aIsTrusted) + , mTriggeringPrincipal(aTriggeringPrincipal) { } @@ -13948,7 +13952,8 @@ nsDocShell::OnLinkClick(nsIContent* aContent, const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted) + bool aIsTrusted, + nsIPrincipal* aTriggeringPrincipal) { NS_ASSERTION(NS_IsMainThread(), "wrong thread"); @@ -13987,7 +13992,8 @@ nsDocShell::OnLinkClick(nsIContent* aContent, nsCOMPtr ev = new OnLinkClickEvent(this, aContent, aURI, target.get(), aFileName, - aPostDataStream, aHeadersDataStream, aIsTrusted); + aPostDataStream, aHeadersDataStream, + aIsTrusted, aTriggeringPrincipal); return NS_DispatchToCurrentThread(ev); } @@ -13999,7 +14005,8 @@ nsDocShell::OnLinkClickSync(nsIContent* aContent, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, nsIDocShell** aDocShell, - nsIRequest** aRequest) + nsIRequest** aRequest, + nsIPrincipal* aTriggeringPrincipal) { // Initialize the DocShell / Request if (aDocShell) { @@ -14122,13 +14129,18 @@ nsDocShell::OnLinkClickSync(nsIContent* aContent, return NS_ERROR_OUT_OF_MEMORY; } + // if the triggeringPrincipal is not passed explicitly, then we + // fall back to using doc->NodePrincipal() as the triggeringPrincipal. + nsCOMPtr triggeringPrincipal = + aTriggeringPrincipal ? aTriggeringPrincipal + : aContent->NodePrincipal(); + nsresult rv = InternalLoad(clonedURI, // New URI nullptr, // Original URI false, // LoadReplace referer, // Referer URI refererPolicy, // Referer policy - aContent->NodePrincipal(), // Triggering is our node's - // principal + triggeringPrincipal, aContent->NodePrincipal(), flags, target, // Window target diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h index 63a4e3358..f510a15b0 100644 --- a/docshell/base/nsDocShell.h +++ b/docshell/base/nsDocShell.h @@ -201,7 +201,8 @@ public: const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted) override; + bool aIsTrusted, + nsIPrincipal* aTriggeringPrincipal) override; NS_IMETHOD OnLinkClickSync(nsIContent* aContent, nsIURI* aURI, const char16_t* aTargetSpec, @@ -209,7 +210,8 @@ public: nsIInputStream* aPostDataStream = 0, nsIInputStream* aHeadersDataStream = 0, nsIDocShell** aDocShell = 0, - nsIRequest** aRequest = 0) override; + nsIRequest** aRequest = 0, + nsIPrincipal* aTriggeringPrincipal = nullptr) override; NS_IMETHOD OnOverLink(nsIContent* aContent, nsIURI* aURI, const char16_t* aTargetSpec) override; diff --git a/docshell/base/nsILinkHandler.h b/docshell/base/nsILinkHandler.h index 7cdcd566d..7069f1f1d 100644 --- a/docshell/base/nsILinkHandler.h +++ b/docshell/base/nsILinkHandler.h @@ -37,6 +37,8 @@ public: * @param aFileName non-null when the link should be downloaded as the given file * @param aHeadersDataStream ??? * @param aIsTrusted false if the triggerer is an untrusted DOM event. + * @param aTriggeringPrincipal, if not passed explicitly we fall back to + * the document's principal. */ NS_IMETHOD OnLinkClick(nsIContent* aContent, nsIURI* aURI, @@ -44,7 +46,8 @@ public: const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted) = 0; + bool aIsTrusted, + nsIPrincipal* aTriggeringPrincipal) = 0; /** * Process a click on a link. @@ -61,6 +64,8 @@ public: * @param aHeadersDataStream ??? * @param aDocShell (out-param) the DocShell that the request was opened on * @param aRequest the request that was opened + * @param aTriggeringPrincipal, if not passed explicitly we fall back to + * the document's principal. */ NS_IMETHOD OnLinkClickSync(nsIContent* aContent, nsIURI* aURI, @@ -69,7 +74,8 @@ public: nsIInputStream* aPostDataStream = 0, nsIInputStream* aHeadersDataStream = 0, nsIDocShell** aDocShell = 0, - nsIRequest** aRequest = 0) = 0; + nsIRequest** aRequest = 0, + nsIPrincipal* aTriggeringPrincipal = nullptr) = 0; /** * Process a mouse-over a link. -- cgit v1.2.3 From 13f3978a14cb90eb01fc7f185f62b2ee2ac9f466 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 22:16:58 +0200 Subject: Revert "Bug 1182569 - Skip security check for plugins using newstream attribute" This reverts commit 5b0f4649b3fee771379af60ec04d43b8a525cf80. --- docshell/base/nsDocShell.cpp | 28 ++++++++-------------------- docshell/base/nsDocShell.h | 6 ++---- docshell/base/nsILinkHandler.h | 10 ++-------- 3 files changed, 12 insertions(+), 32 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 8167a76ec..6810d0179 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -13888,8 +13888,7 @@ public: const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted, - nsIPrincipal* aTriggeringPrincipal); + bool aIsTrusted); NS_IMETHOD Run() override { @@ -13905,7 +13904,7 @@ public: mHandler->OnLinkClickSync(mContent, mURI, mTargetSpec.get(), mFileName, mPostDataStream, mHeadersDataStream, - nullptr, nullptr, mTriggeringPrincipal); + nullptr, nullptr); } return NS_OK; } @@ -13920,7 +13919,6 @@ private: nsCOMPtr mContent; PopupControlState mPopupState; bool mIsTrusted; - nsCOMPtr mTriggeringPrincipal; }; OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler, @@ -13930,8 +13928,7 @@ OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler, const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted, - nsIPrincipal* aTriggeringPrincipal) + bool aIsTrusted) : mHandler(aHandler) , mURI(aURI) , mTargetSpec(aTargetSpec) @@ -13941,7 +13938,6 @@ OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler, , mContent(aContent) , mPopupState(mHandler->mScriptGlobal->GetPopupControlState()) , mIsTrusted(aIsTrusted) - , mTriggeringPrincipal(aTriggeringPrincipal) { } @@ -13952,8 +13948,7 @@ nsDocShell::OnLinkClick(nsIContent* aContent, const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted, - nsIPrincipal* aTriggeringPrincipal) + bool aIsTrusted) { NS_ASSERTION(NS_IsMainThread(), "wrong thread"); @@ -13992,8 +13987,7 @@ nsDocShell::OnLinkClick(nsIContent* aContent, nsCOMPtr ev = new OnLinkClickEvent(this, aContent, aURI, target.get(), aFileName, - aPostDataStream, aHeadersDataStream, - aIsTrusted, aTriggeringPrincipal); + aPostDataStream, aHeadersDataStream, aIsTrusted); return NS_DispatchToCurrentThread(ev); } @@ -14005,8 +13999,7 @@ nsDocShell::OnLinkClickSync(nsIContent* aContent, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, nsIDocShell** aDocShell, - nsIRequest** aRequest, - nsIPrincipal* aTriggeringPrincipal) + nsIRequest** aRequest) { // Initialize the DocShell / Request if (aDocShell) { @@ -14129,18 +14122,13 @@ nsDocShell::OnLinkClickSync(nsIContent* aContent, return NS_ERROR_OUT_OF_MEMORY; } - // if the triggeringPrincipal is not passed explicitly, then we - // fall back to using doc->NodePrincipal() as the triggeringPrincipal. - nsCOMPtr triggeringPrincipal = - aTriggeringPrincipal ? aTriggeringPrincipal - : aContent->NodePrincipal(); - nsresult rv = InternalLoad(clonedURI, // New URI nullptr, // Original URI false, // LoadReplace referer, // Referer URI refererPolicy, // Referer policy - triggeringPrincipal, + aContent->NodePrincipal(), // Triggering is our node's + // principal aContent->NodePrincipal(), flags, target, // Window target diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h index f510a15b0..63a4e3358 100644 --- a/docshell/base/nsDocShell.h +++ b/docshell/base/nsDocShell.h @@ -201,8 +201,7 @@ public: const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted, - nsIPrincipal* aTriggeringPrincipal) override; + bool aIsTrusted) override; NS_IMETHOD OnLinkClickSync(nsIContent* aContent, nsIURI* aURI, const char16_t* aTargetSpec, @@ -210,8 +209,7 @@ public: nsIInputStream* aPostDataStream = 0, nsIInputStream* aHeadersDataStream = 0, nsIDocShell** aDocShell = 0, - nsIRequest** aRequest = 0, - nsIPrincipal* aTriggeringPrincipal = nullptr) override; + nsIRequest** aRequest = 0) override; NS_IMETHOD OnOverLink(nsIContent* aContent, nsIURI* aURI, const char16_t* aTargetSpec) override; diff --git a/docshell/base/nsILinkHandler.h b/docshell/base/nsILinkHandler.h index 7069f1f1d..7cdcd566d 100644 --- a/docshell/base/nsILinkHandler.h +++ b/docshell/base/nsILinkHandler.h @@ -37,8 +37,6 @@ public: * @param aFileName non-null when the link should be downloaded as the given file * @param aHeadersDataStream ??? * @param aIsTrusted false if the triggerer is an untrusted DOM event. - * @param aTriggeringPrincipal, if not passed explicitly we fall back to - * the