зеркало из https://github.com/mozilla/gecko-dev.git
Backed out changesets 5bdf8bbcd02f and df27137cb7d1 (bug 803225) for mochitest orange.
This commit is contained in:
Родитель
ecfa980647
Коммит
c0421e9621
|
@ -12,7 +12,6 @@
|
|||
#include "nsISecurityEventSink.h"
|
||||
#include "nsIWebProgressListener.h"
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsNetUtil.h"
|
||||
#include "mozilla/Preferences.h"
|
||||
|
||||
using namespace mozilla;
|
||||
|
@ -54,7 +53,7 @@ private:
|
|||
// the document that caused the load.
|
||||
nsCOMPtr<nsISupports> mContext;
|
||||
|
||||
// The type of mixed content that was blocked, e.g. active or display
|
||||
// The type of mixed content that was blocked, i.e. active or display
|
||||
unsigned short mType;
|
||||
};
|
||||
*/
|
||||
|
@ -95,9 +94,8 @@ nsMixedContentBlocker::ShouldLoad(uint32_t aContentType,
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
// Top-level load cannot be mixed content so allow it.
|
||||
// Creating insecure websocket connections in a secure page is blocked already in websocket constructor.
|
||||
if (aContentType == nsIContentPolicy::TYPE_DOCUMENT || aContentType == nsIContentPolicy::TYPE_WEBSOCKET) {
|
||||
// Top-level load cannot be mixed content so allow it
|
||||
if (aContentType == nsIContentPolicy::TYPE_DOCUMENT) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
@ -126,36 +124,11 @@ nsMixedContentBlocker::ShouldLoad(uint32_t aContentType,
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
/* Get the scheme of the sub-document resource to be requested. If it is
|
||||
* a safe to load in an https context then mixed content doesn't apply.
|
||||
*
|
||||
* Check Protocol Flags to determine if scheme is safe to load:
|
||||
* URI_DOES_NOT_RETURN_DATA - e.g.
|
||||
* "mailto"
|
||||
* URI_IS_LOCAL_RESOURCE - e.g.
|
||||
* "data",
|
||||
* "resource",
|
||||
* "moz-icon"
|
||||
* URI_INHERITS_SECURITY_CONTEXT - e.g.
|
||||
* "javascript"
|
||||
* URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT - e.g.
|
||||
* "https",
|
||||
* "moz-safe-about"
|
||||
*
|
||||
*/
|
||||
bool schemeLocal = false;
|
||||
bool schemeNoReturnData = false;
|
||||
bool schemeInherits = false;
|
||||
bool schemeSecure = false;
|
||||
if (NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_IS_LOCAL_RESOURCE , &schemeLocal)) ||
|
||||
NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_DOES_NOT_RETURN_DATA, &schemeNoReturnData)) ||
|
||||
NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT, &schemeInherits)) ||
|
||||
NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT, &schemeSecure))) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
if (schemeLocal || schemeNoReturnData || schemeInherits || schemeSecure) {
|
||||
return NS_OK;
|
||||
// Get the scheme of the sub-document resource to be requested. If it is
|
||||
// an HTTPS load then mixed content doesn't apply.
|
||||
bool isHttps;
|
||||
if (NS_FAILED(aContentLocation->SchemeIs("https", &isHttps)) || isHttps) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// If we are here we have mixed content.
