lists.torproject.org
Sign In
Sign Up
Sign In
Sign Up
Manage this list
×
Keyboard Shortcuts
Thread View
j
: Next unread message
k
: Previous unread message
j a
: Jump to all threads
j l
: Jump to MailingList overview
2024
December
November
October
September
August
July
June
May
April
March
February
January
2023
December
November
October
September
August
July
June
May
April
March
February
January
2022
December
November
October
September
August
July
June
May
April
March
February
January
2021
December
November
October
September
August
July
June
May
April
March
February
January
2020
December
November
October
September
August
July
June
May
April
March
February
January
2019
December
November
October
September
August
July
June
May
April
March
February
January
2018
December
November
October
September
August
July
June
May
April
March
February
January
2017
December
November
October
September
August
July
June
May
April
March
February
January
2016
December
November
October
September
August
July
June
May
April
March
February
January
2015
December
November
October
September
August
July
June
May
April
March
February
January
2014
December
November
October
September
August
July
June
May
April
March
February
January
2013
December
November
October
September
August
July
June
May
April
March
February
January
2012
December
November
October
September
August
July
June
May
April
March
February
January
2011
December
November
October
September
August
July
June
May
April
March
February
List overview
Download
tor-commits
October 2023
----- 2024 -----
December 2024
November 2024
October 2024
September 2024
August 2024
July 2024
June 2024
May 2024
April 2024
March 2024
February 2024
January 2024
----- 2023 -----
December 2023
November 2023
October 2023
September 2023
August 2023
July 2023
June 2023
May 2023
April 2023
March 2023
February 2023
January 2023
----- 2022 -----
December 2022
November 2022
October 2022
September 2022
August 2022
July 2022
June 2022
May 2022
April 2022
March 2022
February 2022
January 2022
----- 2021 -----
December 2021
November 2021
October 2021
September 2021
August 2021
July 2021
June 2021
May 2021
April 2021
March 2021
February 2021
January 2021
----- 2020 -----
December 2020
November 2020
October 2020
September 2020
August 2020
July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
----- 2019 -----
December 2019
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
----- 2018 -----
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
----- 2017 -----
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
----- 2016 -----
December 2016
November 2016
October 2016
September 2016
August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
----- 2015 -----
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
----- 2014 -----
December 2014
November 2014
October 2014
September 2014
August 2014
July 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
----- 2013 -----
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
----- 2012 -----
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
----- 2011 -----
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
tor-commits@lists.torproject.org
1 participants
161 discussions
Start a n
N
ew thread
[Git][tpo/applications/tor-browser-update-responses][main] Add release/download-linux-x86_64.json and release/download-windows-x86_64.json
by boklm (@boklm)
23 Oct '23
23 Oct '23
boklm pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: 2b5dd5b4 by Nicolas Vigier at 2023-10-23T15:28:07+02:00 Add release/download-linux-x86_64.json and release/download-windows-x86_64.json tor-browser-build#40991 - - - - - 2 changed files: - + update_3/release/download-linux-x86_64.json - + update_3/release/download-windows-x86_64.json Changes: ===================================== update_3/release/download-linux-x86_64.json ===================================== @@ -0,0 +1 @@ +{"binary":"
https://dist.torproject.org/torbrowser/13.0/tor-browser-linux-x86_64-13.0.t…
","git_tag":"tbb-13.0-build1","sig":"
https://dist.torproject.org/torbrowser/13.0/tor-browser-linux-x86_64-13.0.t…
","version":"13.0"} \ No newline at end of file ===================================== update_3/release/download-windows-x86_64.json ===================================== @@ -0,0 +1 @@ +{"binary":"
https://dist.torproject.org/torbrowser/13.0/tor-browser-windows-x86_64-port…
","git_tag":"tbb-13.0-build1","sig":"
https://dist.torproject.org/torbrowser/13.0/tor-browser-windows-x86_64-port…
","version":"13.0"} \ No newline at end of file View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses…
-- View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses…
You're receiving this email because of your account on
gitlab.torproject.org
.
1
0
0
0
[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-115.4.0esr-13.0-1-build2
by ma1 (@ma1)
23 Oct '23
23 Oct '23
ma1 pushed new tag mullvad-browser-115.4.0esr-13.0-1-build2 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab:
https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv…
You're receiving this email because of your account on
gitlab.torproject.org
.
1
0
0
0
[Git][tpo/applications/tor-browser] Pushed new tag base-browser-115.4.0esr-13.0-1-build2
by ma1 (@ma1)
23 Oct '23
23 Oct '23
ma1 pushed new tag base-browser-115.4.0esr-13.0-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/base-brow…
You're receiving this email because of your account on
gitlab.torproject.org
.
1
0
0
0
[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.4.0esr-13.0-1-build2
by ma1 (@ma1)
23 Oct '23
23 Oct '23
ma1 pushed new tag tor-browser-115.4.0esr-13.0-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows…
You're receiving this email because of your account on
gitlab.torproject.org
.
1
0
0
0
[Git][tpo/applications/mullvad-browser][mullvad-browser-115.4.0esr-13.5-1] 7 commits: Bug 1738426 - Ignoring status 206 and vary header checking for opaque response...
by richard (@richard)
23 Oct '23
23 Oct '23
richard pushed to branch mullvad-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 985138e0 by Eden Chuang at 2023-10-23T12:36:44+00:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision:
https://phabricator.services.mozilla.com/D186431
- - - - - 8cb3e494 by edgul at 2023-10-23T12:36:44+00:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision:
https://phabricator.services.mozilla.com/D182373
- - - - - e116477a by Kelsey Gilbert at 2023-10-23T12:36:44+00:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision:
https://phabricator.services.mozilla.com/D188054
- - - - - 97184c52 by Mark Banner at 2023-10-23T12:36:45+00:00 Bug 1845752. r=ckerschb Differential Revision:
https://phabricator.services.mozilla.com/D186676
- - - - - e4ad60d6 by Bob Owen at 2023-10-23T12:36:45+00:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision:
https://phabricator.services.mozilla.com/D187794
- - - - - bc7d6958 by Malte Juergens at 2023-10-23T12:36:46+00:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision:
https://phabricator.services.mozilla.com/D187887
- - - - - 32638567 by Andreas Pehrson at 2023-10-23T12:36:46+00:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision:
https://phabricator.services.mozilla.com/D187554
- - - - - 18 changed files: - dom/cache/TypeUtils.cpp - dom/canvas/WebGLContextExtensions.cpp - dom/media/MediaTrackGraph.cpp - dom/media/MediaTrackGraph.h - gfx/2d/RecordedEventImpl.h - gfx/2d/RecordingTypes.h - netwerk/cookie/CookieCommons.cpp - testing/web-platform/meta/cookies/name/name-ctl.html.ini - − testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini - toolkit/components/httpsonlyerror/content/errorpage.html - toolkit/components/httpsonlyerror/content/errorpage.js - toolkit/components/search/OpenSearchEngine.sys.mjs - toolkit/components/search/SearchEngine.sys.mjs - toolkit/components/search/SearchUtils.sys.mjs - toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs - toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js - toolkit/components/search/tests/xpcshell/test_webextensions_install.js - toolkit/modules/RemotePageAccessManager.sys.mjs Changes: ===================================== dom/cache/TypeUtils.cpp ===================================== @@ -184,7 +184,7 @@ void TypeUtils::ToCacheResponseWithoutBody(CacheResponse& aOut, aOut.statusText() = aIn.GetUnfilteredStatusText(); RefPtr<InternalHeaders> headers = aIn.UnfilteredHeaders(); MOZ_DIAGNOSTIC_ASSERT(headers); - if (HasVaryStar(headers)) { + if (aIn.Type() != ResponseType::Opaque && HasVaryStar(headers)) { aRv.ThrowTypeError("Invalid Response object with a 'Vary: *' header."); return; } ===================================== dom/canvas/WebGLContextExtensions.cpp ===================================== @@ -17,15 +17,10 @@ namespace mozilla { const char* GetExtensionName(const WebGLExtensionID ext) { - static EnumeratedArray<WebGLExtensionID, WebGLExtensionID::Max, const char*> - sExtensionNamesEnumeratedArray; - static bool initialized = false; - - if (!initialized) { - initialized = true; - + switch (ext) { #define WEBGL_EXTENSION_IDENTIFIER(x) \ - sExtensionNamesEnumeratedArray[WebGLExtensionID::x] = #x; + case WebGLExtensionID::x: \ + return #x; WEBGL_EXTENSION_IDENTIFIER(ANGLE_instanced_arrays) WEBGL_EXTENSION_IDENTIFIER(EXT_blend_minmax) @@ -67,9 +62,11 @@ const char* GetExtensionName(const WebGLExtensionID ext) { WEBGL_EXTENSION_IDENTIFIER(WEBGL_provoking_vertex) #undef WEBGL_EXTENSION_IDENTIFIER - } - return sExtensionNamesEnumeratedArray[ext]; + case WebGLExtensionID::Max: + break; + } + MOZ_CRASH("bad WebGLExtensionID"); } // ---------------------------- ===================================== dom/media/MediaTrackGraph.cpp ===================================== @@ -145,6 +145,27 @@ class GraphKey final { nsTHashMap<nsGenericHashKey<GraphKey>, MediaTrackGraphImpl*> gGraphs; } // anonymous namespace +static void ApplyTrackDisabling(DisabledTrackMode aDisabledMode, + MediaSegment* aSegment, + MediaSegment* aRawSegment) { + if (aDisabledMode == DisabledTrackMode::ENABLED) { + return; + } + if (aDisabledMode == DisabledTrackMode::SILENCE_BLACK) { + aSegment->ReplaceWithDisabled(); + if (aRawSegment) { + aRawSegment->ReplaceWithDisabled(); + } + } else if (aDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { + aSegment->ReplaceWithNull(); + if (aRawSegment) { + aRawSegment->ReplaceWithNull(); + } + } else { + MOZ_CRASH("Unsupported mode"); + } +} + MediaTrackGraphImpl::~MediaTrackGraphImpl() { MOZ_ASSERT(mTracks.IsEmpty() && mSuspendedTracks.IsEmpty(), "All tracks should have been destroyed by messages from the main " @@ -2421,6 +2442,7 @@ RefPtr<GenericPromise> MediaTrack::RemoveListener( void MediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); // Base implementation, for tracks that don't support direct track listeners. RefPtr<DirectMediaTrackListener> listener = aListener; listener->NotifyDirectListenerInstalled( @@ -2503,6 +2525,7 @@ void MediaTrack::RunAfterPendingUpdates( } void MediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); MOZ_DIAGNOSTIC_ASSERT( aMode == DisabledTrackMode::ENABLED || mDisabledMode == DisabledTrackMode::ENABLED, @@ -2531,22 +2554,8 @@ void MediaTrack::SetDisabledTrackMode(DisabledTrackMode aMode) { void MediaTrack::ApplyTrackDisabling(MediaSegment* aSegment, MediaSegment* aRawSegment) { - if (mDisabledMode == DisabledTrackMode::ENABLED) { - return; - } - if (mDisabledMode == DisabledTrackMode::SILENCE_BLACK) { - aSegment->ReplaceWithDisabled(); - if (aRawSegment) { - aRawSegment->ReplaceWithDisabled(); - } - } else if (mDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { - aSegment->ReplaceWithNull(); - if (aRawSegment) { - aRawSegment->ReplaceWithNull(); - } - } else { - MOZ_CRASH("Unsupported mode"); - } + MOZ_ASSERT(mGraph->OnGraphThread()); + mozilla::ApplyTrackDisabling(mDisabledMode, aSegment, aRawSegment); } void MediaTrack::AddMainThreadListener( @@ -2866,7 +2875,7 @@ TrackTime SourceMediaTrack::AppendData(MediaSegment* aSegment, // Apply track disabling before notifying any consumers directly // or inserting into