document's principal. */ NS_IMETHOD OnLinkClick(nsIContent* aContent, nsIURI* aURI, @@ -46,8 +44,7 @@ public: const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted, - nsIPrincipal* aTriggeringPrincipal) = 0; + bool aIsTrusted) = 0; /** * Process a click on a link. @@ -64,8 +61,6 @@ public: * @param aHeadersDataStream ??? * @param aDocShell (out-param) the DocShell that the request was opened on * @param aRequest the request that was opened - * @param aTriggeringPrincipal, if not passed explicitly we fall back to - * the document's principal. */ NS_IMETHOD OnLinkClickSync(nsIContent* aContent, nsIURI* aURI, @@ -74,8 +69,7 @@ public: nsIInputStream* aPostDataStream = 0, nsIInputStream* aHeadersDataStream = 0, nsIDocShell** aDocShell = 0, - nsIRequest** aRequest = 0, - nsIPrincipal* aTriggeringPrincipal = nullptr) = 0; + nsIRequest** aRequest = 0) = 0; /** * Process a mouse-over a link. -- cgit v1.2.3 From 30621a6307171f009948001b3730c5b61b894048 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 22:17:18 +0200 Subject: Revert "Bug 1182569: Use AsyncOpen2 for docshell loads" This reverts commit 29bd11c3cd6ff41f7167530f9bbcd9d195b7c427. --- docshell/base/nsDocShell.cpp | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 6810d0179..b1fcc5c23 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -69,6 +69,7 @@ #include "nsIScriptSecurityManager.h" #include "nsIScriptObjectPrincipal.h" #include "nsIScrollableFrame.h" +#include "nsContentPolicyUtils.h" // NS_CheckContentLoadPolicy(...) #include "nsISeekableStream.h" #include "nsAutoPtr.h" #include "nsQueryObject.h" @@ -1643,7 +1644,7 @@ nsDocShell::LoadStream(nsIInputStream* aStream, nsIURI* aURI, uri, aStream, triggeringPrincipal, - nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL, + nsILoadInfo::SEC_NORMAL, nsIContentPolicy::TYPE_OTHER, aContentType, aContentCharset); @@ -9942,6 +9943,23 @@ nsDocShell::InternalLoad(nsIURI* aURI, rv = extraStr->SetData(msg); NS_ENSURE_SUCCESS(rv, rv); + int16_t shouldLoad = nsIContentPolicy::ACCEPT; + rv = NS_CheckContentLoadPolicy(contentType, + aURI, + aTriggeringPrincipal, + requestingContext, + EmptyCString(), // mime guess + extraStr, // extra + &shouldLoad); + + if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) { + if (NS_SUCCEEDED(rv) && shouldLoad == nsIContentPolicy::REJECT_TYPE) { + return NS_ERROR_CONTENT_BLOCKED_SHOW_ALT; + } + + return NS_ERROR_CONTENT_BLOCKED; + } + // If HSTS priming was set by nsMixedContentBlocker::ShouldLoad, and we // would block due to mixed content, go ahead and block here. If we try to // proceed with priming, we will error out later on. @@ -10931,8 +10949,7 @@ nsDocShell::DoURILoad(nsIURI* aURI, } nsLoadFlags loadFlags = mDefaultLoadFlags; - nsSecurityFlags securityFlags = - nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL; + nsSecurityFlags securityFlags = nsILoadInfo::SEC_NORMAL; if (aFirstParty) { // tag first party URL loads -- cgit v1.2.3 From ccbd5ecf57fcd53ac8b28ddf7466b6c930f764df Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 23 Apr 2018 00:13:56 +0200 Subject: moebius#187: DOM - nsIContentPolicy - context (document) https://github.com/MoonchildProductions/moebius/pull/187 --- docshell/base/nsDocShell.cpp | 74 +++++++++++++++++++++++++------------------- 1 file changed, 43 insertions(+), 31 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index b1fcc5c23..bd2a8a433 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -9896,40 +9896,29 @@ nsDocShell::InternalLoad(nsIURI* aURI, contentType = nsIContentPolicy::TYPE_DOCUMENT; } - // If there's no targetDocShell, that means we are about to create a new window, - // perform a content policy check before creating the window. - if (!targetDocShell) { - nsCOMPtr requestingElement; + // If there's no targetDocShell, that means we are about to create a new + // window (or aWindowTarget is empty). Perform a content policy check before + // creating the window. Please note for all other docshell loads + // content policy checks are performed within the contentSecurityManager + // when the channel is about to be openend. + if (!targetDocShell && !aWindowTarget.IsEmpty()) { + MOZ_ASSERT(contentType == nsIContentPolicy::TYPE_DOCUMENT, + "opening a new window requires type to be TYPE_DOCUMENT"); + nsISupports* requestingContext = nullptr; - if (contentType == nsIContentPolicy::TYPE_DOCUMENT) { - if (XRE_IsContentProcess()) { - // In e10s the child process doesn't have access to the element that - // contains the browsing context (because that element is in the chrome - // process). So we just pass mScriptGlobal. - requestingContext = ToSupports(mScriptGlobal); - } else { - // This is for loading non-e10s tabs and toplevel windows of various - // sorts. - // For the toplevel window cases, requestingElement will be null. - requestingElement = mScriptGlobal->AsOuter()->GetFrameElementInternal(); - requestingContext = requestingElement; - } + if (XRE_IsContentProcess()) { + // In e10s the child process doesn't have access to the element that + // contains the browsing context (because that element is in the chrome + // process). So we just pass mScriptGlobal. + requestingContext = ToSupports(mScriptGlobal); } else { - requestingElement = mScriptGlobal->AsOuter()->GetFrameElementInternal(); + // This is for loading non-e10s tabs and toplevel windows of various + // sorts. + // For the toplevel window cases, requestingElement will be null. + nsCOMPtr requestingElement = + mScriptGlobal->AsOuter()->GetFrameElementInternal(); requestingContext = requestingElement; - -#ifdef DEBUG - if (requestingElement) { - // Get the docshell type for requestingElement. - nsCOMPtr requestingDoc = requestingElement->OwnerDoc(); - nsCOMPtr elementDocShell = requestingDoc->GetDocShell(); - - // requestingElement docshell type = current docshell type. - MOZ_ASSERT(mItemType == elementDocShell->ItemType(), - "subframes should have the same docshell type as their parent"); - } -#endif } // Since Content Policy checks are performed within docShell as well as @@ -10911,17 +10900,40 @@ nsDocShell::DoURILoad(nsIURI* aURI, nsCOMPtr loadingNode; nsCOMPtr loadingWindow; nsCOMPtr loadingPrincipal; + nsCOMPtr topLevelLoadingContext; if (aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT) { loadingNode = nullptr; loadingPrincipal = nullptr; loadingWindow = mScriptGlobal->AsOuter(); + if (XRE_IsContentProcess()) { + // In e10s the child process doesn't have access to the element that + // contains the browsing context (because that element is in the chrome + // process). + nsCOMPtr tabChild = GetTabChild(); + topLevelLoadingContext = ToSupports(tabChild); + } else { + // This is for loading non-e10s tabs and toplevel windows of various + // sorts. + // For the toplevel window cases, requestingElement will be null. + nsCOMPtr requestingElement = + loadingWindow->GetFrameElementInternal(); + topLevelLoadingContext = requestingElement; + } } else { loadingWindow = nullptr; loadingNode = mScriptGlobal->AsOuter()->GetFrameElementInternal(); if (loadingNode) { // If we have a loading node, then use that as our loadingPrincipal. loadingPrincipal = loadingNode->NodePrincipal(); +#ifdef DEBUG + // Get the docshell type for requestingElement. + nsCOMPtr requestingDoc = loadingNode->OwnerDoc(); + nsCOMPtr elementDocShell = requestingDoc->GetDocShell(); + // requestingElement docshell type = current docshell type. + MOZ_ASSERT(mItemType == elementDocShell->ItemType(), + "subframes should have the same docshell type as their parent"); +#endif } else { // If this isn't a top-level load and mScriptGlobal's frame element is // null, then the element got removed from the DOM while we were trying @@ -10971,7 +10983,7 @@ nsDocShell::DoURILoad(nsIURI* aURI, nsCOMPtr loadInfo = (aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT) ? - new LoadInfo(loadingWindow, aTriggeringPrincipal, + new LoadInfo(loadingWindow, aTriggeringPrincipal, topLevelLoadingContext, securityFlags) : new LoadInfo(loadingPrincipal, aTriggeringPrincipal, loadingNode, securityFlags, aContentPolicyType); -- cgit v1.2.3 From e66562aa8b7bed7f194355eb3953ead052e2aa48 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 21:00:21 +0200 Subject: Bug 1182569: Use AsyncOpen2 for docshell loads --- docshell/base/nsDocShell.