|
||||
|
@ -222,9 +195,9 @@ nsMixedContentBlocker::ShouldProcess(uint32_t aContentType,
|
|||
nsIPrincipal* aRequestPrincipal,
|
||||
int16_t* aDecision)
|
||||
{
|
||||
if (!aContentLocation) {
|
||||
if(!aContentLocation) {
|
||||
// aContentLocation may be null when a plugin is loading without an associated URI resource
|
||||
if (aContentType == TYPE_OBJECT) {
|
||||
if(aContentType == TYPE_OBJECT) {
|
||||
return NS_OK;
|
||||
} else {
|
||||
return NS_ERROR_FAILURE;
|
||||
|
|
|
@ -585,10 +585,6 @@ MOCHITEST_FILES_B = \
|
|||
test_mixed_content_blocker.html \
|
||||
file_mixed_content_main.html \
|
||||
file_mixed_content_server.sjs \
|
||||
test_mixed_content_blocker_bug803225.html \
|
||||
file_mixed_content_main_bug803225.html \
|
||||
file_mixed_content_main_bug803225_websocket_wsh.py \
|
||||
bug803225_test_mailto.html \
|
||||
test_bug789856.html \
|
||||
file_bug804395.jar \
|
||||
test_bug804395.html \
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<!--
|
||||
Tests for Mixed Content Blocker - Mailto Protocol Compose Page
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=803225
|
||||
-->
|
||||
<head> <meta charset="utf-8">
|
||||
</head>
|
||||
<body>
|
||||
Hello
|
||||
<script>window.close();</script>
|
||||
</body>
|
||||
</html>
|
|
@ -1,160 +0,0 @@
|
|||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<!--
|
||||
Tests for Mixed Content Blocker - Allowed Protocols
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=803225
|
||||
-->
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<title>Tests for Bug 62178</title>
|
||||
<script type="application/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
|
||||
</head>
|
||||
<body>
|
||||
<div id="testContent"></div>
|
||||
|
||||
<!-- Test additional schemes the Mixed Content Blocker should not block
|
||||
"about" protocol URIs that are URI_SAFE_FOR_UNTRUSTED_CONTENT (moz-safe-about; see nsAboutProtocolHandler::NewURI
|
||||
"data",
|
||||
"javascript",
|
||||
"mailto",
|
||||
"resource",
|
||||
"moz-icon",
|
||||
"wss"
|
||||
-->
|
||||
|
||||
<script>
|
||||
|
||||
//For tests that require setTimeout, set the timeout interval
|
||||
var TIMEOUT_INTERVAL = 100;
|
||||
|
||||
var testContent = document.getElementById("testContent");
|
||||
|
||||
// Test 1 & 2: about and javascript protcols within an iframe
|
||||
var data = Array(2,2);
|
||||
var protocols = [
|
||||
["about", ""], //When no source is specified, the frame gets a source of about:blank
|
||||
["javascript", "javascript:document.open();document.write='<h1>SUCCESS</h1>';document.close();"],
|
||||
];
|
||||
for(var i=0; i < protocols.length; i++)
|
||||
{
|
||||
var generic_frame = document.createElement("iframe");
|
||||
generic_frame.src = protocols[i][1];
|
||||
generic_frame.name="generic_protocol";
|
||||
|
||||
generic_frame.onload = function(i) {
|
||||
data = {"test": protocols[i][0], "msg": "resource with " + protocols[i][0] + " protocol loaded"};
|
||||
parent.postMessage(data, "http://mochi.test:8888");
|
||||
}.bind(generic_frame, i)
|
||||
|
||||
generic_frame.onerror = function(i) {
|
||||
data = {"test": protocols[i][0], "msg": "resource with " + protocols[i][0] + " protocol did not load"};
|
||||
parent.postMessage(data, "http://mochi.test:8888");
|
||||
}.bind(generic_frame, i);
|
||||
|
||||
testContent.appendChild(generic_frame, i);
|
||||
}
|
||||
|
||||
// Test 3: for resource within a script tag
|
||||
var resource_script=document.createElement("script");
|
||||
resource_script.src = "resource://gre/modules/XPCOMUtils.jsm";
|
||||
resource_script.name = "resource_protocol";
|
||||
resource_script.onload = function() {
|
||||
parent.postMessage({"test": "resource", "msg": "resource with resource protocol loaded"}, "http://mochi.test:8888");
|
||||
}
|
||||
resource_script.onerror = function() {
|
||||
parent.postMessage({"test": "resource", "msg": "resource with resource protocol did not load"}, "http://mochi.test:8888");
|
||||
}
|
||||
|
||||
testContent.appendChild(resource_script);
|
||||
|
||||
// Test 4: moz-icon within an img tag
|
||||
var image=document.createElement("img");
|
||||
image.src = "moz-icon://dummy.exe?size=16";
|
||||
image.onload = function() {
|
||||
parent.postMessage({"test": "mozicon", "msg": "resource with mozicon protocol loaded"}, "http://mochi.test:8888");
|
||||
}
|
||||
image.onerror = function() {
|
||||
parent.postMessage({"test": "mozicon", "msg": "resource with mozicon protocol did not load"}, "http://mochi.test:8888");
|
||||
}
|
||||
// We don't need to append the image to the document. Doing so causes the image test to run twice.
