mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1878001 - Add bypass list for DefaultURI fallback r=necko-reviewers,valentin 

Differential Revision: https://phabricator.services.mozilla.com/D200323
This commit is contained in:
edgul 2024-04-04 14:13:58 +00:00
Родитель d962f3b9a0
Коммит c156bcda24
8 изменённых файлов: 151 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

13
modules/libpref/init/StaticPrefList.yaml
Просмотреть файл

@ -12761,6 +12761,19 @@
value: false
mirror: always
# Allows use of a protocol exception list that will bypass defaultURI parser
- name: network.url.some_schemes_bypass_defaultURI_fallback
type: RelaxedAtomicBool
value: true
mirror: always
# A list of schemes to allow for bypassing defaultURI as default
# This is only used when network.url.some_schemes_bypass_defaultURI_fallback is true
- name: network.url.simple_uri_schemes
type: String
value: ""
mirror: never
# The maximum allowed length for a URL - 32MB default.
# If 0 that means no limit.
- name: network.url.max-length

11
netwerk/base/nsIOService.cpp
Просмотреть файл

@ -87,6 +87,7 @@ using mozilla::dom::ServiceWorkerDescriptor;
#define WEBRTC_PREF_PREFIX "media.peerconnection."
#define NETWORK_DNS_PREF "network.dns."
#define FORCE_EXTERNAL_PREF_PREFIX "network.protocol-handler.external."
#define SIMPLE_URI_SCHEMES_PREF "network.url.simple_uri_schemes"
nsIOService* gIOService;
static bool gHasWarnedUploadChannel2;
@ -211,6 +212,7 @@ static const char* gCallbackPrefs[] = {
NECKO_BUFFER_CACHE_SIZE_PREF,
NETWORK_CAPTIVE_PORTAL_PREF,
FORCE_EXTERNAL_PREF_PREFIX,
SIMPLE_URI_SCHEMES_PREF,
nullptr,
};
@ -1528,6 +1530,15 @@ void nsIOService::PrefsChanged(const char* pref) {
AutoWriteLock lock(mLock);
mForceExternalSchemes = std::move(forceExternalSchemes);
}
if (!pref || strncmp(pref, SIMPLE_URI_SCHEMES_PREF,
strlen(SIMPLE_URI_SCHEMES_PREF)) == 0) {
LOG((
"simple_uri_schemes pref change observed, updating the scheme list\n"));
nsAutoCString schemeList;
Preferences::GetCString(SIMPLE_URI_SCHEMES_PREF, schemeList);
mozilla::net::ParseSimpleURISchemes(schemeList);
}
}
void nsIOService::ParsePortList(const char* pref, bool remove) {

39
netwerk/base/nsNetUtil.cpp
Просмотреть файл

@ -1816,6 +1816,26 @@ class TlsAutoIncrement {
T& mVar;
};
static nsTHashSet<nsCString> sSimpleURISchemes;
static StaticRWLock sSchemeLock;
namespace mozilla::net {
void ParseSimpleURISchemes(const nsACString& schemeList) {
StaticAutoWriteLock lock(sSchemeLock);
sSimpleURISchemes.Clear();
for (const auto& scheme : schemeList.Split(',')) {
nsAutoCString s(scheme);
s.CompressWhitespace();
if (!s.IsEmpty()) {
sSimpleURISchemes.Insert(s);
}
}
}
} // namespace mozilla::net
nsresult NS_NewURI(nsIURI** aURI, const nsACString& aSpec,
const char* aCharset /* = nullptr */,
nsIURI* aBaseURI /* = nullptr */) {
@ -2003,6 +2023,14 @@ nsresult NS_NewURI(nsIURI** aURI, const nsACString& aSpec,
}
#endif
auto mustUseSimpleURI = [](const nsCString& scheme) -> bool {
if (!StaticPrefs::network_url_some_schemes_bypass_defaultURI_fallback()) {
return false;
}
StaticAutoReadLock lock(sSchemeLock);
return sSimpleURISchemes.Contains(scheme);
};
if (aBaseURI) {
nsAutoCString newSpec;
rv = aBaseURI->Resolve(aSpec, newSpec);
@ -2016,6 +2044,12 @@ nsresult NS_NewURI(nsIURI** aURI, const nsACString& aSpec,
}
if (StaticPrefs::network_url_useDefaultURI()) {
if (mustUseSimpleURI(scheme)) {
return NS_MutateURI(new nsSimpleURI::Mutator())
.SetSpec(newSpec)
.Finalize(aURI);
}
return NS_MutateURI(new DefaultURI::Mutator())
.SetSpec(newSpec)
.Finalize(aURI);
@ -2027,6 +2061,11 @@ nsresult NS_NewURI(nsIURI** aURI, const nsACString& aSpec,
}
if (StaticPrefs::network_url_useDefaultURI()) {
if (mustUseSimpleURI(scheme)) {
return NS_MutateURI(new nsSimpleURI::Mutator())
.SetSpec(aSpec)
.Finalize(aURI);
}
return NS_MutateURI(new DefaultURI::Mutator())
.SetSpec(aSpec)
.Finalize(aURI);

