mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Backed out changesets 5bdf8bbcd02f and df27137cb7d1 (bug 803225) for mochitest orange.

This commit is contained in:
Ryan VanderMeulen 2012-11-15 22:16:03 -05:00
Родитель ecfa980647
Коммит c0421e9621
10 изменённых файлов: 12 добавлений и 379 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

41
content/base/src/nsMixedContentBlocker.cpp
Просмотреть файл

@ -12,7 +12,6 @@
#include "nsISecurityEventSink.h"
#include "nsIWebProgressListener.h"
#include "nsContentUtils.h"
#include "nsNetUtil.h"
#include "mozilla/Preferences.h"
using namespace mozilla;
@ -54,7 +53,7 @@ private:
// the document that caused the load.
nsCOMPtr<nsISupports> mContext;
// The type of mixed content that was blocked, e.g. active or display
// The type of mixed content that was blocked, i.e. active or display
unsigned short mType;
};
*/
@ -95,9 +94,8 @@ nsMixedContentBlocker::ShouldLoad(uint32_t aContentType,
return NS_OK;
}
// Top-level load cannot be mixed content so allow it.
// Creating insecure websocket connections in a secure page is blocked already in websocket constructor.
if (aContentType == nsIContentPolicy::TYPE_DOCUMENT || aContentType == nsIContentPolicy::TYPE_WEBSOCKET) {
// Top-level load cannot be mixed content so allow it
if (aContentType == nsIContentPolicy::TYPE_DOCUMENT) {
return NS_OK;
}
@ -126,35 +124,10 @@ nsMixedContentBlocker::ShouldLoad(uint32_t aContentType,
return NS_OK;
}
/* Get the scheme of the sub-document resource to be requested. If it is
* a safe to load in an https context then mixed content doesn't apply.
*
* Check Protocol Flags to determine if scheme is safe to load:
* URI_DOES_NOT_RETURN_DATA - e.g.
* "mailto"
* URI_IS_LOCAL_RESOURCE - e.g.
* "data",
* "resource",
* "moz-icon"
* URI_INHERITS_SECURITY_CONTEXT - e.g.
* "javascript"
* URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT - e.g.
* "https",
* "moz-safe-about"
*
*/
bool schemeLocal = false;
bool schemeNoReturnData = false;
bool schemeInherits = false;
bool schemeSecure = false;
if (NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_IS_LOCAL_RESOURCE , &schemeLocal)) ||
NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_DOES_NOT_RETURN_DATA, &schemeNoReturnData)) ||
NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT, &schemeInherits)) ||
NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT, &schemeSecure))) {
return NS_ERROR_FAILURE;
}
if (schemeLocal || schemeNoReturnData || schemeInherits || schemeSecure) {
// Get the scheme of the sub-document resource to be requested. If it is
// an HTTPS load then mixed content doesn't apply.
bool isHttps;
if (NS_FAILED(aContentLocation->SchemeIs("https", &isHttps)) || isHttps) {
return NS_OK;
}

4
content/base/test/Makefile.in
Просмотреть файл

@ -585,10 +585,6 @@ MOCHITEST_FILES_B = \
test_mixed_content_blocker.html \
file_mixed_content_main.html \
file_mixed_content_server.sjs \
test_mixed_content_blocker_bug803225.html \
file_mixed_content_main_bug803225.html \
file_mixed_content_main_bug803225_websocket_wsh.py \
bug803225_test_mailto.html \
test_bug789856.html \
file_bug804395.jar \
test_bug804395.html \

13
content/base/test/bug803225_test_mailto.html
Просмотреть файл

@ -1,13 +0,0 @@
<!DOCTYPE HTML>
<html>
<!--
Tests for Mixed Content Blocker - Mailto Protocol Compose Page
https://bugzilla.mozilla.org/show_bug.cgi?id=803225
-->
<head> <meta charset="utf-8">
</head>
<body>
Hello
<script>window.close();</script>
</body>
</html>