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index bd2a8a433..de8f79f0a 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -1644,7 +1644,7 @@ nsDocShell::LoadStream(nsIInputStream* aStream, nsIURI* aURI, uri, aStream, triggeringPrincipal, - nsILoadInfo::SEC_NORMAL, + nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL, nsIContentPolicy::TYPE_OTHER, aContentType, aContentCharset); @@ -10961,7 +10961,8 @@ nsDocShell::DoURILoad(nsIURI* aURI, } nsLoadFlags loadFlags = mDefaultLoadFlags; - nsSecurityFlags securityFlags = nsILoadInfo::SEC_NORMAL; + nsSecurityFlags securityFlags = + nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL; if (aFirstParty) { // tag first party URL loads -- cgit v1.2.3 From d45c25971c084ba4afb38cec530f789969d6a338 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 22:09:55 +0200 Subject: Bug 1182569 - Skip security check for plugins using newstream attribute --- docshell/base/nsDocShell.cpp | 28 ++++++++++++++++++++-------- docshell/base/nsDocShell.h | 6 ++++-- docshell/base/nsILinkHandler.h | 10 ++++++++-- 3 files changed, 32 insertions(+), 12 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index de8f79f0a..d67941620 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -13918,7 +13918,8 @@ public: const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted); + bool aIsTrusted, + nsIPrincipal* aTriggeringPrincipal); NS_IMETHOD Run() override { @@ -13934,7 +13935,7 @@ public: mHandler->OnLinkClickSync(mContent, mURI, mTargetSpec.get(), mFileName, mPostDataStream, mHeadersDataStream, - nullptr, nullptr); + nullptr, nullptr, mTriggeringPrincipal); } return NS_OK; } @@ -13949,6 +13950,7 @@ private: nsCOMPtr mContent; PopupControlState mPopupState; bool mIsTrusted; + nsCOMPtr mTriggeringPrincipal; }; OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler, @@ -13958,7 +13960,8 @@ OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler, const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted) + bool aIsTrusted, + nsIPrincipal* aTriggeringPrincipal) : mHandler(aHandler) , mURI(aURI) , mTargetSpec(aTargetSpec) @@ -13968,6 +13971,7 @@ OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler, , mContent(aContent) , mPopupState(mHandler->mScriptGlobal->GetPopupControlState()) , mIsTrusted(aIsTrusted) + , mTriggeringPrincipal(aTriggeringPrincipal) { } @@ -13978,7 +13982,8 @@ nsDocShell::OnLinkClick(nsIContent* aContent, const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted) + bool aIsTrusted, + nsIPrincipal* aTriggeringPrincipal) { NS_ASSERTION(NS_IsMainThread(), "wrong thread"); @@ -14017,7 +14022,8 @@ nsDocShell::OnLinkClick(nsIContent* aContent, nsCOMPtr ev = new OnLinkClickEvent(this, aContent, aURI, target.get(), aFileName, - aPostDataStream, aHeadersDataStream, aIsTrusted); + aPostDataStream, aHeadersDataStream, + aIsTrusted, aTriggeringPrincipal); return NS_DispatchToCurrentThread(ev); } @@ -14029,7 +14035,8 @@ nsDocShell::OnLinkClickSync(nsIContent* aContent, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, nsIDocShell** aDocShell, - nsIRequest** aRequest) + nsIRequest** aRequest, + nsIPrincipal* aTriggeringPrincipal) { // Initialize the DocShell / Request if (aDocShell) { @@ -14152,13 +14159,18 @@ nsDocShell::OnLinkClickSync(nsIContent* aContent, return NS_ERROR_OUT_OF_MEMORY; } + // if the triggeringPrincipal is not passed explicitly, then we + // fall back to using doc->NodePrincipal() as the triggeringPrincipal. + nsCOMPtr triggeringPrincipal = + aTriggeringPrincipal ? aTriggeringPrincipal + : aContent->NodePrincipal(); + nsresult rv = InternalLoad(clonedURI, // New URI nullptr, // Original URI false, // LoadReplace referer, // Referer URI refererPolicy, // Referer policy - aContent->NodePrincipal(), // Triggering is our node's - // principal + triggeringPrincipal, aContent->NodePrincipal(), flags, target, // Window target diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h index 63a4e3358..f510a15b0 100644 --- a/docshell/base/nsDocShell.h +++ b/docshell/base/nsDocShell.h @@ -201,7 +201,8 @@ public: const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted) override; + bool aIsTrusted, + nsIPrincipal* aTriggeringPrincipal) override; NS_IMETHOD OnLinkClickSync(nsIContent* aContent, nsIURI* aURI, const char16_t* aTargetSpec, @@ -209,7 +210,8 @@ public: nsIInputStream* aPostDataStream = 0, nsIInputStream* aHeadersDataStream = 0, nsIDocShell** aDocShell = 0, - nsIRequest** aRequest = 0) override; + nsIRequest** aRequest = 0, + nsIPrincipal* aTriggeringPrincipal = nullptr) override; NS_IMETHOD OnOverLink(nsIContent* aContent, nsIURI* aURI, const char16_t* aTargetSpec) override; diff --git a/docshell/base/nsILinkHandler.h b/docshell/base/nsILinkHandler.h index 7cdcd566d..7069f1f1d 100644 --- a/docshell/base/nsILinkHandler.h +++ b/docshell/base/nsILinkHandler.h @@ -37,6 +37,8 @@ public: * @param aFileName non-null when the link should be downloaded as the given file * @param aHeadersDataStream ??? * @param aIsTrusted false if the triggerer is an untrusted DOM event. + * @param aTriggeringPrincipal, if not passed explicitly we fall back to + * the document's principal. */ NS_IMETHOD OnLinkClick(nsIContent* aContent, nsIURI* aURI, @@ -44,7 +46,8 @@ public: const nsAString& aFileName, nsIInputStream* aPostDataStream, nsIInputStream* aHeadersDataStream, - bool aIsTrusted) = 0; + bool aIsTrusted, + nsIPrincipal* aTriggeringPrincipal) = 0; /** * Process a click on a link. @@ -61,6 +64,8 @@ public: * @param aHeadersDataStream ??? * @param aDocShell (out-param) the DocShell that the request was opened on * @param aRequest the request that was opened + * @param aTriggeringPrincipal, if not passed explicitly we fall back to + * the document's principal. */ NS_IMETHOD OnLinkClickSync(nsIContent* aContent, nsIURI* aURI, @@ -69,7 +74,8 @@ public: nsIInputStream* aPostDataStream = 0, nsIInputStream* aHeadersDataStream = 0, nsIDocShell** aDocShell = 0, - nsIRequest** aRequest = 0) = 0; + nsIRequest** aRequest = 0, + nsIPrincipal* aTriggeringPrincipal = nullptr) = 0; /** * Process a mouse-over a link. -- cgit v1.2.3 From 74858918fa2445f7e4ebc4b615ec073d528039f1 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 22:57:23 +0200 Subject: Bug 1329032 - Extend loadURIWithOptions by a triggeringPrincipal (without an hard e10s) --- docshell/base/nsDocShell.cpp | 8 +++++--- docshell/base/nsIWebNavigation.idl | 23 +++++++++++++++-------- docshell/shistory/nsSHistory.cpp | 3 ++- 3 files changed, 22 insertions(+), 12 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index d67941620..d7cb557ab 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -4732,7 +4732,7 @@ nsDocShell::LoadURI(const char16_t* aURI, { return LoadURIWithOptions(aURI, aLoadFlags, aReferringURI, mozilla::net::RP_Default, aPostStream, - aHeaderStream, nullptr); + aHeaderStream, nullptr, nullptr); } NS_IMETHODIMP @@ -4742,7 +4742,8 @@ nsDocShell::LoadURIWithOptions(const char16_t* aURI, uint32_t aReferrerPolicy, nsIInputStream* aPostStream, nsIInputStream* aHeaderStream, - nsIURI* aBaseURI) + nsIURI* aBaseURI, + nsIPrincipal* aTriggeringPrincipal) { NS_ASSERTION((aLoadFlags & 0xf) == 0, "Unexpected flags"); @@ -4861,6 +4862,7 @@ nsDocShell::LoadURIWithOptions(const char16_t* aURI, loadInfo->SetReferrerPolicy(aReferrerPolicy); loadInfo->SetHeadersStream(aHeaderStream); loadInfo->SetBaseURI(aBaseURI); + loadInfo->SetTriggeringPrincipal(aTriggeringPrincipal); loadInfo->SetForceAllowDataURI(forceAllowDataURI); if (fixupInfo) { @@ -10606,7 +10608,7 @@ nsDocShell::InternalLoad(nsIURI* aURI, } bool shouldLoad; rv = browserChrome3->ShouldLoadURI(this, uriForShouldLoadCheck, aReferrer, - &shouldLoad); + aTriggeringPrincipal, &shouldLoad); if (NS_SUCCEEDED(rv) && !shouldLoad) { return NS_OK; } diff --git a/docshell/base/nsIWebNavigation.idl b/docshell/base/nsIWebNavigation.idl index 241d0731c..c3e2fc550 100644 --- a/docshell/base/nsIWebNavigation.idl +++ b/docshell/base/nsIWebNavigation.idl @@ -9,6 +9,7 @@ interface nsIDOMDocument; interface nsIInputStream; interface nsISHistory; interface nsIURI; +interface nsIPrincipal; /** * The nsIWebNavigation interface defines an interface