mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1144249 - fix fetch no-cors mode. r=bkelly 

A no-cors mode request should not go through a nsCORSProxyListener, which can only handle same-origin and cors mode.

The test for no-cors was passing allowOrigin, which was converting it into a CORS request, which is why it was passing.

I also realized that it is port 8888 and not 8000, so fixed that in some of the redirect tests.

--HG--
extra : rebase_source : a959877e9fc65ae177dfd480258d164d7b2e6af5
This commit is contained in:
Nikhil Marathe 2015-03-17 08:47:04 -07:00
Родитель 011987e024
Коммит f01e92414c
2 изменённых файлов: 29 добавлений и 19 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

34
dom/fetch/FetchDriver.cpp
Просмотреть файл

@ -485,16 +485,24 @@ FetchDriver::HttpFetch(bool aCORSFlag, bool aCORSPreflightFlag, bool aAuthentica
internalChan->ForceNoIntercept();
}
// Set up a CORS proxy that will handle the various requirements of the CORS
// protocol. It handles the preflight cache and CORS response headers.
// If the request is allowed, it will start our original request
// and our observer will be notified. On failure, our observer is notified
// directly.
nsRefPtr<nsCORSListenerProxy> corsListener =
new nsCORSListenerProxy(this, mPrincipal, useCredentials);
rv = corsListener->Init(chan, true /* allow data uri */);
if (NS_WARN_IF(NS_FAILED(rv))) {
return FailWithNetworkError();
nsCOMPtr<nsIStreamListener> listener = this;
// Unless the cors mode is explicitly no-cors, we set up a cors proxy even in
// the same-origin case, since the proxy does not enforce cors header checks
// in the same-origin case.
if (mRequest->Mode() != RequestMode::No_cors) {
// Set up a CORS proxy that will handle the various requirements of the CORS
// protocol. It handles the preflight cache and CORS response headers.
// If the request is allowed, it will start our original request
// and our observer will be notified. On failure, our observer is notified
// directly.
nsRefPtr<nsCORSListenerProxy> corsListener =
new nsCORSListenerProxy(this, mPrincipal, useCredentials);
rv = corsListener->Init(chan, true /* allow data uri */);
if (NS_WARN_IF(NS_FAILED(rv))) {
return FailWithNetworkError();
}
listener = corsListener.forget();
}
// If preflight is required, start a "CORS preflight fetch"
@ -507,12 +515,12 @@ FetchDriver::HttpFetch(bool aCORSFlag, bool aCORSPreflightFlag, bool aAuthentica
nsAutoTArray<nsCString, 5> unsafeHeaders;
mRequest->Headers()->GetUnsafeHeaders(unsafeHeaders);
rv = NS_StartCORSPreflight(chan, corsListener, mPrincipal,
rv = NS_StartCORSPreflight(chan, listener, mPrincipal,
useCredentials,
unsafeHeaders,
getter_AddRefs(preflightChannel));
} else {
rv = chan->AsyncOpen(corsListener, nullptr);
rv = chan->AsyncOpen(listener, nullptr);
}
if (NS_WARN_IF(NS_FAILED(rv))) {
@ -775,7 +783,7 @@ FetchDriver::AsyncOnChannelRedirect(nsIChannel* aOldChannel,
if (!NS_IsInternalSameURIRedirect(aOldChannel, aNewChannel, aFlags)) {
rv = DoesNotRequirePreflight(aNewChannel);
if (NS_FAILED(rv)) {
NS_WARNING("nsXMLHttpRequest::OnChannelRedirect: "
NS_WARNING("FetchDriver::OnChannelRedirect: "
"DoesNotRequirePreflight returned failure");
return rv;
}

14
dom/tests/mochitest/fetch/test_fetch_cors.js
Просмотреть файл

@ -46,9 +46,11 @@ var corsServerPath = "/tests/dom/base/test/file_CrossSiteXHR_server.sjs?";
function testModeNoCors() {
// Fetch spec, section 4, step 4, response tainting should be set opaque, so
// that fetching leads to an opaque filtered response in step 8.
var r = new Request("http://example.com" + corsServerPath + "status=200&allowOrigin=*", { mode: "no-cors" });
var r = new Request("http://example.com" + corsServerPath + "status=200", { mode: "no-cors" });
return fetch(r).then(function(res) {
ok(isOpaqueResponse(res), "no-cors Request fetch should result in opaque response");
}, function(e) {
ok(false, "no-cors Request fetch should not error");
});
}
@ -1019,7 +1021,7 @@ function testRedirects() {
hops: [{ server: "http://example.com",
allowOrigin: origin
},
{ server: "http://test2.mochi.test:8000",
{ server: "http://test2.mochi.test:8888",
allowOrigin: origin
},
{ server: "http://sub2.xn--lt-uia.mochi.test:8888",
@ -1035,7 +1037,7 @@ function testRedirects() {
hops: [{ server: "http://example.com",
allowOrigin: origin
},
{ server: "http://test2.mochi.test:8000",
{ server: "http://test2.mochi.test:8888",
allowOrigin: origin
},
{ server: "http://sub2.xn--lt-uia.mochi.test:8888",
@ -1067,7 +1069,7 @@ function testRedirects() {
hops: [{ server: "http://example.com",
allowOrigin: origin
},
{ server: "http://test2.mochi.test:8000",
{ server: "http://test2.mochi.test:8888",
allowOrigin: origin
},
{ server: "http://sub2.xn--lt-uia.mochi.test:8888",
@ -1083,7 +1085,7 @@ function testRedirects() {
hops: [{ server: "http://example.com",
allowOrigin: origin
},
{ server: "http://test2.mochi.test:8000",
{ server: "http://test2.mochi.test:8888",
allowOrigin: origin
},
{ server: "http://sub2.xn--lt-uia.mochi.test:8888",
@ -1099,7 +1101,7 @@ function testRedirects() {
hops: [{ server: "http://example.com",
allowOrigin: origin
},
{ server: "http://test2.mochi.test:8000",
{ server: "http://test2.mochi.test:8888",
allowOrigin: origin
},
{ server: "http://sub2.xn--lt-uia.mochi.test:8888",