160
content/base/test/file_mixed_content_main_bug803225.html
Просмотреть файл

@ -1,160 +0,0 @@
<!DOCTYPE HTML>
<html>
<!--
Tests for Mixed Content Blocker - Allowed Protocols
https://bugzilla.mozilla.org/show_bug.cgi?id=803225
-->
<head>
<meta charset="utf-8">
<title>Tests for Bug 62178</title>
<script type="application/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
</head>
<body>
<div id="testContent"></div>
<!-- Test additional schemes the Mixed Content Blocker should not block
"about" protocol URIs that are URI_SAFE_FOR_UNTRUSTED_CONTENT (moz-safe-about; see nsAboutProtocolHandler::NewURI
"data",
"javascript",
"mailto",
"resource",
"moz-icon",
"wss"
-->
<script>
//For tests that require setTimeout, set the timeout interval
var TIMEOUT_INTERVAL = 100;
var testContent = document.getElementById("testContent");
// Test 1 & 2: about and javascript protcols within an iframe
var data = Array(2,2);
var protocols = [
["about", ""], //When no source is specified, the frame gets a source of about:blank
["javascript", "javascript:document.open();document.write='<h1>SUCCESS</h1>';document.close();"],
];
for(var i=0; i < protocols.length; i++)
{
var generic_frame = document.createElement("iframe");
generic_frame.src = protocols[i][1];
generic_frame.name="generic_protocol";
generic_frame.onload = function(i) {
data = {"test": protocols[i][0], "msg": "resource with " + protocols[i][0] + " protocol loaded"};
parent.postMessage(data, "http://mochi.test:8888");
}.bind(generic_frame, i)
generic_frame.onerror = function(i) {
data = {"test": protocols[i][0], "msg": "resource with " + protocols[i][0] + " protocol did not load"};
parent.postMessage(data, "http://mochi.test:8888");
}.bind(generic_frame, i);
testContent.appendChild(generic_frame, i);
}
// Test 3: for resource within a script tag
var resource_script=document.createElement("script");
resource_script.src = "resource://gre/modules/XPCOMUtils.jsm";
resource_script.name = "resource_protocol";
resource_script.onload = function() {
parent.postMessage({"test": "resource", "msg": "resource with resource protocol loaded"}, "http://mochi.test:8888");
}
resource_script.onerror = function() {
parent.postMessage({"test": "resource", "msg": "resource with resource protocol did not load"}, "http://mochi.test:8888");
}
testContent.appendChild(resource_script);
// Test 4: moz-icon within an img tag
var image=document.createElement("img");
image.src = "moz-icon://dummy.exe?size=16";
image.onload = function() {
parent.postMessage({"test": "mozicon", "msg": "resource with mozicon protocol loaded"}, "http://mochi.test:8888");
}
image.onerror = function() {
parent.postMessage({"test": "mozicon", "msg": "resource with mozicon protocol did not load"}, "http://mochi.test:8888");
}
// We don't need to append the image to the document. Doing so causes the image test to run twice.
// Test 5: about unsafe protocol within an iframe
var unsafe_about_frame = document.createElement("iframe");
unsafe_about_frame.src = "about:config";
unsafe_about_frame.name = "unsafe_about_protocol";
unsafe_about_frame.onload = function() {
parent.postMessage({"test": "unsafe_about", "msg": "resource with unsafe about protocol loaded"}, "http://mochi.test:8888");
}
unsafe_about_frame.onerror = function() {
parent.postMessage({"test": "unsafe_about", "msg": "resource with unsafe about protocol did not load"}, "http://mochi.test:8888");
}
testContent.appendChild(unsafe_about_frame);
// Test 6: data protocol within a script tag
var x = 2;
var newscript = document.createElement("script");
newscript.src= "data:text/javascript,var x = 4;";
newscript.onload = function() {
parent.postMessage({"test": "data_protocol", "msg": "resource with data protocol protocol loaded"}, "http://mochi.test:8888");
}
newscript.onerror = function() {
parent.postMessage({"test": "data_protocol", "msg": "resource with data protocol protocol did not load"}, "http://mochi.test:8888");
}
testContent.appendChild(newscript);
// Test 7: mailto protocol
var ioService = SpecialPowers.Cc["@mozilla.org/network/io-service;1"].
getService(SpecialPowers.Ci.nsIIOService);
var webHandler = SpecialPowers.Cc["@mozilla.org/uriloader/web-handler-app;1"].
createInstance(SpecialPowers.Ci.nsIWebHandlerApp);
webHandler.name = "Web Handler";
webHandler.uriTemplate = "http://example.com/tests/content/base/test/bug803225_test_mailto.html?s=%";
var uri = ioService.newURI("mailto:foo@bar.com", null, null);
webHandler.launchWithURI(uri);
var mailto = false;
// listen for a messages from a new window
var observer = {
observe: function(subject, topic, data) {
if(topic == "content-document-global-created" && data =="http://example.com") {
parent.postMessage({"test": "mailto", "msg": "resource with mailto protocol loaded"}, "http://mochi.test:8888");
mailto = true;
}
}
}
var os = SpecialPowers.Cc["@mozilla.org/observer-service;1"].
getService(SpecialPowers.Components.interfaces.nsIObserverService);
os.addObserver(observer, "content-document-global-created", false);
function mailtoProtocolStatus() {
if(!mailto) {
//There is no onerror event associated with the WebHandler, and hence we need a setTimeout to check the status
setTimeout(mailtoProtocolStatus, TIMEOUT_INTERVAL);
}
}
mailtoProtocolStatus();
// Test 8: wss protocol
var wss;
wss = new WebSocket("wss://example.com/tests/content/base/test/file_mixed_content_main_bug803225_websocket");
var status_wss = "started";
wss.onopen = function(e) {
status_wss = "opened";
wss.close();
}
wss.onclose = function(e) {
if(status_wss == "opened") {
parent.postMessage({"test": "wss", "msg": "resource with wss protocol loaded"}, "http://mochi.test:8888");
} else {
parent.postMessage({"test": "wss", "msg": "resource with wss protocol did not load"}, "http://mochi.test:8888");
}
}
</script>
</body>
</html>

