GitLab

at 2025-07-19T00:29:10+02:00

Bug 1808979 - Disable security.csp.truncate_blocked_uri_for_frame_navigations by default. r=freddyb

Differential Revision: https://phabricator.services.mozilla.com/D253304

Bug 1808979 - WPT for frame-src path matching after replacing the URL. r=freddyb

Differential Revision: https://phabricator.services.mozilla.com/D253638

Bug 1968414 - [devtools] Escape carriage return character properly  a=pascalc

Original Revision: https://phabricator.services.mozilla.com/D254323

Differential Revision: https://phabricator.services.mozilla.com/D256090

Bug 1970658 - Apply YouTube embed URL replacement to the path component.  a=dmeehan

Original Revision: https://phabricator.services.mozilla.com/D252841

Differential Revision: https://phabricator.services.mozilla.com/D253651

Bug 1971116 - For global mute events, iterate on copies of containers. r=dbaker

Mute/unmute events are fired synchronously to content, which if it stops an
(event target) track in the event handler, may call back into and mutate the
containers we're iterating over.

Differential Revision: https://phabricator.services.mozilla.com/D254352

Bug 1972282 - Check for spoof English in xsl:sort. r=smaug

Differential Revision: https://phabricator.services.mozilla.com/D254784

   const newLines = "line1\r\nline2\r\rline3\n\nline4";

   is(

     CurlUtils.escapeStringWin(newLines),

-    '^"line1^\n\nline2\r\rline3^\n\n^\n\nline4^"',

+    '^\"line1^\n\nline2^\n\n^\n\nline3^\n\n^\n\nline4^\"',

     "Newlines should be escaped."

   );

   const evilCommand = `query=evil\r\rcmd" /c timeout /t 3 & calc.exe\r\r`;

   is(

     CurlUtils.escapeStringWin(evilCommand),

-    '^"query=evil\r\rcmd\\" /c timeout /t 3 & calc.exe\r\r^"',

+    '^\"query=evil^\n\n^\n\ncmd\\\" /c timeout /t 3 & calc.exe^\n\n^\n\n^\"',

     "The evil command is escaped properly"

   );

 }

         // Lastly we replace new lines with ^ and TWO new lines because the first

         // new line is there to enact the escape command the second is the character

         // to escape (in this case new line).

-        .replace(/\r?\n/g, "^\n\n") +

+        .replace(/\r?\n|\r/g, "^\n\n") +

       encapsChars

     );

   },

   }

   // See if requester is planning on using the JS API.

-  nsAutoCString uri;

-  nsresult rv = aURI->GetSpec(uri);

+  nsAutoCString prePath;

+  nsresult rv = aURI->GetPrePath(prePath);

   if (NS_FAILED(rv)) {

     return;

   }

   // URLs, convert the parameters to query in order to make the video load

   // correctly as an iframe. In either case, warn about it in the

   // developer console.

-  int32_t ampIndex = uri.FindChar('&', 0);

+  int32_t ampIndex = path.FindChar('&', 0);

   bool replaceQuery = false;

   if (ampIndex != -1) {

-    int32_t qmIndex = uri.FindChar('?', 0);

+    int32_t qmIndex = path.FindChar('?', 0);

     if (qmIndex == -1 || qmIndex > ampIndex) {

       replaceQuery = true;

     }

     return;

   }

-  nsAutoString utf16OldURI = NS_ConvertUTF8toUTF16(uri);

+  NS_ConvertUTF8toUTF16 utf16OldURI(prePath);

+  AppendUTF8toUTF16(path, utf16OldURI);

   // If we need to convert the URL, it means an ampersand comes first.

   // Use the index we found earlier.

   if (replaceQuery) {

     // Replace question marks with ampersands.

-    uri.ReplaceChar('?', '&');

+    path.ReplaceChar('?', '&');

     // Replace the first ampersand with a question mark.

-    uri.SetCharAt('?', ampIndex);

+    path.SetCharAt('?', ampIndex);

   }

   // Switch out video access url formats, which should possibly allow HTML5

   // video loading.