the graph - ApplyTrackDisabling(aSegment, aRawSegment); + mozilla::ApplyTrackDisabling(mDirectDisabledMode, aSegment, aRawSegment); ResampleAudioToGraphSampleRate(aSegment); @@ -2910,6 +2919,7 @@ void SourceMediaTrack::NotifyDirectConsumers(MediaSegment* aSegment) { void SourceMediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); MutexAutoLock lock(mMutex); RefPtr<DirectMediaTrackListener> listener = aListener; @@ -2979,6 +2989,7 @@ void SourceMediaTrack::AddDirectListenerImpl( void SourceMediaTrack::RemoveDirectListenerImpl( DirectMediaTrackListener* aListener) { + mGraph->AssertOnGraphThreadOrNotRunning(); MutexAutoLock lock(mMutex); for (int32_t i = mDirectTrackListeners.Length() - 1; i >= 0; --i) { const RefPtr<DirectMediaTrackListener>& l = mDirectTrackListeners[i]; @@ -3008,17 +3019,20 @@ void SourceMediaTrack::End() { } void SourceMediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); { MutexAutoLock lock(mMutex); + const DisabledTrackMode oldMode = mDirectDisabledMode; + const bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; + const bool enabled = aMode == DisabledTrackMode::ENABLED; + mDirectDisabledMode = aMode; for (const auto& l : mDirectTrackListeners) { - DisabledTrackMode oldMode = mDisabledMode; - bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; - if (!oldEnabled && aMode == DisabledTrackMode::ENABLED) { + if (!oldEnabled && enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener enabled", GraphImpl(), this)); l->DecreaseDisabled(oldMode); - } else if (oldEnabled && aMode != DisabledTrackMode::ENABLED) { + } else if (oldEnabled && !enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener disabled", GraphImpl(), this)); ===================================== dom/media/MediaTrackGraph.h ===================================== @@ -652,18 +652,8 @@ class SourceMediaTrack : public MediaTrack { */ void End(); - // Overriding allows us to hold the mMutex lock while changing the track - // enable status void SetDisabledTrackModeImpl(DisabledTrackMode aMode) override; - // Overriding allows us to ensure mMutex is locked while changing the track - // enable status - void ApplyTrackDisabling(MediaSegment* aSegment, - MediaSegment* aRawSegment = nullptr) override { - mMutex.AssertCurrentThreadOwns(); - MediaTrack::ApplyTrackDisabling(aSegment, aRawSegment); - } - uint32_t NumberOfChannels() const override; void RemoveAllDirectListenersImpl() override; @@ -742,6 +732,11 @@ class SourceMediaTrack : public MediaTrack { // protected by mMutex float mVolume MOZ_GUARDED_BY(mMutex) = 1.0; UniquePtr<TrackData> mUpdateTrack MOZ_GUARDED_BY(mMutex); + // This track's associated disabled mode for uses on the producing thread. + // It can either by disabled by frames being replaced by black, or by + // retaining the previous frame. + DisabledTrackMode mDirectDisabledMode MOZ_GUARDED_BY(mMutex) = + DisabledTrackMode::ENABLED; nsTArray<RefPtr<DirectMediaTrackListener>> mDirectTrackListeners MOZ_GUARDED_BY(mMutex); }; ===================================== gfx/2d/RecordedEventImpl.h ===================================== @@ -65,7 +65,7 @@ class RecordedDrawTargetCreation BackendType mBackendType; IntRect mRect; SurfaceFormat mFormat; - bool mHasExistingData; + bool mHasExistingData = false; RefPtr<SourceSurface> mExistingData; private: ===================================== gfx/2d/RecordingTypes.h ===================================== @@ -24,6 +24,28 @@ struct ElementStreamFormat { aStream.read(reinterpret_cast<char*>(&aElement), sizeof(T)); } }; +template <class S> +struct ElementStreamFormat<S, bool> { + static void Write(S& aStream, const bool& aElement) { + char boolChar = aElement ? '\x01' : '\x00'; + aStream.write(&boolChar, sizeof(boolChar)); + } + static void Read(S& aStream, bool& aElement) { + char boolChar; + aStream.read(&boolChar, sizeof(boolChar)); + switch (boolChar) { + case '\x00': + aElement = false; + break; + case '\x01': + aElement = true; + break; + default: + aStream.SetIsBad(); + break; + } + } +}; template <class S, class T> void WriteElement(S& aStream, const T& aElement) { ===================================== netwerk/cookie/CookieCommons.cpp ===================================== @@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) { bool CookieCommons::CheckName(const CookieStruct& aCookieData) { const char illegalNameCharacters[] = { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, - 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00}; + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00}; const auto* start = aCookieData.name().BeginReading(); const auto* end = aCookieData.name().EndReading(); ===================================== testing/web-platform/meta/cookies/name/name-ctl.html.ini ===================================== @@ -11,36 +11,6 @@ [Cookie with %xd in name is rejected (DOM).] expected: FAIL - [Cookie with %x7f in name is rejected (DOM).] - expected: FAIL - - [Cookie with %x0 in name is rejected or modified (HTTP).] - expected: FAIL - - [Cookie with %x1 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x2 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x3 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x4 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x5 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x6 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x7 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x8 in name is rejected (HTTP).] - expected: FAIL - [Cookie with %x9 in name is accepted (HTTP).] expected: FAIL ===================================== testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini deleted ===================================== @@ -1,26 +0,0 @@ -[cache-put.https.any.serviceworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.sharedworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.worker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL ===================================== toolkit/components/httpsonlyerror/content/errorpage.html ===================================== @@ -67,6 +67,7 @@ <button id="openInsecure" data-l10n-id="about-httpsonly-button-continue-to-site" + inert ></button> </div> <div class="suggestion-box" hidden> ===================================== toolkit/components/httpsonlyerror/content/errorpage.js ===================================== @@ -34,6 +34,11 @@ function initPage() { .getElementById("openInsecure") .addEventListener("click", onOpenInsecureButtonClick); + const delay = RPMGetIntPref("security.dialog_enable_delay", 1000); + setTimeout(() => { + document.getElementById("openInsecure").removeAttribute("inert"); + }, delay); + if (window.top == window) { document .getElementById("goBack") ===================================== toolkit/components/search/OpenSearchEngine.sys.mjs ===================================== @@ -144,7 +144,12 @@ export class OpenSearchEngine extends SearchEngine { lazy.logConsole.debug("_install: Downloading engine from:", loadURI.spec); - var chan = lazy.SearchUtils.makeChannel(loadURI); + var chan = lazy.SearchUtils.makeChannel( + loadURI, + // OpenSearchEngine is loading a definition file for a search engine, + // TYPE_DOCUMENT captures that load best + Ci.nsIContentPolicy.TYPE_DOCUMENT + ); if (this._engineToUpdate && chan instanceof Ci.nsIHttpChannel) { var lastModified = this._engineToUpdate.getAttr("updatelastmodified"); ===================================== toolkit/components/search/SearchEngine.sys.mjs ===================================== @@ -821,7 +821,10 @@ export class SearchEngine { this._hasPreferredIcon = isPreferred; }; - let chan = lazy.SearchUtils.makeChannel(uri); + let chan = lazy.SearchUtils.makeChannel( + uri, + Ci.nsIContentPolicy.TYPE_IMAGE + ); let listener = new lazy.SearchUtils.LoadListener( chan, /^image\//, ===================================== toolkit/components/search/SearchUtils.sys.mjs ===================================== @@ -248,19 +248,24 @@ export var SearchUtils = { * * @param {string|nsIURI} url * The URL string from which to create an nsIChannel. + * @param {nsIContentPolicy} contentPolicyType + * The type of document being loaded. * @returns {nsIChannel} * an nsIChannel object, or null if the url is invalid. */ - makeChannel(url) { + makeChannel(url, contentPolicyType) { + if (!contentPolicyType) { + throw new Error("makeChannel called with invalid content policy type"); + } try { let uri = typeof url == "string" ? Services.io.newURI(url) : url; return Services.io.newChannelFromURI( uri, null /* loadingNode */, - Services.scriptSecurityManager.getSystemPrincipal(), + Services.scriptSecurityManager.createNullPrincipal({}), null /* triggeringPrincipal */, Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL, - Ci.nsIContentPolicy.TYPE_OTHER + contentPolicyType ); } catch (ex) {} ===================================== toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs ===================================== @@ -10,7 +10,7 @@ function handleRequest(request, response) { response.setStatusLine("1.1", 302, "Moved"); if (request.queryString == "type=invalid") { response.setHeader("Content-Type", "image/png", false); - response.setHeader("Location", "engine.xml", false); + response.setHeader("Location", "/head_search.js", false); } else { response.setHeader("Content-Type", "text/html", false); response.setHeader("Location", "remoteIcon.ico", false); ===================================== toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js ===================================== @@ -12,9 +12,11 @@ add_task(async function setup() { }); add_task(async function test_installedresourceicon() { + // Attempts to load a resource:// url as an icon. let engine1 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/resourceicon.xml`, }); + // Attempts to load a chrome:// url as an icon. let engine2 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/chromeicon.xml`, }); @@ -32,12 +34,13 @@ add_task(async function test_installedhttpplace() { // The easiest way to test adding the icon is via a generated xml, otherwise // we have to somehow insert the address of the server into it. + // Attempts to load a non-image page into an image icon. let engine = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}data/engineMaker.sjs?` + JSON.stringify({ baseURL: gDataUrl, - image: "opensearch/resourceicon.xml", + image: "head_search.js", name: "invalidicon", method: "GET", }), ===================================== toolkit/components/search/tests/xpcshell/test_webextensions_install.js ===================================== @@ -5,6 +5,8 @@ const { promiseShutdownManager, promiseStartupManager } = AddonTestUtils; +let gBaseUrl; + async function getEngineNames() { let engines = await Services.search.getEngines(); return engines.map(engine => engine._name); @@ -13,6 +15,8 @@ async function getEngineNames() { add_task(async function setup() { let server = useHttpServer(); server.registerContentType("sjs", "sjs"); + gBaseUrl = `http://localhost:${server.identity.primaryPort}/`; + await SearchTestUtils.useTestEngines("test-extensions"); await promiseStartupManager(); @@ -132,7 +136,7 @@ add_task(async function test_load_favicon_invalid() { // User installs a new search engine let extension = await SearchTestUtils.installSearchExtension( { - favicon_url: `${gDataUrl}engine.xml`, + favicon_url: `${gBaseUrl}/head_search.js`, }, { skipUnload: true } ); ===================================== toolkit/modules/RemotePageAccessManager.sys.mjs ===================================== @@ -66,6 +66,7 @@ export let RemotePageAccessManager = { }, "about:httpsonlyerror": { RPMGetFormatURLPref: ["app.support.baseURL"], + RPMGetIntPref: ["security.dialog_enable_delay"], RPMSendAsyncMessage: ["goBack", "openInsecure"], RPMAddMessageListener: ["WWWReachable"], RPMTryPingSecureWWWLink: ["*"], View it on GitLab:
https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/68…
-- View it on GitLab:
https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/68…
You're receiving this email because of your account on
gitlab.torproject.org
.