2
netwerk/base/nsNetUtil.h
Просмотреть файл

@ -1117,6 +1117,8 @@ void CheckForBrokenChromeURL(nsILoadInfo* aLoadInfo, nsIURI* aURI);
bool IsCoepCredentiallessEnabled(bool aIsOriginTrialCoepCredentiallessEnabled);
void ParseSimpleURISchemes(const nsACString& schemeList);
} // namespace net
} // namespace mozilla

67
netwerk/test/unit/test_default_uri_bypass.js Normal file
Просмотреть файл

@ -0,0 +1,67 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/*
* Test that default uri is bypassable by an unknown protocol that is
* present in the bypass list (and the pref is enabled)
*/
"use strict";
function inChildProcess() {
return Services.appinfo.processType != Ci.nsIXULRuntime.PROCESS_TYPE_DEFAULT;
}
function run_test() {
// In-Parent-only process pref setup
if (!inChildProcess()) {
Services.prefs.setBoolPref("network.url.useDefaultURI", true);
Services.prefs.setBoolPref(
"network.url.some_schemes_bypass_defaultURI_fallback",
true
);
Services.prefs.setCharPref(
"network.url.simple_uri_schemes",
"simpleprotocol,otherproto"
);
}
// check valid url is fine
let uri = NetUtil.newURI("https://example.com/");
Assert.equal(uri.spec, "https://example.com/"); // same
// nsStandardURL removes second colon when nesting protocols
let uri1 = NetUtil.newURI("https://https://example.com/");
Assert.equal(uri1.spec, "https://https//example.com/");
// defaultUri removes second colon
// no-bypass protocol uses defaultURI
let uri2 = NetUtil.newURI("nonsimpleprotocol://https://example.com");
Assert.equal(uri2.spec, "nonsimpleprotocol://https//example.com");
// simpleURI keeps the second colon
// an unknown protocol in the bypass list will use simpleURI
// despite network.url.useDefaultURI being enabled
let same = "simpleprotocol://https://example.com";
let uri3 = NetUtil.newURI(same);
Assert.equal(uri3.spec, same); // simple uri keeps second colon
// setCharPref not accessible from child process
if (!inChildProcess()) {
// check that pref update removes simpleprotocol from bypass list
Services.prefs.setCharPref("network.url.simple_uri_schemes", "otherproto");
let uri4 = NetUtil.newURI("simpleprotocol://https://example.com");
Assert.equal(uri4.spec, "simpleprotocol://https//example.com"); // default uri removes second colon
// check that spaces are parsed out
Services.prefs.setCharPref(
"network.url.simple_uri_schemes",
" simpleprotocol , otherproto "
);
let uri5 = NetUtil.newURI("simpleprotocol://https://example.com");
Assert.equal(uri5.spec, "simpleprotocol://https://example.com"); // simple uri keeps second colon
let uri6 = NetUtil.newURI("otherproto://https://example.com");
Assert.equal(uri6.spec, "otherproto://https://example.com"); // simple uri keeps second colon
}
}

2
netwerk/test/unit/xpcshell.toml
Просмотреть файл

@ -1276,3 +1276,5 @@ skip-if = [
]
["test_xmlhttprequest.js"]
["test_default_uri_bypass.js"]

13
netwerk/test/unit_ipc/test_default_uri_bypass_wrap.js Normal file
Просмотреть файл

@ -0,0 +1,13 @@
function run_test() {
Services.prefs.setBoolPref("network.url.useDefaultURI", true);
Services.prefs.setBoolPref(
"network.url.some_schemes_bypass_defaultURI_fallback",
true
);
Services.prefs.setCharPref(
"network.url.simple_uri_schemes",
"simpleprotocol,otherproto"
);
run_test_in_child("../unit/test_default_uri_bypass.js");
}

4
netwerk/test/unit_ipc/xpcshell.toml
Просмотреть файл

@ -70,6 +70,7 @@ support-files = [
"!/netwerk/test/unit/test_http3_prio_helpers.js",
"!/netwerk/test/unit/http2-ca.pem",
"!/netwerk/test/unit/test_orb_empty_header.js",
"!/netwerk/test/unit/test_default_uri_bypass.js",
"child_is_proxy_used.js",
"child_cookie_header.js",
"child_dns_by_type_resolve.js",
@ -239,3 +240,6 @@ skip-if = ["os == 'android'"]
["test_xmlhttprequest_wrap.js"]
prefs = ["network.allow_raw_sockets_in_content_processes=true"]
["test_default_uri_bypass_wrap.js"]
prefs = ["network.allow_raw_sockets_in_content_processes=true"]