-  uri.ReplaceSubstring("/v/"_ns, "/embed/"_ns);

-  nsAutoString utf16URI = NS_ConvertUTF8toUTF16(uri);

-  rv = nsContentUtils::NewURIWithDocumentCharset(

-      aRewrittenURI, utf16URI, thisContent->OwnerDoc(), aBaseURI);

+  path.ReplaceSubstring("/v/"_ns, "/embed/"_ns);

+  NS_ConvertUTF8toUTF16 utf16URI(prePath);

+  AppendUTF8toUTF16(path, utf16URI);

+  rv = nsContentUtils::NewURIWithDocumentCharset(aRewrittenURI, utf16URI, doc,

+                                                 aBaseURI);

   if (NS_FAILED(rv)) {

     return;

   }

   mCamerasMuted = aMute;

   // This is safe since we're on main-thread, and the windowlist can only

   // be added to from the main-thread

-  for (const auto& window : mActiveWindows.Values()) {

+  for (const auto& window :

+       ToTArray<AutoTArray<RefPtr<GetUserMediaWindowListener>, 2>>(

+           mActiveWindows.Values())) {

     window->MuteOrUnmuteCameras(aMute);

   }

 }

   mMicrophonesMuted = aMute;

   // This is safe since we're on main-thread, and the windowlist can only

   // be added to from the main-thread

-  for (const auto& window : mActiveWindows.Values()) {

+  for (const auto& window :

+       ToTArray<AutoTArray<RefPtr<GetUserMediaWindowListener>, 2>>(

+           mActiveWindows.Values())) {

     window->MuteOrUnmuteMicrophones(aMute);

   }

 }

   }

   mCamerasAreMuted = aMute;

-  for (auto& l : mActiveListeners) {

+  for (auto& l : mActiveListeners.Clone()) {

     if (l->GetDevice()->Kind() == MediaDeviceKind::Videoinput) {

       l->MuteOrUnmuteCamera(aMute);

     }

   }

   mMicrophonesAreMuted = aMute;

-  for (auto& l : mActiveListeners) {

+  for (auto& l : mActiveListeners.Clone()) {

     if (l->GetDevice()->Kind() == MediaDeviceKind::Audioinput) {

       l->MuteOrUnmuteMicrophone(aMute);

     }

   bool operator!=(const txXPathNode& aNode) const { return !(*this == aNode); }

   ~txXPathNode() { MOZ_COUNT_DTOR(txXPathNode); }

+  mozilla::dom::Document* OwnerDoc() const { return mNode->OwnerDoc(); }

+

  private:

   friend class txXPathNativeNode;

   friend class txXPathNodeUtils;

 #include "mozilla/CheckedInt.h"

 #include "mozilla/UniquePtrExtensions.h"

+#include "nsRFPService.h"

 using mozilla::CheckedUint32;

 using mozilla::MakeUnique;

 using mozilla::MakeUniqueFallible;

+using mozilla::nsRFPService;

+using mozilla::RFPTarget;

 using mozilla::UniquePtr;

 /*

     if (aLangExpr) {

       rv = aLangExpr->evaluateToString(aContext, lang);

       NS_ENSURE_SUCCESS(rv, rv);

+    } else if (aContext->getContextNode()

+                   .OwnerDoc()

+                   ->ShouldResistFingerprinting(RFPTarget::JSLocale)) {

+      CopyUTF8toUTF16(nsRFPService::GetSpoofedJSLocale(), lang);

     }

     // Case-order

 - name: security.csp.truncate_blocked_uri_for_frame_navigations

   type: bool

-  value: true

+  value: false

   mirror: always

 # If true, all toplevel data: URI navigations will be blocked.

+<!DOCTYPE html>

+<html>

+<head>

+    <!-- Make sure frame-src does path matching -->

+    <meta http-equiv="Content-Security-Policy" content="frame-src data: https://{{hosts[][www1]}}:{{ports[https][0]}}/content-security-policy/support/;">

+    <title>frame-src-blocked-path-matching</title>

+    <script src="/resources/testharness.js"></script>

+    <script src="/resources/testharnessreport.js"></script>

+</head>

+<body>

+    <script>

+      async_test(t => {

+        let frame = document.createElement("iframe");

+        frame.src = "https://{{hosts[][www1]}}:{{ports[https][0]}}/content-security-policy/support/postmessage-pass.html";