7
content/base/test/file_mixed_content_main_bug803225_websocket_wsh.py
Просмотреть файл

@ -1,7 +0,0 @@
from mod_pywebsocket import msgutil
def web_socket_do_extra_handshake(request):
pass
def web_socket_transfer_data(request):
resp = ""

148
content/base/test/test_mixed_content_blocker_bug803225.html
Просмотреть файл

@ -1,148 +0,0 @@
<!DOCTYPE HTML>
<html>
<!--
Testing Whitelist of Resource Schemed for Mixed Content Blocker
https://bugzilla.mozilla.org/show_bug.cgi?id=803225
-->
<head>
<meta charset="utf-8">
<title>Tests for Bug 803225</title>
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
<script>
var origBlockDisplay = SpecialPowers.getBoolPref("security.mixed_content.block_display_content");
var origBlockActive = SpecialPowers.getBoolPref("security.mixed_content.block_active_content");
var counter = 0;
var settings = [ [true, true], [true, false], [false, true], [false, false] ];
var blockActive;
var blockDisplay;
//Cycle through 4 different preference settings.
function changePrefs(x) {
SpecialPowers.setBoolPref("security.mixed_content.block_display_content", settings[x][0]);
SpecialPowers.setBoolPref("security.mixed_content.block_active_content", settings[x][1]);
blockDisplay = SpecialPowers.getBoolPref("security.mixed_content.block_display_content");
blockActive = SpecialPowers.getBoolPref("security.mixed_content.block_active_content");
}
//Set the first set of settings (true, true) and increment the counter.
changePrefs(counter);
counter++;
var testsToRun = {
/* https - Tests already run as part of bug 62178. */
about: false,
mozicon: false,
resource: false,
unsafe_about: false,
data_protocol: false,
javascript: false,
mailto: false,
wss: false,
};
function log(msg) {
document.getElementById("log").textContent += "\n" + msg;
}
function checkTestsCompleted() {
for (var prop in testsToRun) {
// some test hasn't run yet so we're not done
if (!testsToRun[prop])
return;
}
//if the testsToRun are all completed, change the pref and run the tests again until we have cycled through all the prefs.
if(counter < 4) {
for (var prop in testsToRun) {
testsToRun[prop] = false;
}
//call to change the preferences
changePrefs(counter);
counter++;
log("\nblockDisplay set to "+blockDisplay+", blockActive set to "+blockActive+".");
document.getElementById('framediv').innerHTML = '<iframe id="testHarness" src="https://example.com/tests/content/base/test/file_mixed_content_main_bug803225.html"></iframe>';
}
else {
//set the prefs back to what they were set to originally
SpecialPowers.setBoolPref("security.mixed_content.block_display_content", origBlockDisplay);
SpecialPowers.setBoolPref("security.mixed_content.block_active_content", origBlockActive);
SimpleTest.finish();
}
}
var firstTest = true;
// listen for a messages from the mixed content test harness
window.addEventListener("message", receiveMessage, false);
function receiveMessage(event) {
if(firstTest) {
log("blockDisplay set to "+blockDisplay+", blockActive set to "+blockActive+".");
firstTest = false;
}
log("test: "+event.data.test+", msg: "+event.data.msg + " logging message.");
// test that the load type matches the pref for this type of content
// (i.e. active vs. display)
switch(event.data.test) {
/* Mixed Script tests */
case "about":
ok(event.data.msg == "resource with about protocol loaded", "resource with about protocol did not load");
testsToRun["about"] = true;
break;
case "resource":
ok(event.data.msg == "resource with resource protocol loaded", "resource with resource protocol did not load");
testsToRun["resource"] = true;
break;
case "mozicon":
ok(event.data.msg == "resource with mozicon protocol loaded", "resource with mozicon protocol did not load");
testsToRun["mozicon"] = true;
break;
case "unsafe_about":
// This one should not load
ok(event.data.msg == "resource with unsafe about protocol did not load", "resource with unsafe about protocol loaded");
testsToRun["unsafe_about"] = true;
break;
case "data_protocol":
ok(event.data.msg == "resource with data protocol loaded", "resource with data protocol did not load");
testsToRun["data_protocol"] = true;
break;
case "javascript":
ok(event.data.msg == "resource with javascript protocol loaded", "resource with javascript protocol did not load");
testsToRun["javascript"] = true;
break;
case "wss":
ok(event.data.msg == "resource with wss protocol loaded", "resource with wss protocol did not load");
testsToRun["wss"] = true;
break;
case "mailto":
ok(event.data.msg == "resource with mailto protocol loaded", "resource with mailto protocol did not load");
testsToRun["mailto"] = true;
break;
}
checkTestsCompleted();
}
SimpleTest.waitForExplicitFinish();
</script>
</head>
<body>
<div id="framediv">
<iframe id="testHarness" src="https://example.com/tests/content/base/test/file_mixed_content_main_bug803225.html"></iframe>
</div>
<pre id="log"></pre>
</body>
</html>