1
0
0
0
[Git][tpo/applications/tor-browser][base-browser-115.4.0esr-13.5-1] 7 commits: Bug 1738426 - Ignoring status 206 and vary header checking for opaque response...
by richard (@richard)
23 Oct '23
23 Oct '23
richard pushed to branch base-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: b019f751 by Eden Chuang at 2023-10-23T12:34:34+00:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision:
https://phabricator.services.mozilla.com/D186431
- - - - - 15e6ab9a by edgul at 2023-10-23T12:34:34+00:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision:
https://phabricator.services.mozilla.com/D182373
- - - - - 198e936f by Kelsey Gilbert at 2023-10-23T12:34:35+00:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision:
https://phabricator.services.mozilla.com/D188054
- - - - - da8da0e5 by Mark Banner at 2023-10-23T12:34:35+00:00 Bug 1845752. r=ckerschb Differential Revision:
https://phabricator.services.mozilla.com/D186676
- - - - - 1665929f by Bob Owen at 2023-10-23T12:34:35+00:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision:
https://phabricator.services.mozilla.com/D187794
- - - - - 4528a947 by Malte Juergens at 2023-10-23T12:34:36+00:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision:
https://phabricator.services.mozilla.com/D187887
- - - - - 251143c1 by Andreas Pehrson at 2023-10-23T12:34:36+00:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision:
https://phabricator.services.mozilla.com/D187554
- - - - - 18 changed files: - dom/cache/TypeUtils.cpp - dom/canvas/WebGLContextExtensions.cpp - dom/media/MediaTrackGraph.cpp - dom/media/MediaTrackGraph.h - gfx/2d/RecordedEventImpl.h - gfx/2d/RecordingTypes.h - netwerk/cookie/CookieCommons.cpp - testing/web-platform/meta/cookies/name/name-ctl.html.ini - − testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini - toolkit/components/httpsonlyerror/content/errorpage.html - toolkit/components/httpsonlyerror/content/errorpage.js - toolkit/components/search/OpenSearchEngine.sys.mjs - toolkit/components/search/SearchEngine.sys.mjs - toolkit/components/search/SearchUtils.sys.mjs - toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs - toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js - toolkit/components/search/tests/xpcshell/test_webextensions_install.js - toolkit/modules/RemotePageAccessManager.sys.mjs Changes: ===================================== dom/cache/TypeUtils.cpp ===================================== @@ -184,7 +184,7 @@ void TypeUtils::ToCacheResponseWithoutBody(CacheResponse& aOut, aOut.statusText() = aIn.GetUnfilteredStatusText(); RefPtr<InternalHeaders> headers = aIn.UnfilteredHeaders(); MOZ_DIAGNOSTIC_ASSERT(headers); - if (HasVaryStar(headers)) { + if (aIn.Type() != ResponseType::Opaque && HasVaryStar(headers)) { aRv.ThrowTypeError("Invalid Response object with a 'Vary: *' header."); return; } ===================================== dom/canvas/WebGLContextExtensions.cpp ===================================== @@ -17,15 +17,10 @@ namespace mozilla { const char* GetExtensionName(const WebGLExtensionID ext) { - static EnumeratedArray<WebGLExtensionID, WebGLExtensionID::Max, const char*> - sExtensionNamesEnumeratedArray; - static bool initialized = false; - - if (!initialized) { - initialized = true; - + switch (ext) { #define WEBGL_EXTENSION_IDENTIFIER(x) \ - sExtensionNamesEnumeratedArray[WebGLExtensionID::x] = #x; + case WebGLExtensionID::x: \ + return #x; WEBGL_EXTENSION_IDENTIFIER(ANGLE_instanced_arrays) WEBGL_EXTENSION_IDENTIFIER(EXT_blend_minmax) @@ -67,9 +62,11 @@ const char* GetExtensionName(const WebGLExtensionID ext) { WEBGL_EXTENSION_IDENTIFIER(WEBGL_provoking_vertex) #undef WEBGL_EXTENSION_IDENTIFIER - } - return sExtensionNamesEnumeratedArray[ext]; + case WebGLExtensionID::Max: + break; + } + MOZ_CRASH("bad WebGLExtensionID"); } // ---------------------------- ===================================== dom/media/MediaTrackGraph.cpp ===================================== @@ -145,6 +145,27 @@ class GraphKey final { nsTHashMap<nsGenericHashKey<GraphKey>, MediaTrackGraphImpl*> gGraphs; } // anonymous namespace +static void ApplyTrackDisabling(DisabledTrackMode aDisabledMode, + MediaSegment* aSegment, + MediaSegment* aRawSegment) { + if (aDisabledMode == DisabledTrackMode::ENABLED) { + return; + } + if (aDisabledMode == DisabledTrackMode::SILENCE_BLACK) { + aSegment->ReplaceWithDisabled(); + if (aRawSegment) { + aRawSegment->ReplaceWithDisabled(); + } + } else if (aDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { + aSegment->ReplaceWithNull(); + if (aRawSegment) { + aRawSegment->ReplaceWithNull(); + } + } else { + MOZ_CRASH("Unsupported mode"); + } +} + MediaTrackGraphImpl::~MediaTrackGraphImpl() { MOZ_ASSERT(mTracks.IsEmpty() && mSuspendedTracks.IsEmpty(), "All tracks should have been destroyed by messages from the main " @@ -2421,6 +2442,7 @@ RefPtr<GenericPromise> MediaTrack::RemoveListener( void MediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); // Base implementation, for tracks that don't support direct track listeners. RefPtr<DirectMediaTrackListener> listener = aListener; listener->NotifyDirectListenerInstalled( @@ -2503,6 +2525,7 @@ void MediaTrack::RunAfterPendingUpdates( } void MediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); MOZ_DIAGNOSTIC_ASSERT( aMode == DisabledTrackMode::ENABLED || mDisabledMode == DisabledTrackMode::ENABLED, @@ -2531,22 +2554,8 @@ void MediaTrack::SetDisabledTrackMode(DisabledTrackMode aMode) { void MediaTrack::ApplyTrackDisabling(MediaSegment* aSegment, MediaSegment* aRawSegment) { - if (mDisabledMode == DisabledTrackMode::ENABLED) { - return; - } - if (mDisabledMode == DisabledTrackMode::SILENCE_BLACK) { - aSegment->ReplaceWithDisabled(); - if (aRawSegment) { - aRawSegment->ReplaceWithDisabled(); - } - } else if (mDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { - aSegment->ReplaceWithNull(); - if (aRawSegment) { - aRawSegment->ReplaceWithNull(); - } - } else { - MOZ_CRASH("Unsupported mode"); - } + MOZ_ASSERT(mGraph->OnGraphThread()); + mozilla::ApplyTrackDisabling(mDisabledMode, aSegment, aRawSegment); } void MediaTrack::AddMainThreadListener( @@ -2866,7 +2875,7 @@ TrackTime SourceMediaTrack::AppendData(MediaSegment* aSegment, // Apply track disabling before notifying any consumers directly // or inserting into the graph - ApplyTrackDisabling(aSegment, aRawSegment); + mozilla::ApplyTrackDisabling(mDirectDisabledMode, aSegment, aRawSegment); ResampleAudioToGraphSampleRate(aSegment); @@ -2910,6 +2919,7 @@ void SourceMediaTrack::NotifyDirectConsumers(MediaSegment* aSegment) { void SourceMediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); MutexAutoLock lock(mMutex); RefPtr<DirectMediaTrackListener> listener = aListener; @@ -2979,6 +2989,7 @@ void SourceMediaTrack::AddDirectListenerImpl( void SourceMediaTrack::RemoveDirectListenerImpl( DirectMediaTrackListener* aListener) { + mGraph->AssertOnGraphThreadOrNotRunning(); MutexAutoLock lock(mMutex); for (int32_t i = mDirectTrackListeners.Length() - 1; i >= 0; --i) { const RefPtr<DirectMediaTrackListener>& l = mDirectTrackListeners[i]; @@ -3008,17 +3019,20 @@ void SourceMediaTrack::End() { } void SourceMediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); { MutexAutoLock lock(mMutex); + const DisabledTrackMode oldMode = mDirectDisabledMode; + const bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; + const bool enabled = aMode == DisabledTrackMode::ENABLED; + mDirectDisabledMode = aMode; for (const auto& l : mDirectTrackListeners) { - DisabledTrackMode oldMode = mDisabledMode; - bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; - if (!oldEnabled && aMode == DisabledTrackMode::ENABLED) { + if (!oldEnabled && enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener enabled", GraphImpl(), this)); l->DecreaseDisabled(oldMode); - } else if (oldEnabled && aMode != DisabledTrackMode::ENABLED) { + } else if (oldEnabled && !enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener disabled", GraphImpl(), this)); ===================================== dom/media/MediaTrackGraph.h ===================================== @@ -652,18 +652,8 @@ class SourceMediaTrack : public MediaTrack { */ void End(); - // Overriding allows us to hold the mMutex lock while changing the track - // enable status void SetDisabledTrackModeImpl(DisabledTrackMode aMode) override; - // Overriding allows us to ensure mMutex is locked while changing the track - // enable status - void ApplyTrackDisabling(MediaSegment* aSegment, - MediaSegment* aRawSegment = nullptr) override { - mMutex.AssertCurrentThreadOwns(); - MediaTrack::ApplyTrackDisabling(aSegment, aRawSegment); - } - uint32_t NumberOfChannels() const override; void RemoveAllDirectListenersImpl() override; @@ -742,6 +732,11 @@ class SourceMediaTrack : public MediaTrack { // protected by mMutex float mVolume MOZ_GUARDED_BY(mMutex) = 1.0; UniquePtr<TrackData> mUpdateTrack MOZ_GUARDED_BY(mMutex); + // This track's associated disabled mode for uses on the producing thread. + // It can either by disabled by frames being replaced by black, or by + // retaining the previous frame. + DisabledTrackMode mDirectDisabledMode