зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1450853 - Use Generic Error for 3rdparty MediaElement r=ckerschb,smaug
*** Add test Differential Revision: https://phabricator.services.mozilla.com/D80080
This commit is contained in:
Родитель
de873529c5
Коммит
af8c105fc0
|
@ -2354,7 +2354,24 @@ void HTMLMediaElement::NoSupportedMediaSourceError(
|
|||
if (mDecoder) {
|
||||
ShutdownDecoder();
|
||||
}
|
||||
mErrorSink->SetError(MEDIA_ERR_SRC_NOT_SUPPORTED, aErrorDetails);
|
||||
|
||||
bool isThirdPartyLoad = false;
|
||||
nsresult rv = NS_ERROR_NOT_AVAILABLE;
|
||||
if (mSrcAttrTriggeringPrincipal) {
|
||||
rv = mSrcAttrTriggeringPrincipal->IsThirdPartyURI(mLoadingSrc,
|
||||
&isThirdPartyLoad);
|
||||
}
|
||||
|
||||
if (NS_SUCCEEDED(rv) && isThirdPartyLoad) {
|
||||
// aErrorDetails can include sensitive details like MimeType or HTTP Status
|
||||
// Code. In case we're loading a 3rd party resource we should not leak this
|
||||
// and pass a Generic Error Message
|
||||
mErrorSink->SetError(MEDIA_ERR_SRC_NOT_SUPPORTED,
|
||||
"Failed to open media"_ns);
|
||||
} else {
|
||||
mErrorSink->SetError(MEDIA_ERR_SRC_NOT_SUPPORTED, aErrorDetails);
|
||||
}
|
||||
|
||||
RemoveMediaTracks();
|
||||
ChangeDelayLoadStatus(false);
|
||||
UpdateAudioChannelPlayingState();
|
||||
|
|
|
@ -63,3 +63,4 @@ support-files = file_xfo_error_page.sjs
|
|||
[test_sec_fetch_websocket.html]
|
||||
skip-if = toolkit == 'android' # no websocket support Bug 982828
|
||||
support-files = file_sec_fetch_websocket_wsh.py
|
||||
[test_bug1450853.html]
|
|
@ -0,0 +1,58 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<!--
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=1450853
|
||||
-->
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<title>Test for Cross-origin resouce status leak via MediaError</title>
|
||||
<script src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<script src="/tests/SimpleTest/ChromeTask.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"/>
|
||||
|
||||
<audio autoplay id="audio"></audio>
|
||||
|
||||
<script type="application/javascript">
|
||||
|
||||
/** Test for Bug 1450853 **/
|
||||
CONST_GENERIC_ERROR_MESSAGE = "Failed to open media";
|
||||
|
||||
add_task(function() {
|
||||
return new Promise((resolve) => {
|
||||
let audioElement = document.getElementById("audio");
|
||||
|
||||
audioElement.onerror = function() {
|
||||
let err = this.error;
|
||||
let message = err.message;
|
||||
info(`Got Audio Error -> ${message}`);
|
||||
ok(message.includes("404"), "Same-Origin Error Message may contain status data");
|
||||
resolve();
|
||||
};
|
||||
audioElement.src = "/media/test.mp3";
|
||||
});
|
||||
});
|
||||
|
||||
add_task(function() {
|
||||
return new Promise((resolve) => {
|
||||
let audioElement = document.getElementById("audio");
|
||||
|
||||
audioElement.onerror = function() {
|
||||
let err = this.error;
|
||||
let message = err.message;
|
||||
|
||||
info(`Got Audio Error -> ${message}`);
|
||||
is(message,CONST_GENERIC_ERROR_MESSAGE, "Cross-Origin Error Message is only Generic");
|
||||
resolve();
|
||||
};
|
||||
audioElement.src = "https://example.com/media/test.mp3";
|
||||
});
|
||||
});
|
||||
|
||||
</script>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1450853">Mozilla Bug 1450853</a>
|
||||
<iframe width="0" height="0"></iframe>
|
||||
</body>
|
||||
</html>
|
Загрузка…
Ссылка в новой задаче