7
netwerk/base/public/nsIProtocolHandler.idl
Просмотреть файл

@ -246,13 +246,6 @@ interface nsIProtocolHandler : nsISupports
*/
const unsigned long URI_SYNC_LOAD_IS_OK = (1<<17);
/**
* URI is secure to load in an https page and should not be blocked
* by nsMixedContentBlocker
*/
const unsigned long URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT = (1<<18);
};
%{C++

2
netwerk/protocol/about/nsAboutProtocolHandler.cpp
Просмотреть файл

@ -192,7 +192,7 @@ nsSafeAboutProtocolHandler::GetDefaultPort(int32_t *result)
NS_IMETHODIMP
nsSafeAboutProtocolHandler::GetProtocolFlags(uint32_t *result)
{
*result = URI_NORELATIVE | URI_NOAUTH | URI_LOADABLE_BY_ANYONE | URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT;
*result = URI_NORELATIVE | URI_NOAUTH | URI_LOADABLE_BY_ANYONE;
return NS_OK;
}

2
netwerk/protocol/http/nsHttpHandler.cpp
Просмотреть файл

@ -1704,7 +1704,7 @@ nsHttpsHandler::GetDefaultPort(int32_t *aPort)
NS_IMETHODIMP
nsHttpsHandler::GetProtocolFlags(uint32_t *aProtocolFlags)
{
*aProtocolFlags = NS_HTTP_PROTOCOL_FLAGS | URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT;
*aProtocolFlags = NS_HTTP_PROTOCOL_FLAGS;
return NS_OK;
}

1
testing/mochitest/android.json
Просмотреть файл

@ -20,7 +20,6 @@
"content/base/test/test_fileapi_slice.html": "bug 775227",
"content/base/test/test_mozfiledataurl.html": "TIMED_OUT",
"content/base/test/test_mixed_content_blocker.html": "TIMED_OUT, SSL_REQUIRED",
"content/base/test/test_mixed_content_blocker_bug803225.html": "TIMED_OUT, SSL_REQUIRED",
"content/base/test/test_mutationobservers.html": "",
"content/base/test/test_plugin_freezing.html": "CLICK_TO_PLAY",
"content/base/test/test_range_bounds.html": "",