MOZ_GUARDED_BY(mMutex) = + DisabledTrackMode::ENABLED; nsTArray<RefPtr<DirectMediaTrackListener>> mDirectTrackListeners MOZ_GUARDED_BY(mMutex); }; ===================================== gfx/2d/RecordedEventImpl.h ===================================== @@ -65,7 +65,7 @@ class RecordedDrawTargetCreation BackendType mBackendType; IntRect mRect; SurfaceFormat mFormat; - bool mHasExistingData; + bool mHasExistingData = false; RefPtr<SourceSurface> mExistingData; private: ===================================== gfx/2d/RecordingTypes.h ===================================== @@ -24,6 +24,28 @@ struct ElementStreamFormat { aStream.read(reinterpret_cast<char*>(&aElement), sizeof(T)); } }; +template <class S> +struct ElementStreamFormat<S, bool> { + static void Write(S& aStream, const bool& aElement) { + char boolChar = aElement ? '\x01' : '\x00'; + aStream.write(&boolChar, sizeof(boolChar)); + } + static void Read(S& aStream, bool& aElement) { + char boolChar; + aStream.read(&boolChar, sizeof(boolChar)); + switch (boolChar) { + case '\x00': + aElement = false; + break; + case '\x01': + aElement = true; + break; + default: + aStream.SetIsBad(); + break; + } + } +}; template <class S, class T> void WriteElement(S& aStream, const T& aElement) { ===================================== netwerk/cookie/CookieCommons.cpp ===================================== @@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) { bool CookieCommons::CheckName(const CookieStruct& aCookieData) { const char illegalNameCharacters[] = { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, - 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00}; + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00}; const auto* start = aCookieData.name().BeginReading(); const auto* end = aCookieData.name().EndReading(); ===================================== testing/web-platform/meta/cookies/name/name-ctl.html.ini ===================================== @@ -11,36 +11,6 @@ [Cookie with %xd in name is rejected (DOM).] expected: FAIL - [Cookie with %x7f in name is rejected (DOM).] - expected: FAIL - - [Cookie with %x0 in name is rejected or modified (HTTP).] - expected: FAIL - - [Cookie with %x1 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x2 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x3 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x4 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x5 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x6 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x7 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x8 in name is rejected (HTTP).] - expected: FAIL - [Cookie with %x9 in name is accepted (HTTP).] expected: FAIL ===================================== testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini deleted ===================================== @@ -1,26 +0,0 @@ -[cache-put.https.any.serviceworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.sharedworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.worker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL ===================================== toolkit/components/httpsonlyerror/content/errorpage.html ===================================== @@ -67,6 +67,7 @@ <button id="openInsecure" data-l10n-id="about-httpsonly-button-continue-to-site" + inert ></button> </div> <div class="suggestion-box" hidden> ===================================== toolkit/components/httpsonlyerror/content/errorpage.js ===================================== @@ -34,6 +34,11 @@ function initPage() { .getElementById("openInsecure") .addEventListener("click", onOpenInsecureButtonClick); + const delay = RPMGetIntPref("security.dialog_enable_delay", 1000); + setTimeout(() => { + document.getElementById("openInsecure").removeAttribute("inert"); + }, delay); + if (window.top == window) { document .getElementById("goBack") ===================================== toolkit/components/search/OpenSearchEngine.sys.mjs ===================================== @@ -144,7 +144,12 @@ export class OpenSearchEngine extends SearchEngine { lazy.logConsole.debug("_install: Downloading engine from:", loadURI.spec); - var chan = lazy.SearchUtils.makeChannel(loadURI); + var chan = lazy.SearchUtils.makeChannel( + loadURI, + // OpenSearchEngine is loading a definition file for a search engine, + // TYPE_DOCUMENT captures that load best + Ci.nsIContentPolicy.TYPE_DOCUMENT + ); if (this._engineToUpdate && chan instanceof Ci.nsIHttpChannel) { var lastModified = this._engineToUpdate.getAttr("updatelastmodified"); ===================================== toolkit/components/search/SearchEngine.sys.mjs ===================================== @@ -821,7 +821,10 @@ export class SearchEngine { this._hasPreferredIcon = isPreferred; }; - let chan = lazy.SearchUtils.makeChannel(uri); + let chan = lazy.SearchUtils.makeChannel( + uri, + Ci.nsIContentPolicy.TYPE_IMAGE + ); let listener = new lazy.SearchUtils.LoadListener( chan, /^image\//, ===================================== toolkit/components/search/SearchUtils.sys.mjs ===================================== @@ -248,19 +248,24 @@ export var SearchUtils = { * * @param {string|nsIURI} url * The URL string from which to create an nsIChannel. + * @param {nsIContentPolicy} contentPolicyType + * The type of document being loaded. * @returns {nsIChannel} * an nsIChannel object, or null if the url is invalid. */ - makeChannel(url) { + makeChannel(url, contentPolicyType) { + if (!contentPolicyType) { + throw new Error("makeChannel called with invalid content policy type"); + } try { let uri = typeof url == "string" ? Services.io.newURI(url) : url; return Services.io.newChannelFromURI( uri, null /* loadingNode */, - Services.scriptSecurityManager.getSystemPrincipal(), + Services.scriptSecurityManager.createNullPrincipal({}), null /* triggeringPrincipal */, Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL, - Ci.nsIContentPolicy.TYPE_OTHER + contentPolicyType ); } catch (ex) {} ===================================== toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs ===================================== @@ -10,7 +10,7 @@ function handleRequest(request, response) { response.setStatusLine("1.1", 302, "Moved"); if (request.queryString == "type=invalid") { response.setHeader("Content-Type", "image/png", false); - response.setHeader("Location", "engine.xml", false); + response.setHeader("Location", "/head_search.js", false); } else { response.setHeader("Content-Type", "text/html", false); response.setHeader("Location", "remoteIcon.ico", false); ===================================== toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js ===================================== @@ -12,9 +12,11 @@ add_task(async function setup() { }); add_task(async function test_installedresourceicon() { + // Attempts to load a resource:// url as an icon. let engine1 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/resourceicon.xml`, }); + // Attempts to load a chrome:// url as an icon. let engine2 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/chromeicon.xml`, }); @@ -32,12 +34,13 @@ add_task(async function test_installedhttpplace() { // The easiest way to test adding the icon is via a generated xml, otherwise // we have to somehow insert the address of the server into it. + // Attempts to load a non-image page into an image icon. let engine = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}data/engineMaker.sjs?` + JSON.stringify({ baseURL: gDataUrl, - image: "opensearch/resourceicon.xml", + image: "head_search.js", name: "invalidicon", method: "GET", }), ===================================== toolkit/components/search/tests/xpcshell/test_webextensions_install.js ===================================== @@ -5,6 +5,8 @@ const { promiseShutdownManager, promiseStartupManager } = AddonTestUtils; +let gBaseUrl; + async function getEngineNames() { let engines = await Services.search.getEngines(); return engines.map(engine => engine._name); @@ -13,6 +15,8 @@ async function getEngineNames() { add_task(async function setup() { let server = useHttpServer(); server.registerContentType("sjs", "sjs"); + gBaseUrl = `http://localhost:${server.identity.primaryPort}/`; + await SearchTestUtils.useTestEngines("test-extensions"); await promiseStartupManager(); @@ -132,7 +136,7 @@ add_task(async function test_load_favicon_invalid() { // User installs a new search engine let extension = await SearchTestUtils.installSearchExtension( { - favicon_url: `${gDataUrl}engine.xml`, + favicon_url: `${gBaseUrl}/head_search.js`, }, { skipUnload: true } ); ===================================== toolkit/modules/RemotePageAccessManager.sys.mjs ===================================== @@ -66,6 +66,7 @@ export let RemotePageAccessManager = { }, "about:httpsonlyerror": { RPMGetFormatURLPref: ["app.support.baseURL"], + RPMGetIntPref: ["security.dialog_enable_delay"], RPMSendAsyncMessage: ["goBack", "openInsecure"], RPMAddMessageListener: ["WWWReachable"], RPMTryPingSecureWWWLink: ["*"], View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/f3701b…
-- View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/f3701b…
You're receiving this email because of your account on
gitlab.torproject.org
.
