mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1688815: Update GetSiteOriginNoSuffix() to handle view-source correctly. r=nika 

Differential Revision: https://phabricator.services.mozilla.com/D102200
This commit is contained in:
Christoph Kerschbaumer 2021-03-03 18:47:53 +00:00
Родитель 99ac1f352b
Коммит e1cad01b80
2 изменённых файлов: 87 добавлений и 4 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

24
caps/ContentPrincipal.cpp
Просмотреть файл

@ -441,16 +441,31 @@ ContentPrincipal::GetBaseDomain(nsACString& aBaseDomain) {
NS_IMETHODIMP NS_IMETHODIMP
ContentPrincipal::GetSiteOriginNoSuffix(nsACString& aSiteOrigin) { ContentPrincipal::GetSiteOriginNoSuffix(nsACString& aSiteOrigin) {
nsresult rv = GetOriginNoSuffix(aSiteOrigin);
NS_ENSURE_SUCCESS(rv, rv);
// It is possible for two principals with the same origin to have different
// mURI values. In order to ensure that two principals with matching origins
// also have matching siteOrigins, we derive the siteOrigin entirely from the
// origin string and do not rely on mURI at all here.
nsCOMPtr<nsIURI> origin;
rv = NS_NewURI(getter_AddRefs(origin), aSiteOrigin);
if (NS_FAILED(rv)) {
// We got an error parsing the origin as a URI? siteOrigin == origin
// aSiteOrigin was already filled with `OriginNoSuffix`
return rv;
}
// Handle some special URIs first. // Handle some special URIs first.
nsAutoCString baseDomain; nsAutoCString baseDomain;
bool handled; bool handled;
nsresult rv = GetSpecialBaseDomain(mURI, &handled, baseDomain); rv = GetSpecialBaseDomain(origin, &handled, baseDomain);
NS_ENSURE_SUCCESS(rv, rv); NS_ENSURE_SUCCESS(rv, rv);
if (handled) { if (handled) {
// This is a special URI ("file:", "about:", "view-source:", etc). Just // This is a special URI ("file:", "about:", "view-source:", etc). Just
// return the origin. // return the origin.
return GetOriginNoSuffix(aSiteOrigin); return NS_OK;
} }
// For everything else, we ask the TLD service. Note that, unlike in // For everything else, we ask the TLD service. Note that, unlike in
@ -465,7 +480,7 @@ ContentPrincipal::GetSiteOriginNoSuffix(nsACString& aSiteOrigin) {
} }
bool gotBaseDomain = false; bool gotBaseDomain = false;
rv = tldService->GetBaseDomain(mURI, 0, baseDomain); rv = tldService->GetBaseDomain(origin, 0, baseDomain);
if (NS_SUCCEEDED(rv)) { if (NS_SUCCEEDED(rv)) {
gotBaseDomain = true; gotBaseDomain = true;
} else { } else {
@ -480,7 +495,7 @@ ContentPrincipal::GetSiteOriginNoSuffix(nsACString& aSiteOrigin) {
// NOTE: Calling `SetHostPort` with a portless domain is insufficient to clear // NOTE: Calling `SetHostPort` with a portless domain is insufficient to clear
// the port, so an extra `SetPort` call has to be made. // the port, so an extra `SetPort` call has to be made.
nsCOMPtr<nsIURI> siteUri; nsCOMPtr<nsIURI> siteUri;
NS_MutateURI mutator(mURI); NS_MutateURI mutator(origin);
mutator.SetUserPass(""_ns).SetPort(-1); mutator.SetUserPass(""_ns).SetPort(-1);
if (gotBaseDomain) { if (gotBaseDomain) {
mutator.SetHost(baseDomain); mutator.SetHost(baseDomain);
@ -489,6 +504,7 @@ ContentPrincipal::GetSiteOriginNoSuffix(nsACString& aSiteOrigin) {
MOZ_ASSERT(NS_SUCCEEDED(rv), "failed to create siteUri"); MOZ_ASSERT(NS_SUCCEEDED(rv), "failed to create siteUri");
NS_ENSURE_SUCCESS(rv, rv); NS_ENSURE_SUCCESS(rv, rv);
aSiteOrigin.Truncate();
rv = GenerateOriginNoSuffixFromURI(siteUri, aSiteOrigin); rv = GenerateOriginNoSuffixFromURI(siteUri, aSiteOrigin);
MOZ_ASSERT(NS_SUCCEEDED(rv), "failed to create siteOriginNoSuffix"); MOZ_ASSERT(NS_SUCCEEDED(rv), "failed to create siteOriginNoSuffix");
return rv; return rv;