|
||||
|
||||
// Test 5: about unsafe protocol within an iframe
|
||||
var unsafe_about_frame = document.createElement("iframe");
|
||||
unsafe_about_frame.src = "about:config";
|
||||
unsafe_about_frame.name = "unsafe_about_protocol";
|
||||
unsafe_about_frame.onload = function() {
|
||||
parent.postMessage({"test": "unsafe_about", "msg": "resource with unsafe about protocol loaded"}, "http://mochi.test:8888");
|
||||
}
|
||||
unsafe_about_frame.onerror = function() {
|
||||
parent.postMessage({"test": "unsafe_about", "msg": "resource with unsafe about protocol did not load"}, "http://mochi.test:8888");
|
||||
}
|
||||
testContent.appendChild(unsafe_about_frame);
|
||||
|
||||
// Test 6: data protocol within a script tag
|
||||
var x = 2;
|
||||
var newscript = document.createElement("script");
|
||||
newscript.src= "data:text/javascript,var x = 4;";
|
||||
newscript.onload = function() {
|
||||
parent.postMessage({"test": "data_protocol", "msg": "resource with data protocol protocol loaded"}, "http://mochi.test:8888");
|
||||
}
|
||||
newscript.onerror = function() {
|
||||
parent.postMessage({"test": "data_protocol", "msg": "resource with data protocol protocol did not load"}, "http://mochi.test:8888");
|
||||
}
|
||||
testContent.appendChild(newscript);
|
||||
|
||||
// Test 7: mailto protocol
|
||||
var ioService = SpecialPowers.Cc["@mozilla.org/network/io-service;1"].
|
||||
getService(SpecialPowers.Ci.nsIIOService);
|
||||
|
||||
var webHandler = SpecialPowers.Cc["@mozilla.org/uriloader/web-handler-app;1"].
|
||||
createInstance(SpecialPowers.Ci.nsIWebHandlerApp);
|
||||
webHandler.name = "Web Handler";
|
||||
webHandler.uriTemplate = "http://example.com/tests/content/base/test/bug803225_test_mailto.html?s=%";
|
||||
|
||||
var uri = ioService.newURI("mailto:foo@bar.com", null, null);
|
||||
webHandler.launchWithURI(uri);
|
||||
|
||||
var mailto = false;
|
||||
|
||||
// listen for a messages from a new window
|
||||
var observer = {
|
||||
observe: function(subject, topic, data) {
|
||||
if(topic == "content-document-global-created" && data =="http://example.com") {
|
||||
parent.postMessage({"test": "mailto", "msg": "resource with mailto protocol loaded"}, "http://mochi.test:8888");
|
||||
mailto = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
var os = SpecialPowers.Cc["@mozilla.org/observer-service;1"].
|
||||
getService(SpecialPowers.Components.interfaces.nsIObserverService);
|
||||
os.addObserver(observer, "content-document-global-created", false);
|
||||
|
||||
function mailtoProtocolStatus() {
|
||||
if(!mailto) {
|
||||
//There is no onerror event associated with the WebHandler, and hence we need a setTimeout to check the status
|
||||
setTimeout(mailtoProtocolStatus, TIMEOUT_INTERVAL);
|
||||
}
|
||||
}
|
||||
|
||||
mailtoProtocolStatus();
|
||||
|
||||
// Test 8: wss protocol
|
||||
var wss;
|
||||
wss = new WebSocket("wss://example.com/tests/content/base/test/file_mixed_content_main_bug803225_websocket");
|
||||
|
||||
var status_wss = "started";
|
||||
wss.onopen = function(e) {
|
||||
status_wss = "opened";
|
||||
wss.close();
|
||||
}
|
||||
wss.onclose = function(e) {
|
||||
if(status_wss == "opened") {
|
||||
parent.postMessage({"test": "wss", "msg": "resource with wss protocol loaded"}, "http://mochi.test:8888");
|
||||
} else {
|
||||
parent.postMessage({"test": "wss", "msg": "resource with wss protocol did not load"}, "http://mochi.test:8888");
|
||||
}
|
||||
}
|
||||
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
|
@ -1,7 +0,0 @@
|
|||
from mod_pywebsocket import msgutil
|
||||
|
||||
def web_socket_do_extra_handshake(request):
|
||||
pass
|
||||
|
||||
def web_socket_transfer_data(request):
|
||||
resp = ""
|
|
@ -1,148 +0,0 @@
|
|||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<!--
|
||||
Testing Whitelist of Resource Schemed for Mixed Content Blocker
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=803225
|
||||
-->
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<title>Tests for Bug 803225</title>
|
||||
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
|
||||
|
||||
<script>
|
||||
|
||||
var origBlockDisplay = SpecialPowers.getBoolPref("security.mixed_content.block_display_content");
|
||||
var origBlockActive = SpecialPowers.getBoolPref("security.mixed_content.block_active_content");
|
||||
|
||||
var counter = 0;
|
||||
var settings = [ [true, true], [true, false], [false, true], [false, false] ];
|
||||
|
||||
var blockActive;
|
||||
var blockDisplay;
|
||||
|
||||
//Cycle through 4 different preference settings.