1
0
0
0
[Git][tpo/applications/tor-browser][tor-browser-115.4.0esr-13.5-1] 7 commits: Bug 1738426 - Ignoring status 206 and vary header checking for opaque response...
by richard (@richard)
23 Oct '23
23 Oct '23
richard pushed to branch tor-browser-115.4.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: b4ecf06a by Eden Chuang at 2023-10-23T12:29:13+00:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision:
https://phabricator.services.mozilla.com/D186431
- - - - - 64bd0c0d by edgul at 2023-10-23T12:29:13+00:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision:
https://phabricator.services.mozilla.com/D182373
- - - - - 4ead76f7 by Kelsey Gilbert at 2023-10-23T12:29:14+00:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision:
https://phabricator.services.mozilla.com/D188054
- - - - - ce34aa4f by Mark Banner at 2023-10-23T12:29:14+00:00 Bug 1845752. r=ckerschb Differential Revision:
https://phabricator.services.mozilla.com/D186676
- - - - - 24a2f717 by Bob Owen at 2023-10-23T12:29:15+00:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision:
https://phabricator.services.mozilla.com/D187794
- - - - - b41e1ac5 by Malte Juergens at 2023-10-23T12:29:15+00:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision:
https://phabricator.services.mozilla.com/D187887
- - - - - 5d1936d6 by Andreas Pehrson at 2023-10-23T12:29:15+00:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision:
https://phabricator.services.mozilla.com/D187554
- - - - - 18 changed files: - dom/cache/TypeUtils.cpp - dom/canvas/WebGLContextExtensions.cpp - dom/media/MediaTrackGraph.cpp - dom/media/MediaTrackGraph.h - gfx/2d/RecordedEventImpl.h - gfx/2d/RecordingTypes.h - netwerk/cookie/CookieCommons.cpp - testing/web-platform/meta/cookies/name/name-ctl.html.ini - − testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini - toolkit/components/httpsonlyerror/content/errorpage.html - toolkit/components/httpsonlyerror/content/errorpage.js - toolkit/components/search/OpenSearchEngine.sys.mjs - toolkit/components/search/SearchEngine.sys.mjs - toolkit/components/search/SearchUtils.sys.mjs - toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs - toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js - toolkit/components/search/tests/xpcshell/test_webextensions_install.js - toolkit/modules/RemotePageAccessManager.sys.mjs Changes: ===================================== dom/cache/TypeUtils.cpp ===================================== @@ -184,7 +184,7 @@ void TypeUtils::ToCacheResponseWithoutBody(CacheResponse& aOut, aOut.statusText() = aIn.GetUnfilteredStatusText(); RefPtr<InternalHeaders> headers = aIn.UnfilteredHeaders(); MOZ_DIAGNOSTIC_ASSERT(headers); - if (HasVaryStar(headers)) { + if (aIn.Type() != ResponseType::Opaque && HasVaryStar(headers)) { aRv.ThrowTypeError("Invalid Response object with a 'Vary: *' header."); return; } ===================================== dom/canvas/WebGLContextExtensions.cpp ===================================== @@ -17,15 +17,10 @@ namespace mozilla { const char* GetExtensionName(const WebGLExtensionID ext) { - static EnumeratedArray<WebGLExtensionID, WebGLExtensionID::Max, const char*> - sExtensionNamesEnumeratedArray; - static bool initialized = false; - - if (!initialized) { - initialized = true; - + switch (ext) { #define WEBGL_EXTENSION_IDENTIFIER(x) \ - sExtensionNamesEnumeratedArray[WebGLExtensionID::x] = #x; + case WebGLExtensionID::x: \ + return #x; WEBGL_EXTENSION_IDENTIFIER(ANGLE_instanced_arrays) WEBGL_EXTENSION_IDENTIFIER(EXT_blend_minmax) @@ -67,9 +62,11 @@ const char* GetExtensionName(const WebGLExtensionID ext) { WEBGL_EXTENSION_IDENTIFIER(WEBGL_provoking_vertex) #undef WEBGL_EXTENSION_IDENTIFIER - } - return sExtensionNamesEnumeratedArray[ext]; + case WebGLExtensionID::Max: + break; + } + MOZ_CRASH("bad WebGLExtensionID"); } // ---------------------------- ===================================== dom/media/MediaTrackGraph.cpp ===================================== @@ -145,6 +145,27 @@ class GraphKey final { nsTHashMap<nsGenericHashKey<GraphKey>, MediaTrackGraphImpl*> gGraphs; } // anonymous namespace +static void ApplyTrackDisabling(DisabledTrackMode aDisabledMode, + MediaSegment* aSegment, + MediaSegment* aRawSegment) { + if (aDisabledMode == DisabledTrackMode::ENABLED) { + return; + } + if (aDisabledMode == DisabledTrackMode::SILENCE_BLACK) { + aSegment->ReplaceWithDisabled(); + if (aRawSegment) { + aRawSegment->ReplaceWithDisabled(); + } + } else if (aDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { + aSegment->ReplaceWithNull(); + if (aRawSegment) { + aRawSegment->ReplaceWithNull(); + } + } else { + MOZ_CRASH("Unsupported mode"); + } +} + MediaTrackGraphImpl::~MediaTrackGraphImpl() { MOZ_ASSERT(mTracks.IsEmpty() && mSuspendedTracks.IsEmpty(), "All tracks should have been destroyed by messages from the main " @@ -2421,6 +2442,7 @@ RefPtr<GenericPromise> MediaTrack::RemoveListener( void MediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); // Base implementation, for tracks that don't support direct track listeners. RefPtr<DirectMediaTrackListener> listener = aListener; listener->NotifyDirectListenerInstalled( @@ -2503,6 +2525,7 @@ void MediaTrack::RunAfterPendingUpdates( } void MediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); MOZ_DIAGNOSTIC_ASSERT( aMode == DisabledTrackMode::ENABLED || mDisabledMode == DisabledTrackMode::ENABLED, @@ -2531,22 +2554,8 @@ void MediaTrack::SetDisabledTrackMode(DisabledTrackMode aMode) { void MediaTrack::ApplyTrackDisabling(MediaSegment* aSegment, MediaSegment* aRawSegment) { - if (mDisabledMode == DisabledTrackMode::ENABLED) { - return; - } - if (mDisabledMode == DisabledTrackMode::SILENCE_BLACK) { - aSegment->ReplaceWithDisabled(); - if (aRawSegment) { - aRawSegment->ReplaceWithDisabled(); - } - } else if (mDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { - aSegment->ReplaceWithNull(); - if (aRawSegment) { - aRawSegment->ReplaceWithNull(); - } - } else { - MOZ_CRASH("Unsupported mode"); - } + MOZ_ASSERT(mGraph->OnGraphThread()); + mozilla::ApplyTrackDisabling(mDisabledMode, aSegment, aRawSegment); } void MediaTrack::AddMainThreadListener( @@ -2866,7 +2875,7 @@ TrackTime SourceMediaTrack::AppendData(MediaSegment* aSegment, // Apply track disabling before notifying any consumers directly // or inserting into the graph - ApplyTrackDisabling(aSegment, aRawSegment); + mozilla::ApplyTrackDisabling(mDirectDisabledMode, aSegment, aRawSegment); ResampleAudioToGraphSampleRate(aSegment); @@ -2910,6 +2919,7 @@ void SourceMediaTrack::NotifyDirectConsumers(MediaSegment* aSegment) { void SourceMediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); MutexAutoLock lock(mMutex); RefPtr<DirectMediaTrackListener> listener = aListener; @@ -2979,6 +2989,7 @@ void SourceMediaTrack::AddDirectListenerImpl( void SourceMediaTrack::RemoveDirectListenerImpl( DirectMediaTrackListener* aListener) { + mGraph->AssertOnGraphThreadOrNotRunning(); MutexAutoLock lock(mMutex); for (int32_t i = mDirectTrackListeners.Length() - 1; i >= 0; --i) { const RefPtr<DirectMediaTrackListener>& l = mDirectTrackListeners[i]; @@ -3008,17 +3019,20 @@ void SourceMediaTrack::End() { } void SourceMediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); { MutexAutoLock lock(mMutex); + const DisabledTrackMode oldMode = mDirectDisabledMode; + const bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; + const bool enabled = aMode == DisabledTrackMode::ENABLED; + mDirectDisabledMode = aMode; for (const auto& l : mDirectTrackListeners) { - DisabledTrackMode oldMode = mDisabledMode; - bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; - if (!oldEnabled && aMode == DisabledTrackMode::ENABLED) { + if (!oldEnabled && enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener enabled", GraphImpl(), this)); l->DecreaseDisabled(oldMode); - } else if (oldEnabled && aMode != DisabledTrackMode::ENABLED) { + } else if (oldEnabled && !enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener disabled", GraphImpl(), this)); ===================================== dom/media/MediaTrackGraph.h ===================================== @@ -652,18 +652,8 @@ class SourceMediaTrack : public MediaTrack { */ void End(); - // Overriding allows us to hold the mMutex lock while changing the track - // enable status void SetDisabledTrackModeImpl(DisabledTrackMode aMode) override; - // Overriding allows us to ensure mMutex is locked while changing the track - // enable status - void ApplyTrackDisabling(MediaSegment* aSegment, - MediaSegment* aRawSegment = nullptr) override { - mMutex.AssertCurrentThreadOwns(); - MediaTrack::ApplyTrackDisabling(aSegment, aRawSegment); - } - uint32_t NumberOfChannels() const override; void RemoveAllDirectListenersImpl() override; @@ -742,6 +732,11 @@ class SourceMediaTrack : public MediaTrack { // protected by mMutex float mVolume MOZ_GUARDED_BY(mMutex) = 1.0; UniquePtr<TrackData> mUpdateTrack MOZ_GUARDED_BY(mMutex); + // This track's associated disabled mode for uses on the producing thread. + // It can either by disabled by frames being replaced by black, or by + // retaining the previous frame. + DisabledTrackMode mDirectDisabledMode MOZ_GUARDED_BY(mMutex) = + DisabledTrackMode::ENABLED; nsTArray<RefPtr<DirectMediaTrackListener>> mDirectTrackListeners