67
caps/tests/unit/test_site_origin.js
Просмотреть файл

@ -57,6 +57,73 @@ Assert.equal(aboutPrincipal.originNoSuffix, "about:preferences");
Assert.equal(aboutPrincipal.siteOrigin, "about:preferences^userContextId=66"); Assert.equal(aboutPrincipal.siteOrigin, "about:preferences^userContextId=66");
Assert.equal(aboutPrincipal.siteOriginNoSuffix, "about:preferences"); Assert.equal(aboutPrincipal.siteOriginNoSuffix, "about:preferences");
let viewSourceURI = Services.io.newURI(
"view-source:https://test1.test2.example.com"
);
let viewSourcePrincipal = scriptSecMan.createContentPrincipal(viewSourceURI, {
userContextId: 101,
});
Assert.ok(viewSourcePrincipal.isContentPrincipal);
Assert.ok(viewSourcePrincipal.schemeIs("view-source"));
Assert.equal(
viewSourcePrincipal.origin,
"https://test1.test2.example.com^userContextId=101"
);
Assert.equal(
viewSourcePrincipal.originNoSuffix,
"https://test1.test2.example.com"
);
Assert.equal(
viewSourcePrincipal.siteOrigin,
"https://example.com^userContextId=101"
);
Assert.equal(viewSourcePrincipal.siteOriginNoSuffix, "https://example.com");
let mozExtensionURI = Services.io.newURI(
"moz-extension://924f966d-c93b-4fbf-968a-16608461663c/meh.txt"
);
let mozExtensionPrincipal = scriptSecMan.createContentPrincipal(
mozExtensionURI,
{
userContextId: 102,
}
);
Assert.ok(mozExtensionPrincipal.isContentPrincipal);
Assert.ok(mozExtensionPrincipal.schemeIs("moz-extension"));
Assert.equal(
mozExtensionPrincipal.origin,
"moz-extension://924f966d-c93b-4fbf-968a-16608461663c^userContextId=102"
);
Assert.equal(
mozExtensionPrincipal.originNoSuffix,
"moz-extension://924f966d-c93b-4fbf-968a-16608461663c"
);
Assert.equal(
mozExtensionPrincipal.siteOrigin,
"moz-extension://924f966d-c93b-4fbf-968a-16608461663c^userContextId=102"
);
Assert.equal(
mozExtensionPrincipal.siteOriginNoSuffix,
"moz-extension://924f966d-c93b-4fbf-968a-16608461663c"
);
let localhostURI = Services.io.newURI(" http://localhost:44203");
let localhostPrincipal = scriptSecMan.createContentPrincipal(localhostURI, {
userContextId: 144,
});
Assert.ok(localhostPrincipal.isContentPrincipal);
Assert.ok(localhostPrincipal.schemeIs("http"));
Assert.equal(
localhostPrincipal.origin,
"http://localhost:44203^userContextId=144"
);
Assert.equal(localhostPrincipal.originNoSuffix, "http://localhost:44203");
Assert.equal(
localhostPrincipal.siteOrigin,
"http://localhost^userContextId=144"
);
Assert.equal(localhostPrincipal.siteOriginNoSuffix, "http://localhost");
// NullPrincipal checks // NullPrincipal checks
let nullPrincipal = scriptSecMan.createNullPrincipal({ userContextId: 33 }); let nullPrincipal = scriptSecMan.createNullPrincipal({ userContextId: 33 });
Assert.ok(nullPrincipal.isNullPrincipal); Assert.ok(nullPrincipal.isNullPrincipal);