|
||||
function changePrefs(x) {
|
||||
SpecialPowers.setBoolPref("security.mixed_content.block_display_content", settings[x][0]);
|
||||
SpecialPowers.setBoolPref("security.mixed_content.block_active_content", settings[x][1]);
|
||||
blockDisplay = SpecialPowers.getBoolPref("security.mixed_content.block_display_content");
|
||||
blockActive = SpecialPowers.getBoolPref("security.mixed_content.block_active_content");
|
||||
}
|
||||
|
||||
//Set the first set of settings (true, true) and increment the counter.
|
||||
changePrefs(counter);
|
||||
counter++;
|
||||
|
||||
var testsToRun = {
|
||||
/* https - Tests already run as part of bug 62178. */
|
||||
about: false,
|
||||
mozicon: false,
|
||||
resource: false,
|
||||
unsafe_about: false,
|
||||
data_protocol: false,
|
||||
javascript: false,
|
||||
mailto: false,
|
||||
wss: false,
|
||||
};
|
||||
|
||||
function log(msg) {
|
||||
document.getElementById("log").textContent += "\n" + msg;
|
||||
}
|
||||
|
||||
function checkTestsCompleted() {
|
||||
for (var prop in testsToRun) {
|
||||
// some test hasn't run yet so we're not done
|
||||
if (!testsToRun[prop])
|
||||
return;
|
||||
}
|
||||
//if the testsToRun are all completed, change the pref and run the tests again until we have cycled through all the prefs.
|
||||
if(counter < 4) {
|
||||
for (var prop in testsToRun) {
|
||||
testsToRun[prop] = false;
|
||||
}
|
||||
//call to change the preferences
|
||||
changePrefs(counter);
|
||||
counter++;
|
||||
log("\nblockDisplay set to "+blockDisplay+", blockActive set to "+blockActive+".");
|
||||
document.getElementById('framediv').innerHTML = '<iframe id="testHarness" src="https://example.com/tests/content/base/test/file_mixed_content_main_bug803225.html"></iframe>';
|
||||
}
|
||||
else {
|
||||
//set the prefs back to what they were set to originally
|
||||
SpecialPowers.setBoolPref("security.mixed_content.block_display_content", origBlockDisplay);
|
||||
SpecialPowers.setBoolPref("security.mixed_content.block_active_content", origBlockActive);
|
||||
SimpleTest.finish();
|
||||
}
|
||||
}
|
||||
|
||||
var firstTest = true;
|
||||
|
||||
// listen for a messages from the mixed content test harness
|
||||
window.addEventListener("message", receiveMessage, false);
|
||||
function receiveMessage(event) {
|
||||
if(firstTest) {
|
||||
log("blockDisplay set to "+blockDisplay+", blockActive set to "+blockActive+".");
|
||||
firstTest = false;
|
||||
}
|
||||
|
||||
log("test: "+event.data.test+", msg: "+event.data.msg + " logging message.");
|
||||
// test that the load type matches the pref for this type of content
|
||||
// (i.e. active vs. display)
|
||||
|
||||
switch(event.data.test) {
|
||||
|
||||
/* Mixed Script tests */
|
||||
case "about":
|
||||
ok(event.data.msg == "resource with about protocol loaded", "resource with about protocol did not load");
|
||||
testsToRun["about"] = true;
|
||||
break;
|
||||
|
||||
case "resource":
|
||||
ok(event.data.msg == "resource with resource protocol loaded", "resource with resource protocol did not load");
|
||||
testsToRun["resource"] = true;
|
||||
break;
|
||||
|
||||
case "mozicon":
|
||||
ok(event.data.msg == "resource with mozicon protocol loaded", "resource with mozicon protocol did not load");
|
||||