for navigating the web. @@ -288,14 +289,20 @@ interface nsIWebNavigation : nsISupports * that at present this argument is only used with view-source aURIs * and cannot be used to resolve aURI. * This parameter is optional and may be null. - */ - void loadURIWithOptions(in wstring aURI, - in unsigned long aLoadFlags, - in nsIURI aReferrer, - in unsigned long aReferrerPolicy, - in nsIInputStream aPostData, - in nsIInputStream aHeaders, - in nsIURI aBaseURI); + * @param aTriggeringPrincipal + * The principal that initiated the load of aURI. If omitted docShell + * tries to create a codeBasePrincipal from aReferrer if not null. If + * aReferrer is also null docShell peforms a load using the + * SystemPrincipal as the triggeringPrincipal. + */ + void loadURIWithOptions(in wstring aURI, + in unsigned long aLoadFlags, + in nsIURI aReferrer, + in unsigned long aReferrerPolicy, + in nsIInputStream aPostData, + in nsIInputStream aHeaders, + in nsIURI aBaseURI, + [optional] in nsIPrincipal aTriggeringPrincipal); /** * Tells the Object to reload the current page. There may be cases where the diff --git a/docshell/shistory/nsSHistory.cpp b/docshell/shistory/nsSHistory.cpp index 7c148ffcc..9443b92bc 100644 --- a/docshell/shistory/nsSHistory.cpp +++ b/docshell/shistory/nsSHistory.cpp @@ -1582,7 +1582,8 @@ nsSHistory::LoadURIWithOptions(const char16_t* aURI, uint32_t aReferrerPolicy, nsIInputStream* aPostStream, nsIInputStream* aExtraHeaderStream, - nsIURI* aBaseURI) + nsIURI* aBaseURI, + nsIPrincipal* aTriggeringPrincipal) { return NS_OK; } -- cgit v1.2.3 From 6cb841b26e10af54559020b23a01ef93a639ac17 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 23:00:04 +0200 Subject: Bug 1332310 - Update AddState and CreateContentViewer to provide an accurate triggeringPrincipal for creating a history entry --- docshell/base/nsDocShell.cpp | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index d7cb557ab..be8cd6a8d 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -9147,8 +9147,13 @@ nsDocShell::CreateContentViewer(const nsACString& aContentType, // Make sure we have a URI to set currentURI. nsCOMPtr failedURI; + nsCOMPtr triggeringPrincipal; if (failedChannel) { NS_GetFinalChannelURI(failedChannel, getter_AddRefs(failedURI)); + } else { + // if there is no failed channel we have to explicitly provide + // a triggeringPrincipal for the history entry. + triggeringPrincipal = nsContentUtils::GetSystemPrincipal(); } if (!failedURI) { @@ -9169,7 +9174,8 @@ nsDocShell::CreateContentViewer(const nsACString& aContentType, // Create an shistory entry for the old load. if (failedURI) { bool errorOnLocationChangeNeeded = OnNewURI( - failedURI, failedChannel, nullptr, nullptr, mLoadType, false, false, false); + failedURI, failedChannel, triggeringPrincipal, + nullptr, mLoadType, false, false, false); if (errorOnLocationChangeNeeded) { FireOnLocationChange(this, failedChannel, failedURI, @@ -12126,7 +12132,9 @@ nsDocShell::AddState(JS::Handle aData, const nsAString& aTitle, // Since we're not changing which page we have loaded, pass // true for aCloneChildren. - rv = AddToSessionHistory(newURI, nullptr, nullptr, nullptr, true, + rv = AddToSessionHistory(newURI, nullptr, + document->NodePrincipal(), // triggeringPrincipal + nullptr, true, getter_AddRefs(newSHEntry)); NS_ENSURE_SUCCESS(rv, rv); -- cgit v1.2.3 From 2cb9f3ceb89038721eb9528dcc56dd33b66b0c85 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 23:02:01 +0200 Subject: Bug 1307736 - Ensure History loads pass valid triggeringPrincipal --- docshell/base/nsDocShell.cpp | 9 ++++----- docshell/shistory/nsSHEntry.cpp | 7 +++++++ 2 files changed, 11 insertions(+), 5 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index be8cd6a8d..1a6099d7a 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -12660,12 +12660,11 @@ nsDocShell::LoadHistoryEntry(nsISHEntry* aEntry, uint32_t aLoadType) srcdoc = NullString(); } - // If there is no triggeringPrincipal we can fall back to using the - // SystemPrincipal as the triggeringPrincipal for loading the history - // entry, since the history entry can only end up in history if security - // checks passed in the initial loading phase. + // If there is no valid triggeringPrincipal, we deny the load + MOZ_ASSERT(triggeringPrincipal, + "need a valid triggeringPrincipal to load from history"); if (!triggeringPrincipal) { - triggeringPrincipal = nsContentUtils::GetSystemPrincipal(); + return NS_ERROR_FAILURE; } // Passing nullptr as aSourceDocShell gives the same behaviour as before diff --git a/docshell/shistory/nsSHEntry.cpp b/docshell/shistory/nsSHEntry.cpp index 9d972136f..9d8bf5096 100644 --- a/docshell/shistory/nsSHEntry.cpp +++ b/docshell/shistory/nsSHEntry.cpp @@ -416,6 +416,9 @@ nsSHEntry::Create(nsIURI* aURI, const nsAString& aTitle, uint64_t aDocShellID, bool aDynamicCreation) { + MOZ_ASSERT(aTriggeringPrincipal, + "need a valid triggeringPrincipal to create a session history entry"); + mURI = aURI; mTitle = aTitle; mPostData = aInputStream; @@ -515,6 +518,10 @@ nsSHEntry::GetTriggeringPrincipal(nsIPrincipal** aTriggeringPrincipal) NS_IMETHODIMP nsSHEntry::SetTriggeringPrincipal(nsIPrincipal* aTriggeringPrincipal) { + MOZ_ASSERT(aTriggeringPrincipal, "need a valid triggeringPrincipal"); + if (!aTriggeringPrincipal) { + return NS_ERROR_FAILURE; + } mShared->mTriggeringPrincipal = aTriggeringPrincipal; return NS_OK; } -- cgit v1.2.3 From 490883811099db289db93051c1bf419680498452 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 23:06:51 +0200 Subject: Bug 1337622 - Temporarily fall back to SystemPrincipal if History entry does not have a valid triggeringPrincipal --- docshell/base/nsDocShell.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 1a6099d7a..39a39d917 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -12664,7 +12664,7 @@ nsDocShell::LoadHistoryEntry(nsISHEntry* aEntry, uint32_t aLoadType) MOZ_ASSERT(triggeringPrincipal, "need a valid triggeringPrincipal to load from history"); if (!triggeringPrincipal) { - return NS_ERROR_FAILURE; + triggeringPrincipal = nsContentUtils::GetSystemPrincipal(); } // Passing nullptr as aSourceDocShell gives the same behaviour as before -- cgit v1.2.3 From d9abe50072f85d9e890026938d947ebb5e452c65 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 23:10:01 +0200 Subject: Bug 1341589 - Test TriggeringPrincipal on history entry for view-source loads --- docshell/test/browser/browser.ini | 1 + ...owser_history_triggeringprincipal_viewsource.js | 50 ++++++++++++++++++++++ docshell/test/browser/dummy_page.html | 6 +++ 3 files changed, 57 insertions(+) create mode 100644 docshell/test/browser/browser_history_triggeringprincipal_viewsource.js create mode 100644 docshell/test/browser/dummy_page.html (limited to 'docshell') diff --git a/docshell/test/browser/browser.ini b/docshell/test/browser/browser.ini index 9211092a4..28d5010ed 100644 --- a/docshell/test/browser/browser.ini +++ b/docshell/test/browser/browser.ini @@ -1,5 +1,6 @@ [DEFAULT] support-files = + dummy_page.html favicon_bug655270.ico file_bug234628-1-child.html file_bug234628-1.html diff --git a/docshell/test/browser/browser_history_triggeringprincipal_viewsource.js b/docshell/test/browser/browser_history_triggeringprincipal_viewsource.js new file mode 100644 index 000000000..96908bbc2 --- /dev/null +++ b/docshell/test/browser/browser_history_triggeringprincipal_viewsource.js @@ -0,0 +1,50 @@ +"use strict"; + +const TEST_PATH = getRootDirectory(gTestPath).replace("chrome://mochitests/content", "http://example.com"); +const HTML_URI = TEST_PATH + "dummy_page.html"; +const VIEW_SRC_URI = "view-source:" + HTML_URI; + +add_task(function*() { + info("load baseline html in new tab"); + yield BrowserTestUtils.withNewTab(HTML_URI, function*(aBrowser) { + is(gBrowser.selectedBrowser.currentURI.spec, HTML_URI, + "sanity check to make sure html loaded"); + + info("right-click -> view-source of html"); + let vSrcCtxtMenu = document.getElementById("contentAreaContextMenu"); + let popupPromise = BrowserTestUtils.waitForEvent(vSrcCtxtMenu, "popupshown"); + BrowserTestUtils.synthesizeMouseAtCenter("body", { type: "contextmenu", button: 2 }, aBrowser); + yield popupPromise; + let tabPromise = BrowserTestUtils.waitForNewTab(gBrowser, VIEW_SRC_URI); + let vSrcItem = vSrcCtxtMenu.getElementsByAttribute("id", "context-viewsource")[0]; + vSrcItem.click(); + vSrcCtxtMenu.hidePopup(); + let tab = yield tabPromise; + is(gBrowser.selectedBrowser.currentURI.spec, VIEW_SRC_URI, + "loading view-source of html succeeded"); + + info ("load html file again before going .back()"); + let loadPromise = BrowserTestUtils.browserLoaded(tab.linkedBrowser, false, HTML_URI); + yield ContentTask.spawn(tab.linkedBrowser, HTML_URI, HTML_URI => { + content.document.location = HTML_URI; + }); + yield loadPromise; + is(gBrowser.selectedBrowser.currentURI.spec, HTML_URI, + "loading html another time succeeded"); + + info("click .back() to view-source of html again and make sure the history entry has a triggeringPrincipal"); + let backCtxtMenu = document.getElementById("contentAreaContextMenu"); + popupPromise = BrowserTestUtils.waitForEvent(backCtxtMenu, "popupshown"); + BrowserTestUtils.synthesizeMouseAtCenter("body", { type: "contextmenu", button: 2 }, aBrowser); + yield popupPromise; + loadPromise = BrowserTestUtils.browserLoaded(tab.linkedBrowser, false, VIEW_SRC_URI); + let backItem = backCtxtMenu.getElementsByAttribute("id", "context-back")[0]; + backItem.click(); + backCtxtMenu.hidePopup(); + yield loadPromise; + is(gBrowser.selectedBrowser.currentURI.spec, VIEW_SRC_URI, + "clicking .back() to view-source of html succeeded"); + + yield BrowserTestUtils.removeTab(tab); + }); +}); diff --git a/docshell/test/browser/dummy_page.html b/docshell/test/browser/dummy_page.html new file mode 100644 index 000000000..59bf2a5f8 --- /dev/null +++ b/docshell/test/browser/dummy_page.html @@ -0,0 +1,6 @@ + + + + just a dummy html file + + -- cgit v1.2.3 From 71e6952456e044fef8cd4ab2e1d1b972011a051e Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 23:11:43 +0200 Subject: Bug 1341754: Provide a valid triggeringPrincipal when calling SetURI in Location --- docshell/base/nsDocShell.cpp | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 39a39d917..5c002357f 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -10402,10 +10402,13 @@ nsDocShell::InternalLoad(nsIURI* aURI, * call OnNewURI() so that, this traversal will be * recorded in session and global history. */ - nsCOMPtr triggeringPrincipal, principalToInherit; + nsCOMPtr newURITriggeringPrincipal, newURIPrincipalToInherit; if (mOSHE) { - mOSHE->GetTriggeringPrincipal(getter_AddRefs(triggeringPrincipal)); - mOSHE->GetPrincipalToInherit(getter_AddRefs(principalToInherit)); + mOSHE->GetTriggeringPrincipal(getter_AddRefs(newURITriggeringPrincipal)); + mOSHE->GetPrincipalToInherit(getter_AddRefs(newURIPrincipalToInherit)); + } else { + newURITriggeringPrincipal = aTriggeringPrincipal; + newURIPrincipalToInherit = doc->NodePrincipal(); } // Pass true for aCloneSHChildren, since we're not // changing documents here, so all of our subframes are @@ -10415,7 +10418,7 @@ nsDocShell::InternalLoad(nsIURI* aURI, // flag on firing onLocationChange(...). // Anyway, aCloneSHChildren param is simply reflecting // doShortCircuitedLoad in this scope. - OnNewURI(aURI, nullptr, triggeringPrincipal, principalToInherit, + OnNewURI(aURI, nullptr, newURITriggeringPrincipal, newURIPrincipalToInherit, mLoadType, true, true, true); nsCOMPtr postData; -- cgit v1.2.3 From ecea4c51dc68427e4361a5d7204a7ca4ad9f8c4d Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 23:13:51 +0200 Subject: Bug 1341754: Test SetURI in Location passes triggeringPrincipal --- docshell/test/dummy_page.html | 6 ++ docshell/test/mochitest.ini | 2 + .../test_triggeringprincipal_location_seturi.html | 102 +++++++++++++++++++++ 3 files changed, 110 insertions(+) create mode 100644 docshell/test/dummy_page.html create mode 100644 docshell/test/test_triggeringprincipal_location_seturi.html (limited to 'docshell') diff --git a/docshell/test/dummy_page.html b/docshell/test/dummy_page.html new file mode 100644 index 000000000..59bf2a5f8 --- /dev/null +++ b/docshell/test/dummy_page.html @@ -0,0 +1,6 @@ + + + + just a dummy html file + + diff --git a/docshell/test/mochitest.ini b/docshell/test/mochitest.ini index 7b27908fb..2298bed74 100644 --- a/docshell/test/mochitest.ini +++ b/docshell/test/mochitest.ini @@ -11,6 +11,7 @@ support-files = bug668513_redirect.html bug668513_redirect.html^headers^ bug691547_frame.html + dummy_page.html file_anchor_scroll_after_document_open.html file_bug385434_1.html file_bug385434_2.html @@ -94,3 +95,4 @@ skip-if = toolkit == 'android' # bug 784321 support-files = file_framedhistoryframes.html [test_pushState_after_document_open.html] [test_windowedhistoryframes.html] +[test_triggeringprincipal_location_seturi.html] diff --git a/docshell/test/test_triggeringprincipal_location_seturi.html b/docshell/test/test_triggeringprincipal_location_seturi.html new file mode 100644 index 000000000..3b0c7bac5 --- /dev/null +++ b/docshell/test/test_triggeringprincipal_location_seturi.html @@ -0,0 +1,102 @@ + + + + + + + + + + + -- cgit v1.2.3 From b3a9d03344cfc41f3b3fac47e955bb2e82d4af24 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 23:48:06 +0200 Subject: Bug 1334875 - Temporarily remove assertion that history loads pass a valid triggeringprincipal --- docshell/base/nsDocShell.cpp | 3 --- docshell/shistory/nsSHEntry.cpp | 4 ---- 2 files changed, 7 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 5c002357f..62383bc6a 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -12663,9 +12663,6 @@ nsDocShell::LoadHistoryEntry(nsISHEntry* aEntry, uint32_t aLoadType) srcdoc = NullString(); } - // If there is no valid triggeringPrincipal, we deny the load - MOZ_ASSERT(triggeringPrincipal, - "need a valid triggeringPrincipal to load from history"); if (!triggeringPrincipal) { triggeringPrincipal = nsContentUtils::GetSystemPrincipal(); } diff --git a/docshell/shistory/nsSHEntry.cpp b/docshell/shistory/nsSHEntry.cpp index 9d8bf5096..6b0b066d9 100644 --- a/docshell/shistory/nsSHEntry.cpp +++ b/docshell/shistory/nsSHEntry.cpp @@ -518,10 +518,6 @@ nsSHEntry::GetTriggeringPrincipal(nsIPrincipal** aTriggeringPrincipal) NS_IMETHODIMP nsSHEntry::SetTriggeringPrincipal(nsIPrincipal* aTriggeringPrincipal) { - MOZ_ASSERT(aTriggeringPrincipal, "need a valid triggeringPrincipal"); - if (!aTriggeringPrincipal) { - return NS_ERROR_FAILURE; - } mShared->mTriggeringPrincipal = aTriggeringPrincipal; return NS_OK; } -- cgit v1.2.3 From 73b55c16d642156c58142d1ce4cfb79229cfadb0 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 23:49:41 +0200 Subject: Bug 1333147 - Do not use owner as triggeringPrincipal when creating session history entry --- docshell/base/nsDocShell.cpp | 5 ----- 1 file changed, 5 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 62383bc6a..8f924567c 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -12413,11 +12413,6 @@ nsDocShell::AddToSessionHistory(nsIURI* aURI, nsIChannel* aChannel, discardLayoutState = ShouldDiscardLayoutState(httpChannel); } - // XXX Bug 1286838: Replace channel owner with loadInfo triggeringPrincipal - nsCOMPtr owner; - aChannel->GetOwner(getter_AddRefs(owner)); - triggeringPrincipal = do_QueryInterface(owner); - nsCOMPtr loadInfo = aChannel->GetLoadInfo(); if (loadInfo) { if (!triggeringPrincipal) { -- cgit v1.2.3 From d735c1c1ad9b0ebaf24a0d468dda0b69bdaae060 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 23:54:01 +0200 Subject: Bug 1359204 - Use SystemPrincipal as TriggeringPrincipal when loading page as view-source --- docshell/base/nsDocShell.cpp | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 8f924567c..b3e26da33 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -5689,6 +5689,11 @@ nsDocShell::LoadPage(nsISupports* aPageDescriptor, uint32_t aDisplayType) } shEntry->SetURI(newUri); shEntry->SetOriginalURI(nullptr); + // shEntry's current triggering principal is whoever loaded that page initially. + // But now we're doing another load of the page, via an API that is only exposed + // to system code. The triggering principal for this load should be the system + // principal. + shEntry->SetTriggeringPrincipal(nsContentUtils::GetSystemPrincipal()); } rv = LoadHistoryEntry(shEntry, LOAD_HISTORY); -- cgit v1.2.3 From 8dcc716efdf415611f09e30f213342a484c70150 