Commit 5f18f085 authored by Stanca Serban's avatar Stanca Serban
Browse files

Backed out changeset 8bab888ea4d4 (bug 1691658) for causing xpcshell failures...

Backed out changeset 8bab888ea4d4 (bug 1691658) for causing xpcshell failures in test_redirect_different-protocol_wrap.js. CLOSED TREE
parent 3976af8e
Loading
Loading
Loading
Loading
+1 −1
Original line number Diff line number Diff line
@@ -88,7 +88,7 @@ BlockModuleWithWrongMimeType=Loading module from “%1$S” was blocked because

# LOCALIZATION NOTE: Do not translate "data: URI".
BlockTopLevelDataURINavigation=Navigation to toplevel data: URI not allowed (Blocked loading of: “%1$S”)
BlockRedirectToDataURI=Redirecting to data: URI not allowed (Blocked loading of: “%1$S”)
BlockSubresourceRedirectToData=Redirecting to insecure data: URI not allowed (Blocked loading of: “%1$S”)

# LOCALIZATION NOTE: Do not translate "file: URI". “%1$S” is the whole URI of the loaded file. “%2$S” is the MIME type e.g. "text/plain".
BlockFileScriptWithWrongMimeType=Loading script from file: URI (“%1$S”) was blocked because its MIME type (“%2$S”) is not a valid JavaScript MIME type.
+24 −19
Original line number Diff line number Diff line
@@ -131,18 +131,10 @@ bool nsContentSecurityManager::AllowTopLevelNavigationToDataURI(
    return true;
  }

  ReportBlockedDataURI(uri, loadInfo);

  return false;
}

void nsContentSecurityManager::ReportBlockedDataURI(nsIURI* aURI,
                                                    nsILoadInfo* aLoadInfo,
                                                    bool aIsRedirect) {
  // We're going to block the request, construct the localized error message to
  // report to the console.
  nsAutoCString dataSpec;
  aURI->GetSpec(dataSpec);
  uri->GetSpec(dataSpec);
  if (dataSpec.Length() > 50) {
    dataSpec.Truncate(50);
    dataSpec.AppendLiteral("...");
@@ -150,20 +142,18 @@ void nsContentSecurityManager::ReportBlockedDataURI(nsIURI* aURI,
  AutoTArray<nsString, 1> params;
  CopyUTF8toUTF16(NS_UnescapeURL(dataSpec), *params.AppendElement());
  nsAutoString errorText;
  const char* stringID =
      aIsRedirect ? "BlockRedirectToDataURI" : "BlockTopLevelDataURINavigation";
  nsresult rv = nsContentUtils::FormatLocalizedString(
      nsContentUtils::eSECURITY_PROPERTIES, stringID, params, errorText);
  if (NS_FAILED(rv)) {
    return;
  }
  rv = nsContentUtils::FormatLocalizedString(
      nsContentUtils::eSECURITY_PROPERTIES, "BlockTopLevelDataURINavigation",
      params, errorText);
  NS_ENSURE_SUCCESS(rv, false);

  // Report the localized error message to the console for the loading
  // BrowsingContext's current inner window.
  RefPtr<BrowsingContext> target = aLoadInfo->GetBrowsingContext();
  RefPtr<BrowsingContext> target = loadInfo->GetBrowsingContext();
  nsContentUtils::ReportToConsoleByWindowID(
      errorText, nsIScriptError::warningFlag, "DATA_URI_BLOCKED"_ns,
      target ? target->GetCurrentInnerWindowId() : 0);
  return false;
}

/* static */
@@ -191,8 +181,23 @@ bool nsContentSecurityManager::AllowInsecureRedirectToDataURI(
    return true;
  }

  ReportBlockedDataURI(newURI, loadInfo, true);

  nsAutoCString dataSpec;
  newURI->GetSpec(dataSpec);
  if (dataSpec.Length() > 50) {
    dataSpec.Truncate(50);
    dataSpec.AppendLiteral("...");
  }
  nsCOMPtr<Document> doc;
  nsINode* node = loadInfo->LoadingNode();
  if (node) {
    doc = node->OwnerDoc();
  }
  AutoTArray<nsString, 1> params;
  CopyUTF8toUTF16(NS_UnescapeURL(dataSpec), *params.AppendElement());
  nsContentUtils::ReportToConsole(nsIScriptError::warningFlag,
                                  "DATA_URI_BLOCKED"_ns, doc,
                                  nsContentUtils::eSECURITY_PROPERTIES,
                                  "BlockSubresourceRedirectToData", params);
  return false;
}

+0 −2
Original line number Diff line number Diff line
@@ -39,8 +39,6 @@ class nsContentSecurityManager : public nsIContentSecurityManager,
      nsIChannel* aChannel, nsCOMPtr<nsIStreamListener>& aInAndOutListener);

  static bool AllowTopLevelNavigationToDataURI(nsIChannel* aChannel);
  static void ReportBlockedDataURI(nsIURI* aURI, nsILoadInfo* aLoadInfo,
                                   bool aIsRedirect = false);
  static bool AllowInsecureRedirectToDataURI(nsIChannel* aNewChannel);
  static void MeasureUnexpectedPrivilegedLoads(nsILoadInfo* aLoadInfo,
                                               nsIURI* aFinalURI,
+7 −20
Original line number Diff line number Diff line
@@ -47,25 +47,11 @@ var origins =
   //['https://example.com:443'],
   //['https://sub1.test1.example.com:443'],


function initTest() {
  // Allow all cookies, then do the actual test initialization
  SpecialPowers.pushPrefEnv({
    "set": [
      // Some of this test relies on redirecting to data: URLs from http.
      ["network.allow_redirect_to_data", true],
      ]
  }).then(initTestCallback);
}

function initTestCallback() {
window.addEventListener("message", function(e) {
  gen.next(e.data);
});

gen = runTest();
  gen.next();
}

function* runTest() {
  var loader = document.getElementById('loader');
@@ -172,8 +158,9 @@ function* runTest() {
  SimpleTest.finish();
}

addLoadEvent(initTest);

addLoadEvent(function() {
  gen.next();
});
</script>
</pre>
</body>
+1 −2
Original line number Diff line number Diff line
@@ -24,8 +24,7 @@ async function expectBlockedToplevelData() {
            return;
          }

          if (!["NS_ERROR_DOM_BAD_URI", "NS_ERROR_CORRUPTED_CONTENT"].includes(ChromeUtils.getXPCOMErrorName(status))) {
            info(ChromeUtils.getXPCOMErrorName(status));
          if (ChromeUtils.getXPCOMErrorName(status) != "NS_ERROR_DOM_BAD_URI") {
            isnot(request.URI.scheme, "data");
            return;
          }
Loading