testsToRun["mozicon"] = true;
|
||||
break;
|
||||
|
||||
case "unsafe_about":
|
||||
// This one should not load
|
||||
ok(event.data.msg == "resource with unsafe about protocol did not load", "resource with unsafe about protocol loaded");
|
||||
testsToRun["unsafe_about"] = true;
|
||||
break;
|
||||
|
||||
case "data_protocol":
|
||||
ok(event.data.msg == "resource with data protocol loaded", "resource with data protocol did not load");
|
||||
testsToRun["data_protocol"] = true;
|
||||
break;
|
||||
|
||||
case "javascript":
|
||||
ok(event.data.msg == "resource with javascript protocol loaded", "resource with javascript protocol did not load");
|
||||
testsToRun["javascript"] = true;
|
||||
break;
|
||||
|
||||
case "wss":
|
||||
ok(event.data.msg == "resource with wss protocol loaded", "resource with wss protocol did not load");
|
||||
testsToRun["wss"] = true;
|
||||
break;
|
||||
|
||||
case "mailto":
|
||||
ok(event.data.msg == "resource with mailto protocol loaded", "resource with mailto protocol did not load");
|
||||
testsToRun["mailto"] = true;
|
||||
break;
|
||||
}
|
||||
checkTestsCompleted();
|
||||
}
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
</script>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div id="framediv">
|
||||
<iframe id="testHarness" src="https://example.com/tests/content/base/test/file_mixed_content_main_bug803225.html"></iframe>
|
||||
</div>
|
||||
<pre id="log"></pre>
|
||||
</body>
|
||||
</html>
|
|
@ -246,13 +246,6 @@ interface nsIProtocolHandler : nsISupports
|
|||
*/
|
||||
const unsigned long URI_SYNC_LOAD_IS_OK = (1<<17);
|
||||
|
||||
/**
|
||||
* URI is secure to load in an https page and should not be blocked
|
||||
* by nsMixedContentBlocker
|
||||
*/
|
||||
const unsigned long URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT = (1<<18);
|
||||
|
||||
|
||||
};
|
||||
|
||||
%{C++
|
||||
|
|
|
@ -192,7 +192,7 @@ nsSafeAboutProtocolHandler::GetDefaultPort(int32_t *result)
|
|||
NS_IMETHODIMP
|
||||
nsSafeAboutProtocolHandler::GetProtocolFlags(uint32_t *result)
|
||||
{
|
||||
*result = URI_NORELATIVE | URI_NOAUTH | URI_LOADABLE_BY_ANYONE | URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT;
|
||||
*result = URI_NORELATIVE | URI_NOAUTH | URI_LOADABLE_BY_ANYONE;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
|
|
@ -1704,7 +1704,7 @@ nsHttpsHandler::GetDefaultPort(int32_t *aPort)
|
|||
NS_IMETHODIMP
|
||||
nsHttpsHandler::GetProtocolFlags(uint32_t *aProtocolFlags)
|
||||
{
|
||||
*aProtocolFlags = NS_HTTP_PROTOCOL_FLAGS | URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT;
|
||||
*aProtocolFlags = NS_HTTP_PROTOCOL_FLAGS;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
|
|
@ -20,7 +20,6 @@
|
|||
"content/base/test/test_fileapi_slice.html": "bug 775227",
|
||||
"content/base/test/test_mozfiledataurl.html": "TIMED_OUT",
|
||||
"content/base/test/test_mixed_content_blocker.html": "TIMED_OUT, SSL_REQUIRED",
|
||||
"content/base/test/test_mixed_content_blocker_bug803225.html": "TIMED_OUT, SSL_REQUIRED",
|
||||
"content/base/test/test_mutationobservers.html": "",
|
||||
"content/base/test/test_plugin_freezing.html": "CLICK_TO_PLAY",
|
||||
"content/base/test/test_range_bounds.html": "",
|
||||
|
|
Загрузка…
Ссылка в новой задаче