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Mon, 30 Apr 2018 23:56:11 +0200 Subject: Bug 1359204 - Test view-source can open link is not blocked by security policies --- docshell/test/browser/browser.ini | 2 + .../browser_click_link_within_view_source.js | 60 ++++++++++++++++++++++ .../file_click_link_within_view_source.html | 6 +++ 3 files changed, 68 insertions(+) create mode 100644 docshell/test/browser/browser_click_link_within_view_source.js create mode 100644 docshell/test/browser/file_click_link_within_view_source.html (limited to 'docshell') diff --git a/docshell/test/browser/browser.ini b/docshell/test/browser/browser.ini index 28d5010ed..300caff1a 100644 --- a/docshell/test/browser/browser.ini +++ b/docshell/test/browser/browser.ini @@ -46,6 +46,7 @@ support-files = browser_timelineMarkers-frame-05.js head.js frame-head.js + file_click_link_within_view_source.html [browser_bug1206879.js] [browser_bug1309900_crossProcessHistoryNavigation.js] @@ -92,3 +93,4 @@ skip-if = true # Bug 1220415 [browser_timelineMarkers-04.js] [browser_timelineMarkers-05.js] [browser_ua_emulation.js] +[browser_click_link_within_view_source.js] diff --git a/docshell/test/browser/browser_click_link_within_view_source.js b/docshell/test/browser/browser_click_link_within_view_source.js new file mode 100644 index 000000000..84cfc1f0f --- /dev/null +++ b/docshell/test/browser/browser_click_link_within_view_source.js @@ -0,0 +1,60 @@ +"use strict"; + +/** + * Test for Bug 1359204 + * + * Loading a local file, then view-source on that file. Make sure that + * clicking a link within that view-source page is not blocked by security checks. + */ + +add_task(function* test_click_link_within_view_source() { + let TEST_FILE = "file_click_link_within_view_source.html"; + let TEST_FILE_URI = getChromeDir(getResolvedURI(gTestPath)); + TEST_FILE_URI.append(TEST_FILE); + TEST_FILE_URI = Services.io.newFileURI(TEST_FILE_URI).spec; + + let DUMMY_FILE = "dummy_page.html"; + let DUMMY_FILE_URI = getChromeDir(getResolvedURI(gTestPath)); + DUMMY_FILE_URI.append(DUMMY_FILE); + DUMMY_FILE_URI = Services.io.newFileURI(DUMMY_FILE_URI).spec; + + yield BrowserTestUtils.withNewTab(TEST_FILE_URI, function*(aBrowser) { + let tabSpec = gBrowser.selectedBrowser.currentURI.spec; + info("loading: " + tabSpec); + ok(tabSpec.startsWith("file://") && tabSpec.endsWith(TEST_FILE), + "sanity check to make sure html loaded"); + + info("click view-source of html"); + let tabPromise = BrowserTestUtils.waitForNewTab(gBrowser); + document.getElementById("View:PageSource").doCommand(); + + let tab = yield tabPromise; + tabSpec = gBrowser.selectedBrowser.currentURI.spec; + info("loading: " + tabSpec); + ok(tabSpec.startsWith("view-source:file://") && tabSpec.endsWith(TEST_FILE), + "loading view-source of html succeeded"); + + info("click testlink within view-source page"); + let loadPromise = BrowserTestUtils.browserLoaded(tab.linkedBrowser, false, url => url.endsWith("dummy_page.html")); + yield ContentTask.spawn(gBrowser.selectedBrowser, {}, function*() { + if (content.document.readyState != "complete") { + yield ContentTaskUtils.waitForEvent(content.document, "readystatechange", false, () => + content.document.readyState == "complete"); + } + // document.getElementById() does not work on a view-source page, hence we use document.links + let linksOnPage = content.document.links; + is (linksOnPage.length, 1, "sanity check: make sure only one link is present on page"); + let myLink = content.document.links[0]; + myLink.click(); + }); + + yield loadPromise; + + tabSpec = gBrowser.selectedBrowser.currentURI.spec; + info("loading: " + tabSpec); + ok(tabSpec.startsWith("view-source:file://") && tabSpec.endsWith(DUMMY_FILE), + "loading view-source of html succeeded"); + + yield BrowserTestUtils.removeTab(tab); + }); +}); diff --git a/docshell/test/browser/file_click_link_within_view_source.html b/docshell/test/browser/file_click_link_within_view_source.html new file mode 100644 index 000000000..d78e4ba0f --- /dev/null +++ b/docshell/test/browser/file_click_link_within_view_source.html @@ -0,0 +1,6 @@ + + + + clickme + + -- cgit v1.2.3 From 4b7a2c677a8bda717cbc21f8e06ee43c0d9f0005 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 6 May 2018 14:31:20 +0200 Subject: moebius#231: Consider blocking top level window data: URIs (tests) https://github.com/MoonchildProductions/moebius/pull/231 --- docshell/base/crashtests/914521.html | 10 +++++++- docshell/test/chrome/test_bug364461.xul | 10 ++++++-- docshell/test/file_bug598895_1.html | 1 + docshell/test/file_bug598895_2.html | 1 + docshell/test/file_bug637644_1.html | 1 + docshell/test/file_bug637644_2.html | 1 + docshell/test/mochitest.ini | 4 ++++ docshell/test/navigation/NavigationUtils.js | 20 +++++++++------- .../test/navigation/file_scrollRestoration.html | 4 ++-- docshell/test/navigation/mochitest.ini | 2 ++ .../navigation/navigation_target_popup_url.html | 1 + .../test/navigation/navigation_target_url.html | 1 + docshell/test/navigation/open.html | 2 +- .../test_triggeringprincipal_window_open.html | 28 +++------------------- docshell/test/test_bug598895.html | 5 ++-- docshell/test/test_bug637644.html | 5 ++-- 16 files changed, 50 insertions(+), 46 deletions(-) create mode 100644 docshell/test/file_bug598895_1.html create mode 100644 docshell/test/file_bug598895_2.html create mode 100644 docshell/test/file_bug637644_1.html create mode 100644 docshell/test/file_bug637644_2.html create mode 100644 docshell/test/navigation/navigation_target_popup_url.html create mode 100644 docshell/test/navigation/navigation_target_url.html (limited to 'docshell') diff --git a/docshell/base/crashtests/914521.html b/docshell/base/crashtests/914521.html index 9ae18b860..eb0a43749 100644 --- a/docshell/base/crashtests/914521.html +++ b/docshell/base/crashtests/914521.html @@ -20,6 +20,14 @@ function f() finish(); } +function init() +{ + SpecialPowers.pushPrefEnv({"set": [ + ["security.data_uri.block_toplevel_data_uri_navigations", false], + ]}, start); + +} + function start() { var html = " - + diff --git a/docshell/test/chrome/test_bug364461.xul b/docshell/test/chrome/test_bug364461.xul index 85154f9d7..9e45ce971 100644 --- a/docshell/test/chrome/test_bug364461.xul +++ b/docshell/test/chrome/test_bug364461.xul @@ -29,9 +29,15 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=364461 /** Test for Bug 364461 **/ SimpleTest.waitForExplicitFinish(); -window.open("bug364461_window.xul", "bug364461", - "chrome,width=600,height=600"); +SpecialPowers.pushPrefEnv({ + "set":[["security.data_uri.block_toplevel_data_uri_navigations", false]] +}, runTests); + +function runTests() { + window.open("bug364461_window.xul", "bug364461", + "chrome,width=600,height=600"); +} ]]> diff --git a/docshell/test/file_bug598895_1.html b/docshell/test/file_bug598895_1.html new file mode 100644 index 000000000..6fbb13a02 --- /dev/null +++ b/docshell/test/file_bug598895_1.html @@ -0,0 +1 @@ +Should show diff --git a/docshell/test/file_bug598895_2.html b/docshell/test/file_bug598895_2.html new file mode 100644 index 000000000..0822c566b --- /dev/null +++ b/docshell/test/file_bug598895_2.html @@ -0,0 +1 @@ + diff --git a/docshell/test/file_bug637644_1.html b/docshell/test/file_bug637644_1.html new file mode 100644 index 000000000..6fbb13a02 --- /dev/null +++ b/docshell/test/file_bug637644_1.html @@ -0,0 +1 @@ +Should show diff --git a/docshell/test/file_bug637644_2.html b/docshell/test/file_bug637644_2.html new file mode 100644 index 000000000..0822c566b --- /dev/null +++ b/docshell/test/file_bug637644_2.html @@ -0,0 +1 @@ + diff --git a/docshell/test/mochitest.ini b/docshell/test/mochitest.ini index 2298bed74..d2e378928 100644 --- a/docshell/test/mochitest.ini +++ b/docshell/test/mochitest.ini @@ -21,9 +21,13 @@ support-files = file_bug540462.html file_bug580069_1.html file_bug580069_2.sjs + file_bug598895_1.html + file_bug598895_2.html file_bug590573_1.html file_bug590573_2.html file_bug634834.html + file_bug637644_1.html + file_bug637644_2.html file_bug640387.html file_bug653741.html file_bug660404 diff --git a/docshell/test/navigation/NavigationUtils.js b/docshell/test/navigation/NavigationUtils.js index