+

+        window.addEventListener('message', t.step_func(e => {

+          if (e.source === frame.contentWindow) {

+            assert_equals(e.data, "PASS");

+            t.done();

+          }

+        }));

+

+        document.body.append(frame);

+      }, "Cross-origin frame with allowed path loads");

+

+      async_test(t => {

+        let frame = document.createElement("iframe");

+        frame.src = "https://{{hosts[][www1]}}:{{ports[https][0]}}/content-security-policy/resource/";

+

+        window.addEventListener('securitypolicyviolation', t.step_func_done(e => {

+          assert_equals(e.blockedURI, "https://{{hosts[][www1]}}:{{ports[https][0]}}");

+          assert_equals(e.effectiveDirective, "frame-src");

+        }), { once: true });

+

+        document.body.append(frame);

+      }, "Cross-origin frame with other path is blocked");

+

+      async_test(t => {

+        let frame = document.createElement("iframe");

+        frame.src = "data:text/html,<h1>Hello World</h1>"

+        frame.onload = t.step_func(() => {

+          frame.src = "https://{{hosts[][www1]}}:{{ports[https][0]}}/content-security-policy/resource/";

+

+          window.addEventListener('securitypolicyviolation', t.step_func_done(e => {

+            assert_equals(e.blockedURI, "https://{{hosts[][www1]}}:{{ports[https][0]}}");

+            assert_equals(e.effectiveDirective, "frame-src");

+          }), { once: true });

+        });

+        document.body.append(frame);

+      }, "Cross-origin frame with other path is blocked even after replacing the already loaded URL");

+    </script>

+  </body>

+</html>

...	...	@@ -3143,7 +3143,9 @@ void MediaManager::OnCameraMute(bool aMute) {
3143	3143	mCamerasMuted = aMute;
3144	3144	// This is safe since we're on main-thread, and the windowlist can only
3145	3145	// be added to from the main-thread
3146		- for (const auto& window : mActiveWindows.Values()) {
	3146	+ for (const auto& window :
	3147	+ ToTArray<AutoTArray<RefPtr<GetUserMediaWindowListener>, 2>>(
	3148	+ mActiveWindows.Values())) {
3147	3149	window->MuteOrUnmuteCameras(aMute);
3148	3150	}
3149	3151	}
...	...	@@ -3154,7 +3156,9 @@ void MediaManager::OnMicrophoneMute(bool aMute) {
3154	3156	mMicrophonesMuted = aMute;
3155	3157	// This is safe since we're on main-thread, and the windowlist can only
3156	3158	// be added to from the main-thread
3157		- for (const auto& window : mActiveWindows.Values()) {
	3159	+ for (const auto& window :
	3160	+ ToTArray<AutoTArray<RefPtr<GetUserMediaWindowListener>, 2>>(
	3161	+ mActiveWindows.Values())) {
3158	3162	window->MuteOrUnmuteMicrophones(aMute);
3159	3163	}
3160	3164	}
...	...	@@ -4340,7 +4344,7 @@ void GetUserMediaWindowListener::MuteOrUnmuteCameras(bool aMute) {
4340	4344	}
4341	4345	mCamerasAreMuted = aMute;
4342	4346
4343		- for (auto& l : mActiveListeners) {
	4347	+ for (auto& l : mActiveListeners.Clone()) {
4344	4348	if (l->GetDevice()->Kind() == MediaDeviceKind::Videoinput) {
4345	4349	l->MuteOrUnmuteCamera(aMute);
4346	4350	}
...	...	@@ -4355,7 +4359,7 @@ void GetUserMediaWindowListener::MuteOrUnmuteMicrophones(bool aMute) {
4355	4359	}
4356	4360	mMicrophonesAreMuted = aMute;
4357	4361
4358		- for (auto& l : mActiveListeners) {
	4362	+ for (auto& l : mActiveListeners.Clone()) {
4359	4363	if (l->GetDevice()->Kind() == MediaDeviceKind::Audioinput) {
4360	4364	l->MuteOrUnmuteMicrophone(aMute);
4361	4365	}

ma1 pushed to branch tor-browser-115.26.0esr-13.5-1 at The Tor Project / Applications / Tor Browser

Commits:

8 changed files:

Changes: