Bug 1522181 - multiple external protocol URL blocker behind pref, r=smaug

2019-01-24 06:31:41 +01:00 · 2019-01-24 06:31:41 +01:00 · 0ae3238ccd
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@ -9640,6 +9640,7 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
                   aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_FRAME,
               "DoURILoad thinks this is a frame and InternalLoad does not");

+    if (StaticPrefs::dom_block_external_protocol_in_iframes()) {
      // Only allow URLs able to return data in iframes.
      bool doesNotReturnData = false;
      NS_URIChainHasFlags(aLoadState->URI(),
@ -9648,8 +9649,9 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
      if (doesNotReturnData) {
        bool popupBlocked = true;

-      // Let's consider external protocols as popups and let's check if the page
-      // is allowed to open them without abuse regardless of allowed events
+        // Let's consider external protocols as popups and let's check if the
+        // page is allowed to open them without abuse regardless of allowed
+        // events
        if (PopupBlocker::GetPopupControlState() <= PopupBlocker::openBlocked) {
          popupBlocked = !PopupBlocker::TryUsePopupOpeningToken();
        } else {
@ -9665,6 +9667,7 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
          return NS_ERROR_UNKNOWN_PROTOCOL;
        }
      }
+    }

    // Only allow view-source scheme in top-level docshells. view-source is
    // the only scheme to which this applies at the moment due to potential
--- a/dom/html/test/test_external_protocol_iframe.html
+++ b/dom/html/test/test_external_protocol_iframe.html
@ -10,8 +10,7 @@
  <div id='foo'><a href='#'>Click here to test this issue</a></div>
  <script>

-SimpleTest.waitForExplicitFinish();
-
+function next() {
  let foo = document.getElementById('foo');
  foo.addEventListener('click', _ => {
    is(ChromeUtils.getPopupControlState(), "openAllowed", "Click events allow popups");
@ -33,7 +32,13 @@ foo.addEventListener('click', _ => {
  setTimeout(_ => {
    sendMouseEvent({type:'click'}, 'foo');
  }, 0);
+}

+SpecialPowers.pushPrefEnv({'set': [
+  ['dom.block_external_protocol_in_iframes', true],
+]}, next);
+
+SimpleTest.waitForExplicitFinish();
  </script>
 </body>
 </html>
--- a/modules/libpref/init/StaticPrefList.h
+++ b/modules/libpref/init/StaticPrefList.h
@ -456,6 +456,19 @@ VARCACHE_PREF(
  RelaxedAtomicBool, false
 )

+// Block multiple external protocol URLs in iframes per single event.
+#ifdef NIGHTLY_BUILD
+#define PREF_VALUE true
+#else
+#define PREF_VALUE false
+#endif
+VARCACHE_PREF(
+  "dom.block_external_protocol_in_iframes",
+   dom_block_external_protocol_in_iframes,
+  bool, PREF_VALUE
+)
+#undef PREF_VALUE
+
 // Block multiple window.open() per single event.
 VARCACHE_PREF(
  "dom.block_multiple_popups",