Bug 1573276 - Always allow localization in error pages r=johannh,peterv (87395903) · Commits · morgan / Tor Browser

browser/base/content/test/about/browser_aboutCertError.js

+23 −0

Original line number	Diff line number	Diff line
		@@ -459,3 +459,26 @@ add_task(async function checkBadStsCertHeadline() {
		BrowserTestUtils.removeTab(gBrowser.selectedTab);
		}
		});

		add_task(async function checkSandboxedIframe() {
		info(
		"Loading a bad sts cert error in a sandboxed iframe and check that the correct headline is shown"
		);
		let useFrame = true;
		let sandboxed = true;
		let tab = await openErrorPage(BAD_CERT, useFrame, sandboxed);
		let browser = tab.linkedBrowser;

		let titleContent = await ContentTask.spawn(browser, {}, async function() {
		// Cannot test for error in the Advanced section since it's currently not present
		// in a sandboxed iframe.
		let doc = content.document.querySelector("iframe").contentDocument;
		let titleText = doc.querySelector(".title-text");
		return titleText.textContent;
		});
		ok(
		titleContent.endsWith("Security Issue"),
		"Did Not Connect: Potential Security Issue"
		);
		BrowserTestUtils.removeTab(gBrowser.selectedTab);
		});

+8 −5

Original line number	Diff line number	Diff line
		@@ -44,17 +44,20 @@ function getPEMString(cert) {
		);
		}

		function injectErrorPageFrame(tab, src) {
		function injectErrorPageFrame(tab, src, sandboxed) {
		return ContentTask.spawn(
		tab.linkedBrowser,
		{ frameSrc: src },
		async function({ frameSrc }) {
		{ frameSrc: src, frameSandboxed: sandboxed },
		async function({ frameSrc, frameSandboxed }) {
		let loaded = ContentTaskUtils.waitForEvent(
		content.wrappedJSObject,
		"DOMFrameContentLoaded"
		);
		let iframe = content.document.createElement("iframe");
		iframe.src = frameSrc;
		if (frameSandboxed) {
		iframe.setAttribute("sandbox", "allow-scripts");
		}
		content.document.body.appendChild(iframe);
		await loaded;
		// We will have race conditions when accessing the frame content after setting a src,
		@@ -67,7 +70,7 @@ function injectErrorPageFrame(tab, src) {
		);
		}

		async function openErrorPage(src, useFrame) {
		async function openErrorPage(src, useFrame, sandboxed) {
		let dummyPage =
		getRootDirectory(gTestPath).replace(
		"chrome://mochitests/content",
		@@ -78,7 +81,7 @@ async function openErrorPage(src, useFrame) {
		if (useFrame) {
		info("Loading cert error page in an iframe");
		tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, dummyPage);
		await injectErrorPageFrame(tab, src);
		await injectErrorPageFrame(tab, src, sandboxed);
		} else {
		let certErrorLoaded;
		tab = await BrowserTestUtils.openNewForegroundTab(

+5 −3

Original line number	Diff line number	Diff line
		@@ -3232,11 +3232,13 @@ DocumentL10n* Document::GetL10n() { return mDocumentL10n; }
		bool Document::DocumentSupportsL10n(JSContext* aCx, JSObject* aObject) {
		nsCOMPtr<nsIPrincipal> callerPrincipal =
		nsContentUtils::SubjectPrincipal(aCx);
		return nsContentUtils::PrincipalAllowsL10n(callerPrincipal);
		nsGlobalWindowInner* win = xpc::WindowOrNull(aObject);
		return nsContentUtils::PrincipalAllowsL10n(
		callerPrincipal, win ? win->GetDocumentURI() : nullptr);
		}

		void Document::LocalizationLinkAdded(Element* aLinkElement) {
		if (!nsContentUtils::PrincipalAllowsL10n(NodePrincipal())) {
		if (!nsContentUtils::PrincipalAllowsL10n(NodePrincipal(), GetDocumentURI())) {
		return;
		}

		@@ -3267,7 +3269,7 @@ void Document::LocalizationLinkAdded(Element* aLinkElement) {
		}

		void Document::LocalizationLinkRemoved(Element* aLinkElement) {
		if (!nsContentUtils::PrincipalAllowsL10n(NodePrincipal())) {
		if (!nsContentUtils::PrincipalAllowsL10n(NodePrincipal(), GetDocumentURI())) {
		return;
		}

+24 −1

Original line number	Diff line number	Diff line
		@@ -250,6 +250,7 @@
		#include "nsThreadManager.h"
		#include "nsIBidiKeyboard.h"
		#include "ReferrerInfo.h"
		#include "nsAboutProtocolUtils.h"

		#if defined(XP_WIN)
		// Undefine LoadImage to prevent naming conflict with Windows.
		@@ -1676,8 +1677,30 @@ bool nsContentUtils::OfflineAppAllowed(nsIPrincipal* aPrincipal) {
		return NS_SUCCEEDED(rv) && allowed;
		}

		static bool IsErrorPage(nsIURI* aURI) {
		if (!aURI) {
		return false;
		}

		if (!aURI->SchemeIs("about")) {
		return false;
		}

		nsAutoCString name;
		nsresult rv = NS_GetAboutModuleName(aURI, name);
		NS_ENSURE_SUCCESS(rv, false);

		return name.EqualsLiteral("certerror") \|\| name.EqualsLiteral("neterror") \|\|
		name.EqualsLiteral("blocked");
		}

		/* static */
		bool nsContentUtils::PrincipalAllowsL10n(nsIPrincipal* aPrincipal) {
		bool nsContentUtils::PrincipalAllowsL10n(nsIPrincipal* aPrincipal,
		nsIURI* aDocumentURI) {
		if (IsErrorPage(aDocumentURI)) {
		return true;
		}

		// The system principal is always allowed.
		if (IsSystemPrincipal(aPrincipal)) {
		return true;

+5 −4

Original line number	Diff line number	Diff line
		@@ -1983,11 +1983,12 @@ class nsContentUtils {
		static bool OfflineAppAllowed(nsIPrincipal* aPrincipal);

		/**
		* Determine whether the principal is allowed access to the localization
		* system. We don't want the web to ever see this but all our UI including in
		* content pages should pass this test.
		* Determine whether the principal or document is allowed access to the
		* localization system. We don't want the web to ever see this but all our UI
		* including in content pages should pass this test.
		*/
		static bool PrincipalAllowsL10n(nsIPrincipal* aPrincipal);
		static bool PrincipalAllowsL10n(nsIPrincipal* aPrincipal,
		nsIURI* aDocumentURI);

		/**
		* If offline-apps.allow_by_default is true, we set offline-app permission