c90ea74d5..72bea7dde 100644 --- a/docshell/test/navigation/NavigationUtils.js +++ b/docshell/test/navigation/NavigationUtils.js @@ -9,10 +9,10 @@ /////////////////////////////////////////////////////////////////////////// var body = "This frame was navigated."; -var target_url = "data:text/html," + body + ""; +var target_url = "navigation_target_url.html" var popup_body = "This is a popup"; -var target_popup_url = "data:text/html," + popup_body + ""; +var target_popup_url = "navigation_target_popup_url.html"; /////////////////////////////////////////////////////////////////////////// // Functions that navigate frames @@ -58,7 +58,7 @@ function navigateByHyperlink(name) { function isNavigated(wnd, message) { var result = null; try { - result = SpecialPowers.wrap(wnd).document.body.innerHTML; + result = SpecialPowers.wrap(wnd).document.body.innerHTML.trim(); } catch(ex) { result = ex; } @@ -68,7 +68,7 @@ function isNavigated(wnd, message) { function isBlank(wnd, message) { var result = null; try { - result = wnd.document.body.innerHTML; + result = wnd.document.body.innerHTML.trim(); } catch(ex) { result = ex; } @@ -146,7 +146,9 @@ function xpcGetFramesByName(name) { function xpcCleanupWindows() { xpcEnumerateContentWindows(function(win) { - if (win.location && win.location.protocol == "data:") + if (win.location && + (win.location.href.endsWith(target_url) || + win.location.href.endsWith(target_popup_url))) { win.close(); }); } @@ -177,12 +179,12 @@ function xpcWaitForFinishedFrames(callback, numFrames) { } function searchForFinishedFrames(win) { - if ((escape(unescape(win.location)) == escape(target_url) || - escape(unescape(win.location)) == escape(target_popup_url)) && + if ((win.location.href.endsWith(target_url) || + win.location.href.endsWith(target_popup_url)) && win.document && win.document.body && - (win.document.body.textContent == body || - win.document.body.textContent == popup_body) && + (win.document.body.textContent.trim() == body || + win.document.body.textContent.trim() == popup_body) && win.document.readyState == "complete") { var util = win.QueryInterface(SpecialPowers.Ci.nsIInterfaceRequestor) diff --git a/docshell/test/navigation/file_scrollRestoration.html b/docshell/test/navigation/file_scrollRestoration.html index 92e43d7fb..766949d13 100644 --- a/docshell/test/navigation/file_scrollRestoration.html +++ b/docshell/test/navigation/file_scrollRestoration.html @@ -40,7 +40,7 @@ document.getElementById("bottom").scrollIntoView(); window.onunload = null; // Should get bfcache behavior. opener.setTimeout("testWindow.history.back();", 250); - window.location.href = 'data:text/html,'; + window.location.href = 'about:blank'; break; } case 4: { @@ -57,7 +57,7 @@ opener.is(history.scrollRestoration, "manual", "Should have the same scrollRestoration mode as before fragment navigation."); window.onunload = function() {} // Disable bfcache. opener.setTimeout("is(testWindow.history.scrollRestoration, 'auto'); testWindow.history.back();", 250); - window.location.href = 'data:text/html,'; + window.location.href = 'about:blank'; break; } case 6: { diff --git a/docshell/test/navigation/mochitest.ini b/docshell/test/navigation/mochitest.ini index 764e400a8..1b5f33c7f 100644 --- a/docshell/test/navigation/mochitest.ini +++ b/docshell/test/navigation/mochitest.ini @@ -1,6 +1,8 @@ [DEFAULT] support-files = NavigationUtils.js + navigation_target_url.html + navigation_target_popup_url.html blank.html file_bug462076_1.html file_bug462076_2.html diff --git a/docshell/test/navigation/navigation_target_popup_url.html b/docshell/test/navigation/navigation_target_popup_url.html new file mode 100644 index 000000000..cfe6de009 --- /dev/null +++ b/docshell/test/navigation/navigation_target_popup_url.html @@ -0,0 +1 @@ +This is a popup diff --git a/docshell/test/navigation/navigation_target_url.html b/docshell/test/navigation/navigation_target_url.html new file mode 100644 index 000000000..a485e8133 --- /dev/null +++ b/docshell/test/navigation/navigation_target_url.html @@ -0,0 +1 @@ +This frame was navigated. diff --git a/docshell/test/navigation/open.html b/docshell/test/navigation/open.html index 1bb70f865..97eb9b76e 100644 --- a/docshell/test/navigation/open.html +++ b/docshell/test/navigation/open.html @@ -3,7 +3,7 @@ diff --git a/docshell/test/navigation/test_triggeringprincipal_window_open.html b/docshell/test/navigation/test_triggeringprincipal_window_open.html index d5d7f210b..dbee21777 100644 --- a/docshell/test/navigation/test_triggeringprincipal_window_open.html +++ b/docshell/test/navigation/test_triggeringprincipal_window_open.html @@ -13,8 +13,7 @@ /* We call window.open() using different URIs and make sure the triggeringPrincipal * loadingPrincipal are correct. * Test1: window.open(http:) - * Test2: window.open(data:) - * Test3: window.open(javascript:) + * Test2: window.open(javascript:) */ const TRIGGERING_PRINCIPAL_URI = @@ -22,7 +21,7 @@ const TRIGGERING_PRINCIPAL_URI = SimpleTest.waitForExplicitFinish(); -const NUM_TESTS = 3; +const NUM_TESTS = 2; var test_counter = 0; function checkFinish() { @@ -54,28 +53,7 @@ httpWin.onload = function() { } // ---------------------------------------------------------------------------- -// Test 2: window.open(data:) -var dataWin = window.open("data:text/html,data", "_blank", "width=10,height=10"); -dataWin.onload = function() { - var dataChannel = SpecialPowers.wrap(dataWin.document).docShell.currentDocumentChannel; - var dataTriggeringPrincipal = dataChannel.loadInfo.triggeringPrincipal.URI.asciiSpec; - var dataLoadingPrincipal = dataChannel.loadInfo.loadingPrincipal; - - is(dataTriggeringPrincipal, TRIGGERING_PRINCIPAL_URI, - "TriggeringPrincipal for window.open(data:) should be the principal of the document"); - - is(dataWin.document.referrer, "", - "Referrer for window.open(data:) should be empty"); - - is(dataLoadingPrincipal, null, - "LoadingPrincipal for window.open(data:) should be null"); - - dataWin.close(); - checkFinish(); -} - -// ---------------------------------------------------------------------------- -// Test 3: window.open(javascript:) +// Test 2: window.open(javascript:) var jsWin = window.open("javascript:'js';", "_blank", "width=10,height=10"); jsWin.onload = function() { var jsChannel = SpecialPowers.wrap(jsWin.document).docShell.currentDocumentChannel; diff --git a/docshell/test/test_bug598895.html b/docshell/test/test_bug598895.html index 52b9537be..5cc74e42c 100644 --- a/docshell/test/test_bug598895.html +++ b/docshell/test/test_bug598895.html @@ -43,9 +43,8 @@ window.onmessage = function (ev) { } } -var win2 = window.open("data:text/html, diff --git a/docshell/test/test_bug637644.html b/docshell/test/test_bug637644.html index d172ada4a..4192fae22 100644 --- a/docshell/test/test_bug637644.html +++ b/docshell/test/test_bug637644.html @@ -43,9 +43,8 @@ window.onmessage = function (ev) { } } -var win2 = window.open("data:text/html, -- cgit v1.2.3 From e968422d299e49d1906e6f4c7746cfd9a677e72b Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Tue, 15 May 2018 21:14:18 +0200 Subject: Bug 1379762 part 1. Don't call MediaFeaturesChanged if our override device pixel ratio is set to its current value Issue #357 --- docshell/test/navigation/file_bug1379762-1.html | 32 +++++++++++++++++++++++ docshell/test/navigation/mochitest.ini | 1 + docshell/test/navigation/test_sessionhistory.html | 3 ++- 3 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 docshell/test/navigation/file_bug1379762-1.html (limited to 'docshell') diff --git a/docshell/test/navigation/file_bug1379762-1.html b/docshell/test/navigation/file_bug1379762-1.html new file mode 100644 index 000000000..e8cd8b30b --- /dev/null +++ b/docshell/test/navigation/file_bug1379762-1.html @@ -0,0 +1,32 @@ + + + + + Bug 1379762 + + + + diff --git a/docshell/test/navigation/mochitest.ini b/docshell/test/navigation/mochitest.ini index 1b5f33c7f..f3bb3d244 100644 --- a/docshell/test/navigation/mochitest.ini +++ b/docshell/test/navigation/mochitest.ini @@ -59,6 +59,7 @@ skip-if = (toolkit == 'android') || (!debug && (os == 'mac' || os == 'win')) # B skip-if = (toolkit == 'android') || (debug && e10s) #too slow on Android 4.3 aws only; bug 1030403; bug 1263213 