MOZ_GUARDED_BY(mMutex); }; ===================================== gfx/2d/RecordedEventImpl.h ===================================== @@ -65,7 +65,7 @@ class RecordedDrawTargetCreation BackendType mBackendType; IntRect mRect; SurfaceFormat mFormat; - bool mHasExistingData; + bool mHasExistingData = false; RefPtr<SourceSurface> mExistingData; private: ===================================== gfx/2d/RecordingTypes.h ===================================== @@ -24,6 +24,28 @@ struct ElementStreamFormat { aStream.read(reinterpret_cast<char*>(&aElement), sizeof(T)); } }; +template <class S> +struct ElementStreamFormat<S, bool> { + static void Write(S& aStream, const bool& aElement) { + char boolChar = aElement ? '\x01' : '\x00'; + aStream.write(&boolChar, sizeof(boolChar)); + } + static void Read(S& aStream, bool& aElement) { + char boolChar; + aStream.read(&boolChar, sizeof(boolChar)); + switch (boolChar) { + case '\x00': + aElement = false; + break; + case '\x01': + aElement = true; + break; + default: + aStream.SetIsBad(); + break; + } + } +}; template <class S, class T> void WriteElement(S& aStream, const T& aElement) { ===================================== netwerk/cookie/CookieCommons.cpp ===================================== @@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) { bool CookieCommons::CheckName(const CookieStruct& aCookieData) { const char illegalNameCharacters[] = { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, - 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00}; + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00}; const auto* start = aCookieData.name().BeginReading(); const auto* end = aCookieData.name().EndReading(); ===================================== testing/web-platform/meta/cookies/name/name-ctl.html.ini ===================================== @@ -11,36 +11,6 @@ [Cookie with %xd in name is rejected (DOM).] expected: FAIL - [Cookie with %x7f in name is rejected (DOM).] - expected: FAIL - - [Cookie with %x0 in name is rejected or modified (HTTP).] - expected: FAIL - - [Cookie with %x1 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x2 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x3 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x4 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x5 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x6 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x7 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x8 in name is rejected (HTTP).] - expected: FAIL - [Cookie with %x9 in name is accepted (HTTP).] expected: FAIL ===================================== testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini deleted ===================================== @@ -1,26 +0,0 @@ -[cache-put.https.any.serviceworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.sharedworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.worker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL ===================================== toolkit/components/httpsonlyerror/content/errorpage.html ===================================== @@ -67,6 +67,7 @@ <button id="openInsecure" data-l10n-id="about-httpsonly-button-continue-to-site" + inert ></button> </div> <div class="suggestion-box" hidden> ===================================== toolkit/components/httpsonlyerror/content/errorpage.js ===================================== @@ -34,6 +34,11 @@ function initPage() { .getElementById("openInsecure") .addEventListener("click", onOpenInsecureButtonClick); + const delay = RPMGetIntPref("security.dialog_enable_delay", 1000); + setTimeout(() => { + document.getElementById("openInsecure").removeAttribute("inert"); + }, delay); + if (window.top == window) { document .getElementById("goBack") ===================================== toolkit/components/search/OpenSearchEngine.sys.mjs ===================================== @@ -144,7 +144,12 @@ export class OpenSearchEngine extends SearchEngine { lazy.logConsole.debug("_install: Downloading engine from:", loadURI.spec); - var chan = lazy.SearchUtils.makeChannel(loadURI); + var chan = lazy.SearchUtils.makeChannel( + loadURI, + // OpenSearchEngine is loading a definition file for a search engine, + // TYPE_DOCUMENT captures that load best + Ci.nsIContentPolicy.TYPE_DOCUMENT + ); if (this._engineToUpdate && chan instanceof Ci.nsIHttpChannel) { var lastModified = this._engineToUpdate.getAttr("updatelastmodified"); ===================================== toolkit/components/search/SearchEngine.sys.mjs ===================================== @@ -821,7 +821,10 @@ export class SearchEngine { this._hasPreferredIcon = isPreferred; }; - let chan = lazy.SearchUtils.makeChannel(uri); + let chan = lazy.SearchUtils.makeChannel( + uri, + Ci.nsIContentPolicy.TYPE_IMAGE + ); let listener = new lazy.SearchUtils.LoadListener( chan, /^image\//, ===================================== toolkit/components/search/SearchUtils.sys.mjs ===================================== @@ -248,19 +248,24 @@ export var SearchUtils = { * * @param {string|nsIURI} url * The URL string from which to create an nsIChannel. + * @param {nsIContentPolicy} contentPolicyType + * The type of document being loaded. * @returns {nsIChannel} * an nsIChannel object, or null if the url is invalid. */ - makeChannel(url) { + makeChannel(url, contentPolicyType) { + if (!contentPolicyType) { + throw new Error("makeChannel called with invalid content policy type"); + } try { let uri = typeof url == "string" ? Services.io.newURI(url) : url; return Services.io.newChannelFromURI( uri, null /* loadingNode */, - Services.scriptSecurityManager.getSystemPrincipal(), + Services.scriptSecurityManager.createNullPrincipal({}), null /* triggeringPrincipal */, Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL, - Ci.nsIContentPolicy.TYPE_OTHER + contentPolicyType ); } catch (ex) {} ===================================== toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs ===================================== @@ -10,7 +10,7 @@ function handleRequest(request, response) { response.setStatusLine("1.1", 302, "Moved"); if (request.queryString == "type=invalid") { response.setHeader("Content-Type", "image/png", false); - response.setHeader("Location", "engine.xml", false); + response.setHeader("Location", "/head_search.js", false); } else { response.setHeader("Content-Type", "text/html", false); response.setHeader("Location", "remoteIcon.ico", false); ===================================== toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js ===================================== @@ -12,9 +12,11 @@ add_task(async function setup() { }); add_task(async function test_installedresourceicon() { + // Attempts to load a resource:// url as an icon. let engine1 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/resourceicon.xml`, }); + // Attempts to load a chrome:// url as an icon. let engine2 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/chromeicon.xml`, }); @@ -32,12 +34,13 @@ add_task(async function test_installedhttpplace() { // The easiest way to test adding the icon is via a generated xml, otherwise // we have to somehow insert the address of the server into it. + // Attempts to load a non-image page into an image icon. let engine = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}data/engineMaker.sjs?` + JSON.stringify({ baseURL: gDataUrl, - image: "opensearch/resourceicon.xml", + image: "head_search.js", name: "invalidicon", method: "GET", }), ===================================== toolkit/components/search/tests/xpcshell/test_webextensions_install.js ===================================== @@ -5,6 +5,8 @@ const { promiseShutdownManager, promiseStartupManager } = AddonTestUtils; +let gBaseUrl; + async function getEngineNames() { let engines = await Services.search.getEngines(); return engines.map(engine => engine._name); @@ -13,6 +15,8 @@ async function getEngineNames() { add_task(async function setup() { let server = useHttpServer(); server.registerContentType("sjs", "sjs"); + gBaseUrl = `http://localhost:${server.identity.primaryPort}/`; + await SearchTestUtils.useTestEngines("test-extensions"); await promiseStartupManager(); @@ -132,7 +136,7 @@ add_task(async function test_load_favicon_invalid() { // User installs a new search engine let extension = await SearchTestUtils.installSearchExtension( { - favicon_url: `${gDataUrl}engine.xml`, + favicon_url: `${gBaseUrl}/head_search.js`, }, { skipUnload: true } ); ===================================== toolkit/modules/RemotePageAccessManager.sys.mjs ===================================== @@ -66,6 +66,7 @@ export let RemotePageAccessManager = { }, "about:httpsonlyerror": { RPMGetFormatURLPref: ["app.support.baseURL"], + RPMGetIntPref: ["security.dialog_enable_delay"], RPMSendAsyncMessage: ["goBack", "openInsecure"], RPMAddMessageListener: ["WWWReachable"], RPMTryPingSecureWWWLink: ["*"], View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8982a3…
-- View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/8982a3…
You're receiving this email because of your account on
gitlab.torproject.org
.
1
0
0
0
[Git][tpo/applications/mullvad-browser][mullvad-browser-115.4.0esr-13.0-1] 7 commits: Bug 1738426 - Ignoring status 206 and vary header checking for opaque response...
