From 463b4b1c0d844accce05bd4f1fa5891fd8b30559 Mon Sep 17 00:00:00 2001
From: Yury Semikhatsky <yurys@chromium.org>
Date: Wed, 23 Mar 2022 08:58:29 -0700
Subject: [PATCH] browser(firefox): do not send post data > 10Mb to the client
 (#12969)

---
 browser_patches/firefox-beta/BUILD_NUMBER              |  4 ++--
 .../firefox-beta/juggler/NetworkObserver.js            | 10 +++++++---
 browser_patches/firefox/BUILD_NUMBER                   |  4 ++--
 browser_patches/firefox/juggler/NetworkObserver.js     | 10 +++++++---
 4 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/browser_patches/firefox-beta/BUILD_NUMBER b/browser_patches/firefox-beta/BUILD_NUMBER
index 8936316764..1b2d610a88 100644
--- a/browser_patches/firefox-beta/BUILD_NUMBER
+++ b/browser_patches/firefox-beta/BUILD_NUMBER
@@ -1,2 +1,2 @@
-1319
-Changed: yurys@chromium.org Fri 18 Mar 2022 05:39:20 PM PDT
+1320
+Changed: yurys@chromium.org Tue 22 Mar 2022 05:26:17 PM PDT
diff --git a/browser_patches/firefox-beta/juggler/NetworkObserver.js b/browser_patches/firefox-beta/juggler/NetworkObserver.js
index a800f1e342..fa7feead44 100644
--- a/browser_patches/firefox-beta/juggler/NetworkObserver.js
+++ b/browser_patches/firefox-beta/juggler/NetworkObserver.js
@@ -754,10 +754,14 @@ function readRequestPostData(httpChannel) {
   }
 
   // Read data from the stream.
-  let result = '';
+  let result = undefined;
   try {
-    const buffer = NetUtil.readInputStreamToString(iStream, iStream.available());
-    result = btoa(buffer);
+    const maxLen = iStream.available();
+    // Cap at 10Mb.
+    if (maxLen <= 10 * 1024 * 1024) {
+      const buffer = NetUtil.readInputStreamToString(iStream, maxLen);
+      result = btoa(buffer);
+    }
   } catch (err) {
   }
 
diff --git a/browser_patches/firefox/BUILD_NUMBER b/browser_patches/firefox/BUILD_NUMBER
index 166bb6c8d4..6eddffb692 100644
--- a/browser_patches/firefox/BUILD_NUMBER
+++ b/browser_patches/firefox/BUILD_NUMBER
@@ -1,2 +1,2 @@
-1320
-Changed: yurys@chromium.org Fri 18 Mar 2022 05:34:13 PM PDT
+1321
+Changed: yurys@chromium.org Tue 22 Mar 2022 05:24:48 PM PDT
diff --git a/browser_patches/firefox/juggler/NetworkObserver.js b/browser_patches/firefox/juggler/NetworkObserver.js
index a800f1e342..fa7feead44 100644
--- a/browser_patches/firefox/juggler/NetworkObserver.js
+++ b/browser_patches/firefox/juggler/NetworkObserver.js
@@ -754,10 +754,14 @@ function readRequestPostData(httpChannel) {
   }
 
   // Read data from the stream.
-  let result = '';
+  let result = undefined;
   try {
-    const buffer = NetUtil.readInputStreamToString(iStream, iStream.available());
-    result = btoa(buffer);
+    const maxLen = iStream.available();
+    // Cap at 10Mb.
+    if (maxLen <= 10 * 1024 * 1024) {
+      const buffer = NetUtil.readInputStreamToString(iStream, maxLen);
+      result = btoa(buffer);
+    }
   } catch (err) {
   }