for debug e10s [test_sessionhistory.html] skip-if = toolkit == 'android' #RANDOM +support-files = file_bug1379762-1.html [test_sibling-matching-parent.html] [test_sibling-off-domain.html] [test_triggeringprincipal_frame_nav.html] diff --git a/docshell/test/navigation/test_sessionhistory.html b/docshell/test/navigation/test_sessionhistory.html index 452271a41..b922ce4ea 100644 --- a/docshell/test/navigation/test_sessionhistory.html +++ b/docshell/test/navigation/test_sessionhistory.html @@ -31,7 +31,8 @@ var testFiles = "file_nested_frames.html", "file_shiftReload_and_pushState.html", "file_scrollRestoration.html", - "file_bug1300461.html" + "file_bug1300461.html", + "file_bug1379762-1.html", ]; var testCount = 0; // Used by the test files. -- cgit v1.2.3 From d1184bfb4939e76f3aa442daa90dc5cca3a850e4 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Tue, 15 May 2018 22:45:40 +0200 Subject: Bug 1379762 part 2. Use a more reliable test to figure out when we can skip firing onload in nsDocumentViewer::LoadComplete Issue #357 --- docshell/test/navigation/file_bug1379762-2.html | 43 +++++++++++++++++++++++ docshell/test/navigation/mochitest.ini | 2 +- docshell/test/navigation/test_sessionhistory.html | 1 + 3 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 docshell/test/navigation/file_bug1379762-2.html (limited to 'docshell') diff --git a/docshell/test/navigation/file_bug1379762-2.html b/docshell/test/navigation/file_bug1379762-2.html new file mode 100644 index 000000000..86033cb2e --- /dev/null +++ b/docshell/test/navigation/file_bug1379762-2.html @@ -0,0 +1,43 @@ + + + + + Bug 1379762 + + + + diff --git a/docshell/test/navigation/mochitest.ini b/docshell/test/navigation/mochitest.ini index f3bb3d244..8cff81ad1 100644 --- a/docshell/test/navigation/mochitest.ini +++ b/docshell/test/navigation/mochitest.ini @@ -59,7 +59,7 @@ skip-if = (toolkit == 'android') || (!debug && (os == 'mac' || os == 'win')) # B skip-if = (toolkit == 'android') || (debug && e10s) #too slow on Android 4.3 aws only; bug 1030403; bug 1263213 for debug e10s [test_sessionhistory.html] skip-if = toolkit == 'android' #RANDOM -support-files = file_bug1379762-1.html +support-files = file_bug1379762-1.html file_bug1379762-2.html [test_sibling-matching-parent.html] [test_sibling-off-domain.html] [test_triggeringprincipal_frame_nav.html] diff --git a/docshell/test/navigation/test_sessionhistory.html b/docshell/test/navigation/test_sessionhistory.html index b922ce4ea..10b0cbcaf 100644 --- a/docshell/test/navigation/test_sessionhistory.html +++ b/docshell/test/navigation/test_sessionhistory.html @@ -33,6 +33,7 @@ var testFiles = "file_scrollRestoration.html", "file_bug1300461.html", "file_bug1379762-1.html", + "file_bug1379762-2.html", ]; var testCount = 0; // Used by the test files. -- cgit v1.2.3 From bd851735628cd6b07285e87fa60081e9d11a3b7e Mon Sep 17 00:00:00 2001 From: Gaming4JC Date: Sat, 26 May 2018 15:00:01 -0400 Subject: Remove support and tests for HSTS priming from the tree. Fixes #384 --- docshell/base/nsDocShell.cpp | 21 --------------------- 1 file changed, 21 deletions(-) (limited to 'docshell') diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index b3e26da33..8eca47495 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -9961,27 +9961,6 @@ nsDocShell::InternalLoad(nsIURI* aURI, return NS_ERROR_CONTENT_BLOCKED; } - - // If HSTS priming was set by nsMixedContentBlocker::ShouldLoad, and we - // would block due to mixed content, go ahead and block here. If we try to - // proceed with priming, we will error out later on. - nsCOMPtr docShell = NS_CP_GetDocShellFromContext(requestingContext); - // When loading toplevel windows, requestingContext can be null. We don't - // really care about HSTS in that situation, though; loads in toplevel - // windows should all be browser UI. - if (docShell) { - nsIDocument* document = docShell->GetDocument(); - NS_ENSURE_TRUE(document, NS_OK); - - HSTSPrimingState state = document->GetHSTSPrimingStateForLocation(aURI); - if (state == HSTSPrimingState::eHSTS_PRIMING_BLOCK) { - // HSTS Priming currently disabled for InternalLoad, so we need to clear - // the location that was added by nsMixedContentBlocker::ShouldLoad - // Bug 1269815 will address images loaded via InternalLoad - document->ClearHSTSPrimingLocation(aURI); - return NS_ERROR_CONTENT_BLOCKED; - } - } } nsCOMPtr principalToInherit = aPrincipalToInherit; -- cgit v1.2.3 From 9755c93cff958fd8f1a9ef1a105ef0aafd6f9669 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Sun, 24 Jun 2018 23:57:19 +0200 Subject: Make about:webrtc conditional. This resolves #536 --- docshell/base/nsAboutRedirector.cpp | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docshell') diff --git a/docshell/base/nsAboutRedirector.cpp b/docshell/base/nsAboutRedirector.cpp index e56447296..a50134cec 100644 --- a/docshell/base/nsAboutRedirector.cpp +++ b/docshell/base/nsAboutRedirector.cpp @@ -140,10 +140,12 @@ static RedirEntry kRedirMap[] = { { "telemetry", "chrome://global/content/aboutTelemetry.xhtml", nsIAboutModule::ALLOW_SCRIPT +#ifdef MOZ_WEBRTC }, { "webrtc", "chrome://global/content/aboutwebrtc/aboutWebrtc.html", nsIAboutModule::ALLOW_SCRIPT +#endif } }; static const int kRedirTotal = mozilla::ArrayLength(kRedirMap); -- cgit v1.2.3 From 9ac9865817731737a6f86139fc3993ba151c7a6e Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Mon, 25 Jun 2018 00:46:08 +0200 Subject: Remove docshell contract for about:webrtc Follow-up to 9755c93cff958fd8f1a9ef1a105ef0aafd6f9669 Tag #536 --- docshell/build/nsDocShellModule.cpp | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docshell') diff --git a/docshell/build/nsDocShellModule.cpp b/docshell/build/nsDocShellModule.cpp index 872874012..91b35abea 100644 --- a/docshell/build/nsDocShellModule.cpp +++ b/docshell/build/nsDocShellModule.cpp @@ -188,7 +188,9 @@ const mozilla::Module::ContractIDEntry kDocShellContracts[] = { { NS_ABOUT_MODULE_CONTRACTID_PREFIX "srcdoc", &kNS_ABOUT_REDIRECTOR_MODULE_CID }, { NS_ABOUT_MODULE_CONTRACTID_PREFIX "support", &kNS_ABOUT_REDIRECTOR_MODULE_CID }, { NS_ABOUT_MODULE_CONTRACTID_PREFIX "telemetry", &kNS_ABOUT_REDIRECTOR_MODULE_CID }, +#ifdef MOZ_WEBRTC { NS_ABOUT_MODULE_CONTRACTID_PREFIX "webrtc", &kNS_ABOUT_REDIRECTOR_MODULE_CID }, +#endif { NS_URI_LOADER_CONTRACTID, &kNS_URI_LOADER_CID }, { NS_DOCUMENTLOADER_SERVICE_CONTRACTID, &kNS_DOCUMENTLOADER_SERVICE_CID }, { NS_HANDLERSERVICE_CONTRACTID, &kNS_CONTENTHANDLERSERVICE_CID, mozilla::Module::CONTENT_PROCESS_ONLY }, -- cgit v1.2.3 From bbbb74e5f077b47c6adb8ede13bfb001bb966cdb Mon Sep 17 00:00:00 2001 From: "Matt A. Tobin" Date: Tue, 26 Jun 2018 13:23:24 -0400 Subject: Make the Error Console accessible from about:console --- docshell/base/nsAboutRedirector.cpp | 1 + docshell/build/nsDocShellModule.cpp | 1 + 2 files changed, 2 insertions(+) (limited to 'docshell') diff --git a/docshell/base/nsAboutRedirector.cpp b/docshell/base/nsAboutRedirector.cpp index a50134cec..4dba7f261 100644 --- a/docshell/base/nsAboutRedirector.cpp +++ b/docshell/base/nsAboutRedirector.cpp @@ -50,6 +50,7 @@ static RedirEntry kRedirMap[] = { nsIAboutModule::ALLOW_SCRIPT }, { "config", "chrome://global/content/config.xul", 0 }, + { "console", "chrome://global/content/console.xul", 0 }, { "credits", "http://www.palemoon.org/Contributors.shtml", nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | diff --git a/docshell/build/nsDocShellModule.cpp b/docshell/build/nsDocShellModule.cpp index 91b35abea..3481bd297 100644 --- a/docshell/build/nsDocShellModule.cpp +++ b/docshell/build/nsDocShellModule.cpp @@ -165,6 +165,7 @@ const mozilla::Module::ContractIDEntry kDocShellContracts[] = { { NS_ABOUT_MODULE_CONTRACTID_PREFIX "buildconfig", &kNS_ABOUT_REDIRECTOR_MODULE_CID }, { NS_ABOUT_MODULE_CONTRACTID_PREFIX "checkerboard", &kNS_ABOUT_REDIRECTOR_MODULE_CID }, { NS_ABOUT_MODULE_CONTRACTID_PREFIX "config", &kNS_ABOUT_REDIRECTOR_MODULE_CID }, + { NS_ABOUT_MODULE_CONTRACTID_PREFIX "console", &kNS_ABOUT_REDIRECTOR_MODULE_CID }, { NS_ABOUT_MODULE_CONTRACTID_PREFIX "credits", &kNS_ABOUT_REDIRECTOR_MODULE_CID }, #ifdef MOZ_DEVTOOLS { NS_ABOUT_MODULE_CONTRACTID_PREFIX "debugging", &kNS_ABOUT_REDIRECTOR_MODULE_CID }, -- cgit v1.2.3