by richard (@richard)
23 Oct '23
23 Oct '23
richard pushed to branch mullvad-browser-115.4.0esr-13.0-1 at The Tor Project / Applications / Mullvad Browser Commits: 00e0b1d4 by Eden Chuang at 2023-10-23T12:18:47+00:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision:
https://phabricator.services.mozilla.com/D186431
- - - - - 19e02723 by edgul at 2023-10-23T12:18:48+00:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision:
https://phabricator.services.mozilla.com/D182373
- - - - - 18e737f2 by Kelsey Gilbert at 2023-10-23T12:18:48+00:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision:
https://phabricator.services.mozilla.com/D188054
- - - - - 57c1d25a by Mark Banner at 2023-10-23T12:18:48+00:00 Bug 1845752. r=ckerschb Differential Revision:
https://phabricator.services.mozilla.com/D186676
- - - - - cc34ac65 by Bob Owen at 2023-10-23T12:18:49+00:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision:
https://phabricator.services.mozilla.com/D187794
- - - - - 75377f78 by Malte Juergens at 2023-10-23T12:18:49+00:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision:
https://phabricator.services.mozilla.com/D187887
- - - - - d366918b by Andreas Pehrson at 2023-10-23T12:18:49+00:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision:
https://phabricator.services.mozilla.com/D187554
- - - - - 18 changed files: - dom/cache/TypeUtils.cpp - dom/canvas/WebGLContextExtensions.cpp - dom/media/MediaTrackGraph.cpp - dom/media/MediaTrackGraph.h - gfx/2d/RecordedEventImpl.h - gfx/2d/RecordingTypes.h - netwerk/cookie/CookieCommons.cpp - testing/web-platform/meta/cookies/name/name-ctl.html.ini - − testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini - toolkit/components/httpsonlyerror/content/errorpage.html - toolkit/components/httpsonlyerror/content/errorpage.js - toolkit/components/search/OpenSearchEngine.sys.mjs - toolkit/components/search/SearchEngine.sys.mjs - toolkit/components/search/SearchUtils.sys.mjs - toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs - toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js - toolkit/components/search/tests/xpcshell/test_webextensions_install.js - toolkit/modules/RemotePageAccessManager.sys.mjs Changes: ===================================== dom/cache/TypeUtils.cpp ===================================== @@ -184,7 +184,7 @@ void TypeUtils::ToCacheResponseWithoutBody(CacheResponse& aOut, aOut.statusText() = aIn.GetUnfilteredStatusText(); RefPtr<InternalHeaders> headers = aIn.UnfilteredHeaders(); MOZ_DIAGNOSTIC_ASSERT(headers); - if (HasVaryStar(headers)) { + if (aIn.Type() != ResponseType::Opaque && HasVaryStar(headers)) { aRv.ThrowTypeError("Invalid Response object with a 'Vary: *' header."); return; } ===================================== dom/canvas/WebGLContextExtensions.cpp ===================================== @@ -17,15 +17,10 @@ namespace mozilla { const char* GetExtensionName(const WebGLExtensionID ext) { - static EnumeratedArray<WebGLExtensionID, WebGLExtensionID::Max, const char*> - sExtensionNamesEnumeratedArray; - static bool initialized = false; - - if (!initialized) { - initialized = true; - + switch (ext) { #define WEBGL_EXTENSION_IDENTIFIER(x) \ - sExtensionNamesEnumeratedArray[WebGLExtensionID::x] = #x; + case WebGLExtensionID::x: \ + return #x; WEBGL_EXTENSION_IDENTIFIER(ANGLE_instanced_arrays) WEBGL_EXTENSION_IDENTIFIER(EXT_blend_minmax) @@ -67,9 +62,11 @@ const char* GetExtensionName(const WebGLExtensionID ext) { WEBGL_EXTENSION_IDENTIFIER(WEBGL_provoking_vertex) #undef WEBGL_EXTENSION_IDENTIFIER - } - return sExtensionNamesEnumeratedArray[ext]; + case WebGLExtensionID::Max: + break; + } + MOZ_CRASH("bad WebGLExtensionID"); } // ---------------------------- ===================================== dom/media/MediaTrackGraph.cpp ===================================== @@ -145,6 +145,27 @@ class GraphKey final { nsTHashMap<nsGenericHashKey<GraphKey>, MediaTrackGraphImpl*> gGraphs; } // anonymous namespace +static void ApplyTrackDisabling(DisabledTrackMode aDisabledMode, + MediaSegment* aSegment, + MediaSegment* aRawSegment) { + if (aDisabledMode == DisabledTrackMode::ENABLED) { + return; + } + if (aDisabledMode == DisabledTrackMode::SILENCE_BLACK) { + aSegment->ReplaceWithDisabled(); + if (aRawSegment) { + aRawSegment->ReplaceWithDisabled(); + } + } else if (aDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { + aSegment->ReplaceWithNull(); + if (aRawSegment) { + aRawSegment->ReplaceWithNull(); + } + } else { + MOZ_CRASH("Unsupported mode"); + } +} + MediaTrackGraphImpl::~MediaTrackGraphImpl() { MOZ_ASSERT(mTracks.IsEmpty() && mSuspendedTracks.IsEmpty(), "All tracks should have been destroyed by messages from the main " @@ -2421,6 +2442,7 @@ RefPtr<GenericPromise> MediaTrack::RemoveListener( void MediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); // Base implementation, for tracks that don't support direct track listeners. RefPtr<DirectMediaTrackListener> listener = aListener; listener->NotifyDirectListenerInstalled( @@ -2503,6 +2525,7 @@ void MediaTrack::RunAfterPendingUpdates( } void MediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); MOZ_DIAGNOSTIC_ASSERT( aMode == DisabledTrackMode::ENABLED || mDisabledMode == DisabledTrackMode::ENABLED, @@ -2531,22 +2554,8 @@ void MediaTrack::SetDisabledTrackMode(DisabledTrackMode aMode) { void MediaTrack::ApplyTrackDisabling(MediaSegment* aSegment, MediaSegment* aRawSegment) { - if (mDisabledMode == DisabledTrackMode::ENABLED) { - return; - } - if (mDisabledMode == DisabledTrackMode::SILENCE_BLACK) { - aSegment->ReplaceWithDisabled(); - if (aRawSegment) { - aRawSegment->ReplaceWithDisabled(); - } - } else if (mDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { - aSegment->ReplaceWithNull(); - if (aRawSegment) { - aRawSegment->ReplaceWithNull(); - } - } else { - MOZ_CRASH("Unsupported mode"); - } + MOZ_ASSERT(mGraph->OnGraphThread()); + mozilla::ApplyTrackDisabling(mDisabledMode, aSegment, aRawSegment); } void MediaTrack::AddMainThreadListener( @@ -2866,7 +2875,7 @@ TrackTime SourceMediaTrack::AppendData(MediaSegment* aSegment, // Apply track disabling before notifying any consumers directly // or inserting into the graph - ApplyTrackDisabling(aSegment, aRawSegment); + mozilla::ApplyTrackDisabling(mDirectDisabledMode, aSegment, aRawSegment); ResampleAudioToGraphSampleRate(aSegment); @@ -2910,6 +2919,7 @@ void SourceMediaTrack::NotifyDirectConsumers(MediaSegment* aSegment) { void SourceMediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); MutexAutoLock lock(mMutex); RefPtr<DirectMediaTrackListener> listener = aListener; @@ -2979,6 +2989,7 @@ void SourceMediaTrack::AddDirectListenerImpl( void SourceMediaTrack::RemoveDirectListenerImpl( DirectMediaTrackListener* aListener) { + mGraph->AssertOnGraphThreadOrNotRunning(); MutexAutoLock lock(mMutex); for (int32_t i = mDirectTrackListeners.Length() - 1; i >= 0; --i) { const RefPtr<DirectMediaTrackListener>& l = mDirectTrackListeners[i]; @@ -3008,17 +3019,20 @@ void SourceMediaTrack::End() { } void SourceMediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); { MutexAutoLock lock(mMutex); + const DisabledTrackMode oldMode = mDirectDisabledMode; + const bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; + const bool enabled = aMode == DisabledTrackMode::ENABLED; + mDirectDisabledMode = aMode; for (const auto& l : mDirectTrackListeners) { - DisabledTrackMode oldMode = mDisabledMode; - bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; - if (!oldEnabled && aMode == DisabledTrackMode::ENABLED) { + if (!oldEnabled && enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener enabled", GraphImpl(), this)); l->DecreaseDisabled(oldMode); - } else if (oldEnabled && aMode != DisabledTrackMode::ENABLED) { + } else if (oldEnabled && !enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener disabled", GraphImpl(), this)); ===================================== dom/media/MediaTrackGraph.h ===================================== @@ -652,18 +652,8 @@ class SourceMediaTrack : public MediaTrack { */ void End(); - // Overriding allows us to hold the mMutex lock while changing the track - // enable status void SetDisabledTrackModeImpl(DisabledTrackMode aMode) override; - // Overriding allows us to ensure mMutex is locked while changing the track - // enable status - void ApplyTrackDisabling(MediaSegment* aSegment, - MediaSegment* aRawSegment = nullptr) override { - mMutex.AssertCurrentThreadOwns(); - MediaTrack::ApplyTrackDisabling(aSegment, aRawSegment); - } - uint32_t NumberOfChannels() const override; void RemoveAllDirectListenersImpl() override; @@ -742,6 +732,11 @@ class SourceMediaTrack : public MediaTrack { // protected by mMutex float mVolume MOZ_GUARDED_BY(mMutex) = 1.0; UniquePtr<TrackData> mUpdateTrack MOZ_GUARDED_BY(mMutex); + // This track's associated disabled mode for uses on the producing thread. + // It can either by disabled by frames being replaced by black, or by + // retaining the previous frame. + DisabledTrackMode mDirectDisabledMode MOZ_GUARDED_BY(mMutex) = + DisabledTrackMode::ENABLED; nsTArray<RefPtr<DirectMediaTrackListener>> mDirectTrackListeners MOZ_GUARDED_BY(mMutex); }; ===================================== gfx/2d/RecordedEventImpl.h ===================================== @@ -65,7 +65,7 @@ class RecordedDrawTargetCreation BackendType mBackendType; IntRect mRect; SurfaceFormat mFormat; - bool mHasExistingData; + bool mHasExistingData = false; RefPtr<SourceSurface> mExistingData; private: ===================================== gfx/2d/RecordingTypes.h ===================================== @@ -24,6 +24,28 @@ struct ElementStreamFormat { aStream.read(reinterpret_cast<char*>(&aElement), sizeof(T)); } }; +template <class S> +struct ElementStreamFormat<S, bool> { + static void Write(S& aStream, const bool& aElement) { + char boolChar = aElement ? '\x01' : '\x00'; + aStream.write(&boolChar, sizeof(boolChar)); + } + static void Read(S& aStream, bool& aElement) { + char boolChar; + aStream.read(&boolChar, sizeof(boolChar)); + switch (boolChar) { + case '\x00': + aElement = false; + break; + case '\x01': + aElement = true; + break; + default: + aStream.SetIsBad(); + break; + } + } +}; template <class S, class T> void WriteElement(S& aStream, const T& aElement) { ===================================== netwerk/cookie/CookieCommons.cpp ===================================== @@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) { bool CookieCommons::CheckName(const CookieStruct& aCookieData) { const char illegalNameCharacters[] = { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, - 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00}; + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00}; const auto* start = aCookieData.name().BeginReading(); const auto* end = aCookieData.name().EndReading(); ===================================== testing/web-platform/meta/cookies/name/name-ctl.html.ini ===================================== @@ -11,36 +11,6 @@ [Cookie with %xd in name is rejected (DOM).] expected: FAIL - [Cookie with %x7f in name is rejected (DOM).] - expected: FAIL - - [Cookie with %x0 in name is rejected or modified (HTTP).] - expected: FAIL - - [Cookie with %x1 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x2 