Backed out changeset 736be753a5cf (bug 1691658) for causing xpcshell failures at test_redirect_different-protocol.js CLOSED TREE

2023-04-04 18:02:15 +03:00 · 2023-04-04 18:02:15 +03:00 · 7317157573
--- a/dom/locales/en-US/chrome/security/security.properties
+++ b/dom/locales/en-US/chrome/security/security.properties
@ -88,7 +88,7 @@ BlockModuleWithWrongMimeType=Loading module from “%1$S” was blocked because

 # LOCALIZATION NOTE: Do not translate "data: URI".
 BlockTopLevelDataURINavigation=Navigation to toplevel data: URI not allowed (Blocked loading of: “%1$S”)
-BlockRedirectToDataURI=Redirecting to data: URI not allowed (Blocked loading of: “%1$S”)
+BlockSubresourceRedirectToData=Redirecting to insecure data: URI not allowed (Blocked loading of: “%1$S”)

 # LOCALIZATION NOTE: Do not translate "file: URI". “%1$S” is the whole URI of the loaded file. “%2$S” is the MIME type e.g. "text/plain".
 BlockFileScriptWithWrongMimeType=Loading script from file: URI (“%1$S”) was blocked because its MIME type (“%2$S”) is not a valid JavaScript MIME type.
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@ -131,18 +131,10 @@ bool nsContentSecurityManager::AllowTopLevelNavigationToDataURI(
    return true;
  }

-  ReportBlockedDataURI(uri, loadInfo);
-
-  return false;
-}
-
-void nsContentSecurityManager::ReportBlockedDataURI(nsIURI* aURI,
-                                                    nsILoadInfo* aLoadInfo,
-                                                    bool aIsRedirect) {
  // We're going to block the request, construct the localized error message to
  // report to the console.
  nsAutoCString dataSpec;
-  aURI->GetSpec(dataSpec);
+  uri->GetSpec(dataSpec);
  if (dataSpec.Length() > 50) {
    dataSpec.Truncate(50);
    dataSpec.AppendLiteral("...");
@ -150,20 +142,18 @@ void nsContentSecurityManager::ReportBlockedDataURI(nsIURI* aURI,
  AutoTArray<nsString, 1> params;
  CopyUTF8toUTF16(NS_UnescapeURL(dataSpec), *params.AppendElement());
  nsAutoString errorText;
-  const char* stringID =
-      aIsRedirect ? "BlockRedirectToDataURI" : "BlockTopLevelDataURINavigation";
-  nsresult rv = nsContentUtils::FormatLocalizedString(
-      nsContentUtils::eSECURITY_PROPERTIES, stringID, params, errorText);
-  if (NS_FAILED(rv)) {
-    return;
-  }
+  rv = nsContentUtils::FormatLocalizedString(
+      nsContentUtils::eSECURITY_PROPERTIES, "BlockTopLevelDataURINavigation",
+      params, errorText);
+  NS_ENSURE_SUCCESS(rv, false);

  // Report the localized error message to the console for the loading
  // BrowsingContext's current inner window.
-  RefPtr<BrowsingContext> target = aLoadInfo->GetBrowsingContext();
+  RefPtr<BrowsingContext> target = loadInfo->GetBrowsingContext();
  nsContentUtils::ReportToConsoleByWindowID(
      errorText, nsIScriptError::warningFlag, "DATA_URI_BLOCKED"_ns,
      target ? target->GetCurrentInnerWindowId() : 0);
+  return false;
 }

 /* static */
@ -191,8 +181,23 @@ bool nsContentSecurityManager::AllowInsecureRedirectToDataURI(
    return true;
  }

-  ReportBlockedDataURI(newURI, loadInfo, true);
-
+  nsAutoCString dataSpec;
+  newURI->GetSpec(dataSpec);
+  if (dataSpec.Length() > 50) {
+    dataSpec.Truncate(50);
+    dataSpec.AppendLiteral("...");
+  }
+  nsCOMPtr<Document> doc;
+  nsINode* node = loadInfo->LoadingNode();
+  if (node) {
+    doc = node->OwnerDoc();
+  }
+  AutoTArray<nsString, 1> params;
+  CopyUTF8toUTF16(NS_UnescapeURL(dataSpec), *params.AppendElement());
+  nsContentUtils::ReportToConsole(nsIScriptError::warningFlag,
+                                  "DATA_URI_BLOCKED"_ns, doc,
+                                  nsContentUtils::eSECURITY_PROPERTIES,
+                                  "BlockSubresourceRedirectToData", params);
  return false;
 }

--- a/dom/security/nsContentSecurityManager.h
+++ b/dom/security/nsContentSecurityManager.h
@ -39,8 +39,6 @@ class nsContentSecurityManager : public nsIContentSecurityManager,
      nsIChannel* aChannel, nsCOMPtr<nsIStreamListener>& aInAndOutListener);

  static bool AllowTopLevelNavigationToDataURI(nsIChannel* aChannel);
-  static void ReportBlockedDataURI(nsIURI* aURI, nsILoadInfo* aLoadInfo,
-                                   bool aIsRedirect = false);
  static bool AllowInsecureRedirectToDataURI(nsIChannel* aNewChannel);
  static void MeasureUnexpectedPrivilegedLoads(nsILoadInfo* aLoadInfo,
                                               nsIURI* aFinalURI,
--- a/dom/security/test/cors/test_CrossSiteXHR_origin.html
+++ b/dom/security/test/cors/test_CrossSiteXHR_origin.html
@ -47,25 +47,11 @@ var origins =
   //['https://example.com:443'],
   //['https://sub1.test1.example.com:443'],

