IndexedDB database operations are written such that they must execute
synchronously. For this reason, the add/put operation reads/writes its
Blobs to disk in a synchronous fashion. However, with the introduction
of SendStream-backed Blobs for large (>1 MiB) blobs whose contents are
streamed to the parent replacing nsStringInputStream-backed Blobs
(whose contents were sent up in a single IPC message that might exceed
the size limit and cause a crash), this has no longer been a safe
assumption. However, the problems weren't immediately obvious because
most pre-WASM Blobs are smaller than the 1MiB threshold and even when
they exceeded the size, their memory-backed contents could rapidly be
sent to the parent via IPC, making NS_BASE_STREAM_WOULD_BLOCK errors
rare/hard to reproduce. (rr and its enforced single-threading is a
good way to reproduce, however. Also, see the testing patch on the
bug that introduces artificial delays into SendStream.)
Included SpecialPowersObserver.jsm minor changes to "CreateFiles":
- appendRelativePath is used instead of appendPath because appendPath
only allows a single path component to be appended. In other words,
file creation is limited to files at the root of the profile
directory using appendPath, which is needlessly limiting.
- outStream is now closed even if no data is provided. This is
essential on windows where file deletion only occurs when all handles
are closed. Without this fix, "RemoveFiles" side-effect of deleting
the created files might not take effect until garbage collection runs
and collects the outStream.
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.
Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.
nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
MozReview-Commit-ID: ES1JruCtDdX
--HG--
extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
We can assume that if middle button's click event on a link isn't consumed by any event handlers including system event group's, it will cause open new tab. With this assumption, we can avoid using setTimeout which causes random orange.
However, unfortunately, in e10s mode, the default is NOT consumed at window in bubbling phase but consumed at that time. So, when not working the link is expected, we cannot check Event.defaultPrevented. But fortunately, we can check if the page is loaded after that.
Note that for testing this, the test needs to check if an event handler which is either in default group or system group consumed a click event. However, this runs as mochitest-plain. Therefore, Event.defaultPrevented returns false if the event is consumed only in the system group's event listener. For avoiding this issue, this patch adds defaultPreventedInAnyGroups() into SpecialPowers. In SpecialPowers, Event.defaultPrevented is accessed from chrome context. Therefore, we can get the result what this test needs.
MozReview-Commit-ID: Cfn4lFR1dfI
--HG--
extra : rebase_source : 51feb768bd38f62cc19c2f4aecaaea0135190599
- added overrideDPPX to nsIContentViewer
- made CSSStyleSheet and GlobalWindow using the overrideDPPX value
- added unit test with frame check
MozReview-Commit-ID: AOWpGs4vb9H
--HG--
extra : rebase_source : 45d9ae2c9b7aad835b5602e805ec7260c69c05b8
Prior to this change, SpecialPowers used the extension id to identiy
extension instances in inter-process messaging. This required that
an id be allocated from the content process side when loadExtension()
was called, but that made it impossible to test code that exercises the
code path in the AddonManager that allocates ids for extensions that do
not include an id in the manifest (it also made the loadExtension() api
clunky).
With this change, SpecialPowers allocates an internal identifier for
messaging, but this identifier is separate from extension ids.
Confusingly, we still store the actual extension id in an id property
on the object returned by loadExtension(), but there are enough tests
that reference this that it would be unnecessarily disruptive to get
rid of it so it stays for now...
MozReview-Commit-ID: G6xk1mBJJL8
--HG--
extra : rebase_source : a0891e5ba308972c35813f55274badf9edde62f7
extra : source : e8818ef3c28489e196d1db92cabf224861b693c9
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.
Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.
nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
(r=ckerschb,r=mayhemer,r=jld,r=smaug,r=dkeeler,r=jmaher,p=ally)
"test.events.async.enabled" must be set to true so we generate key
events in the parent process, which is what triggers the zoom reset.
In addition, some SpecialPowers infrastructure must be set up to
listen for "browser-fullZoom:zoomReset" in the parent and send it to
an observer in the child.
--HG--
extra : rebase_source : 05072529e645b4b8fbd97e2d3ff6dec51a913f40
This change renames OriginAttributes.mInBrowser to mInIsolatedMozBrowser and
nsIPrincipal::GetIsInBrowserElement to GetIsInIsolatedMozBrowserElement. Other
methods that pass these values around also have name changes.
Tokens such as "inBrowser" have previously been serialized into cache keys, used
as DB column names, stored in app registries, etc. No changes are made to any
serialization formats. Only runtime method and variable names are updated.
No behavior changes are made in this patch, so some renamed methods may have
nonsensical implementations. These are corrected in subsequent patches
focused on behavior.
MozReview-Commit-ID: 66HfMlsXFLs
This method is e10s-compatible. It is async, so it requires
rejiggering the test a little. This also requires fixing up a shim
version for xpcshell tests. Finally, this test is the only user of
SpecialPowers.createDOMFiles, so I removed it.
This currently forbids unknown top-level schema properties, and unknown
permissions. In the future, I'd like to make those warnings rather than
errors, for compatibility purposes, but I think errors are fine for now.
--HG--
extra : commitid : 9jGEwCU9AhR
extra : rebase_source : db16f1e5f9962fb7b24c0e52c05832ae646a57c2
In order to meet the addon signing requirement for tests, specialpowers
needs to be installed at gecko runtime. This means it must be restartless.
This patch packages specialpowers as a restartless addon, but it does not
yet install it at runtime.
--HG--
rename : testing/specialpowers/components/SpecialPowersObserver.js => testing/specialpowers/content/SpecialPowersObserver.jsm
extra : commitid : Bbg8gFten8S
extra : rebase_source : 99d0b841a1f8f9eb6b6ca846363a158836482e57