+window.addEventListener("message", function(e) {
+  gen.next(e.data);
+});

-function initTest() {
-  // Allow all cookies, then do the actual test initialization
-  SpecialPowers.pushPrefEnv({
-    "set": [
-      // Some of this test relies on redirecting to data: URLs from http.
-      ["network.allow_redirect_to_data", true],
-      ]
-  }).then(initTestCallback);
-}
-
-function initTestCallback() {
-  window.addEventListener("message", function(e) {
-    gen.next(e.data);
-  });
-
-  gen = runTest();
-  gen.next();
-}
+gen = runTest();

 function* runTest() {
  var loader = document.getElementById('loader');
@ -172,8 +158,9 @@ function* runTest() {
  SimpleTest.finish();
 }

-addLoadEvent(initTest);
-
+addLoadEvent(function() {
+  gen.next();
+});
 </script>
 </pre>
 </body>
--- a/dom/security/test/general/test_block_toplevel_data_navigation.html
+++ b/dom/security/test/general/test_block_toplevel_data_navigation.html
@ -24,8 +24,7 @@ async function expectBlockedToplevelData() {
            return;
          }

-          if (!["NS_ERROR_DOM_BAD_URI", "NS_ERROR_CORRUPTED_CONTENT"].includes(ChromeUtils.getXPCOMErrorName(status))) {
-            info(ChromeUtils.getXPCOMErrorName(status));
+          if (ChromeUtils.getXPCOMErrorName(status) != "NS_ERROR_DOM_BAD_URI") {
            isnot(request.URI.scheme, "data");
            return;
          }
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@ -12538,11 +12538,6 @@
  value: 1
  mirror: always

- name: network.allow_redirect_to_data
-  type: RelaxedAtomicBool
-  value: false
-  mirror: always
-
 - name: network.allow_raw_sockets_in_content_processes
  type: bool
  value: false
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@ -5229,15 +5229,6 @@ nsresult nsHttpChannel::AsyncProcessRedirection(uint32_t redirectType) {
    return NS_ERROR_CORRUPTED_CONTENT;
  }

-  if (!StaticPrefs::network_allow_redirect_to_data() &&
-      !mLoadInfo->GetAllowInsecureRedirectToDataURI() &&
-      mRedirectURI->SchemeIs("data")) {
-    LOG(("Invalid data URI for redirect!"));
-    nsContentSecurityManager::ReportBlockedDataURI(mRedirectURI, mLoadInfo,
-                                                   true);
-    return NS_ERROR_DOM_BAD_URI;
-  }
-
  // Perform the URL query string stripping for redirects. We will only strip
  // the query string if it is redirecting to a third-party URI in the top
  // level.
--- a/testing/web-platform/meta/fetch/api/redirect/redirect-to-dataurl.any.js.ini
+++ b/testing/web-platform/meta/fetch/api/redirect/redirect-to-dataurl.any.js.ini
@ -0,0 +1,41 @@
+[redirect-to-dataurl.any.worker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Testing data URL loading after same-origin redirection (no-cors mode)]
+    expected: FAIL
+
+  [Testing data URL loading after same-origin redirection (same-origin mode)]
+    expected: FAIL
+
+  [Testing data URL loading after cross-origin redirection (no-cors mode)]
+    expected: FAIL
+
+
+[redirect-to-dataurl.any.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Testing data URL loading after same-origin redirection (no-cors mode)]
+    expected: FAIL
+
+  [Testing data URL loading after same-origin redirection (same-origin mode)]
+    expected: FAIL
+
+  [Testing data URL loading after cross-origin redirection (no-cors mode)]
+    expected: FAIL
+
+
+[redirect-to-dataurl.any.serviceworker.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, OK]
+
+[redirect-to-dataurl.any.sharedworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Testing data URL loading after cross-origin redirection (no-cors mode)]
+    expected: FAIL
+
+  [Testing data URL loading after same-origin redirection (same-origin mode)]
+    expected: FAIL
+
+  [Testing data URL loading after same-origin redirection (no-cors mode)]
+    expected: FAIL
--- a/testing/web-platform/meta/fetch/redirects/data.window.js.ini
+++ b/testing/web-platform/meta/fetch/redirects/data.window.js.ini
@ -0,0 +1,4 @@
+[data.window.html]
+  [<img> fetch that redirects to data: URL]
+    expected: FAIL
+
--- a/testing/web-platform/meta/html/browsers/browsing-the-web/navigating-across-documents/redirect-to-data.html.ini
+++ b/testing/web-platform/meta/html/browsers/browsing-the-web/navigating-across-documents/redirect-to-data.html.ini
@ -1,16 +1,6 @@
 [redirect-to-data.html]
-  # This test relies on iframe.onload, which doesn't work:
-  # https://bugzilla.mozilla.org/show_bug.cgi?id=1194350
-  expected: TIMEOUT
-
  [Loading an iframe with src=redirecting URL]
-    expected: TIMEOUT
+    expected: FAIL

  [Navigating an iframe to a redirecting URL]
-    expected: NOTRUN
-
-  [Loading a popup directly to the redirecting URL]
-    expected: NOTRUN
-
-  [Loading a popup that eventually goes to the redirecting URL]
-    expected: NOTRUN
+    expected: FAIL