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x3 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x4 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x5 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x6 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x7 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x8 in name is rejected (HTTP).] - expected: FAIL - [Cookie with %x9 in name is accepted (HTTP).] expected: FAIL ===================================== testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini deleted ===================================== @@ -1,26 +0,0 @@ -[cache-put.https.any.serviceworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.sharedworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.worker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL ===================================== toolkit/components/httpsonlyerror/content/errorpage.html ===================================== @@ -67,6 +67,7 @@ <button id="openInsecure" data-l10n-id="about-httpsonly-button-continue-to-site" + inert ></button> </div> <div class="suggestion-box" hidden> ===================================== toolkit/components/httpsonlyerror/content/errorpage.js ===================================== @@ -34,6 +34,11 @@ function initPage() { .getElementById("openInsecure") .addEventListener("click", onOpenInsecureButtonClick); + const delay = RPMGetIntPref("security.dialog_enable_delay", 1000); + setTimeout(() => { + document.getElementById("openInsecure").removeAttribute("inert"); + }, delay); + if (window.top == window) { document .getElementById("goBack") ===================================== toolkit/components/search/OpenSearchEngine.sys.mjs ===================================== @@ -144,7 +144,12 @@ export class OpenSearchEngine extends SearchEngine { lazy.logConsole.debug("_install: Downloading engine from:", loadURI.spec); - var chan = lazy.SearchUtils.makeChannel(loadURI); + var chan = lazy.SearchUtils.makeChannel( + loadURI, + // OpenSearchEngine is loading a definition file for a search engine, + // TYPE_DOCUMENT captures that load best + Ci.nsIContentPolicy.TYPE_DOCUMENT + ); if (this._engineToUpdate && chan instanceof Ci.nsIHttpChannel) { var lastModified = this._engineToUpdate.getAttr("updatelastmodified"); ===================================== toolkit/components/search/SearchEngine.sys.mjs ===================================== @@ -821,7 +821,10 @@ export class SearchEngine { this._hasPreferredIcon = isPreferred; }; - let chan = lazy.SearchUtils.makeChannel(uri); + let chan = lazy.SearchUtils.makeChannel( + uri, + Ci.nsIContentPolicy.TYPE_IMAGE + ); let listener = new lazy.SearchUtils.LoadListener( chan, /^image\//, ===================================== toolkit/components/search/SearchUtils.sys.mjs ===================================== @@ -248,19 +248,24 @@ export var SearchUtils = { * * @param {string|nsIURI} url * The URL string from which to create an nsIChannel. + * @param {nsIContentPolicy} contentPolicyType + * The type of document being loaded. * @returns {nsIChannel} * an nsIChannel object, or null if the url is invalid. */ - makeChannel(url) { + makeChannel(url, contentPolicyType) { + if (!contentPolicyType) { + throw new Error("makeChannel called with invalid content policy type"); + } try { let uri = typeof url == "string" ? Services.io.newURI(url) : url; return Services.io.newChannelFromURI( uri, null /* loadingNode */, - Services.scriptSecurityManager.getSystemPrincipal(), + Services.scriptSecurityManager.createNullPrincipal({}), null /* triggeringPrincipal */, Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL, - Ci.nsIContentPolicy.TYPE_OTHER + contentPolicyType ); } catch (ex) {} ===================================== toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs ===================================== @@ -10,7 +10,7 @@ function handleRequest(request, response) { response.setStatusLine("1.1", 302, "Moved"); if (request.queryString == "type=invalid") { response.setHeader("Content-Type", "image/png", false); - response.setHeader("Location", "engine.xml", false); + response.setHeader("Location", "/head_search.js", false); } else { response.setHeader("Content-Type", "text/html", false); response.setHeader("Location", "remoteIcon.ico", false); ===================================== toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js ===================================== @@ -12,9 +12,11 @@ add_task(async function setup() { }); add_task(async function test_installedresourceicon() { + // Attempts to load a resource:// url as an icon. let engine1 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/resourceicon.xml`, }); + // Attempts to load a chrome:// url as an icon. let engine2 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/chromeicon.xml`, }); @@ -32,12 +34,13 @@ add_task(async function test_installedhttpplace() { // The easiest way to test adding the icon is via a generated xml, otherwise // we have to somehow insert the address of the server into it. + // Attempts to load a non-image page into an image icon. let engine = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}data/engineMaker.sjs?` + JSON.stringify({ baseURL: gDataUrl, - image: "opensearch/resourceicon.xml", + image: "head_search.js", name: "invalidicon", method: "GET", }), ===================================== toolkit/components/search/tests/xpcshell/test_webextensions_install.js ===================================== @@ -5,6 +5,8 @@ const { promiseShutdownManager, promiseStartupManager } = AddonTestUtils; +let gBaseUrl; + async function getEngineNames() { let engines = await Services.search.getEngines(); return engines.map(engine => engine._name); @@ -13,6 +15,8 @@ async function getEngineNames() { add_task(async function setup() { let server = useHttpServer(); server.registerContentType("sjs", "sjs"); + gBaseUrl = `http://localhost:${server.identity.primaryPort}/`; + await SearchTestUtils.useTestEngines("test-extensions"); await promiseStartupManager(); @@ -132,7 +136,7 @@ add_task(async function test_load_favicon_invalid() { // User installs a new search engine let extension = await SearchTestUtils.installSearchExtension( { - favicon_url: `${gDataUrl}engine.xml`, + favicon_url: `${gBaseUrl}/head_search.js`, }, { skipUnload: true } ); ===================================== toolkit/modules/RemotePageAccessManager.sys.mjs ===================================== @@ -66,6 +66,7 @@ export let RemotePageAccessManager = { }, "about:httpsonlyerror": { RPMGetFormatURLPref: ["app.support.baseURL"], + RPMGetIntPref: ["security.dialog_enable_delay"], RPMSendAsyncMessage: ["goBack", "openInsecure"], RPMAddMessageListener: ["WWWReachable"], RPMTryPingSecureWWWLink: ["*"], View it on GitLab:
https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/78…
-- View it on GitLab:
https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/78…
You're receiving this email because of your account on
gitlab.torproject.org
.
1
0
0
0
[Git][tpo/applications/tor-browser][base-browser-115.4.0esr-13.0-1] 7 commits: Bug 1738426 - Ignoring status 206 and vary header checking for opaque response...
by richard (@richard)
23 Oct '23
23 Oct '23
richard pushed to branch base-browser-115.4.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: b9e4a514 by Eden Chuang at 2023-10-23T12:08:01+00:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision:
https://phabricator.services.mozilla.com/D186431
- - - - - 8c746a06 by edgul at 2023-10-23T12:08:02+00:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision:
https://phabricator.services.mozilla.com/D182373
- - - - - 84ccf5cf by Kelsey Gilbert at 2023-10-23T12:08:02+00:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision:
https://phabricator.services.mozilla.com/D188054
- - - - - 86a0bd0a by Mark Banner at 2023-10-23T12:08:03+00:00 Bug 1845752. r=ckerschb Differential Revision:
https://phabricator.services.mozilla.com/D186676
- - - - - 20ba1040 by Bob Owen at 2023-10-23T12:08:03+00:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision:
https://phabricator.services.mozilla.com/D187794
- - - - - ceefded8 by Malte Juergens at 2023-10-23T12:08:03+00:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision:
https://phabricator.services.mozilla.com/D187887
- - - - - a27ce01f by Andreas Pehrson at 2023-10-23T12:08:04+00:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision:
https://phabricator.services.mozilla.com/D187554
- - - - - 18 changed files: - dom/cache/TypeUtils.cpp - dom/canvas/WebGLContextExtensions.cpp - dom/media/MediaTrackGraph.cpp - dom/media/MediaTrackGraph.h - gfx/2d/RecordedEventImpl.h - gfx/2d/RecordingTypes.h - netwerk/cookie/CookieCommons.cpp - testing/web-platform/meta/cookies/name/name-ctl.html.ini - − testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini - toolkit/components/httpsonlyerror/content/errorpage.html - toolkit/components/httpsonlyerror/content/errorpage.js - toolkit/components/search/OpenSearchEngine.sys.mjs - toolkit/components/search/SearchEngine.sys.mjs - toolkit/components/search/SearchUtils.sys.mjs - toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs - toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js - toolkit/components/search/tests/xpcshell/test_webextensions_install.js - toolkit/modules/RemotePageAccessManager.sys.mjs Changes: ===================================== dom/cache/TypeUtils.cpp ===================================== @@ -184,7 +184,7 @@ void TypeUtils::ToCacheResponseWithoutBody(CacheResponse& aOut, aOut.statusText() = aIn.GetUnfilteredStatusText(); RefPtr<InternalHeaders> headers = aIn.UnfilteredHeaders(); MOZ_DIAGNOSTIC_ASSERT(headers); - if (HasVaryStar(headers)) { + if (aIn.Type() != ResponseType::Opaque && HasVaryStar(headers)) { aRv.ThrowTypeError("Invalid Response object with a 'Vary: *' header."); return; } ===================================== dom/canvas/WebGLContextExtensions.cpp ===================================== @@ -17,15 +17,10 @@ namespace mozilla { const char* GetExtensionName(const WebGLExtensionID ext) { - static EnumeratedArray<WebGLExtensionID, WebGLExtensionID::Max, const char*> - sExtensionNamesEnumeratedArray; - static bool initialized = false; - - if (!initialized) { - initialized = true; - + switch (ext) { #define WEBGL_EXTENSION_IDENTIFIER(x) \ - sExtensionNamesEnumeratedArray[WebGLExtensionID::x] = #x; + case WebGLExtensionID::x: \ + return #x; WEBGL_EXTENSION_IDENTIFIER(ANGLE_instanced_arrays) WEBGL_EXTENSION_IDENTIFIER(EXT_blend_minmax) @@ -67,9 +62,11 @@ const char* GetExtensionName(const WebGLExtensionID ext) { WEBGL_EXTENSION_IDENTIFIER(WEBGL_provoking_vertex) #undef WEBGL_EXTENSION_IDENTIFIER - } - return sExtensionNamesEnumeratedArray[ext]; + case WebGLExtensionID::Max: + break; + } + MOZ_CRASH("bad WebGLExtensionID"); } // ---------------------------- ===================================== dom/media/MediaTrackGraph.cpp ===================================== @@ -145,6 +145,27 @@ class GraphKey final { nsTHashMap<nsGenericHashKey<GraphKey>, MediaTrackGraphImpl*> gGraphs; } // anonymous namespace +static void ApplyTrackDisabling(DisabledTrackMode aDisabledMode, + MediaSegment* aSegment, + MediaSegment* aRawSegment) { + if (aDisabledMode == DisabledTrackMode::ENABLED) { + return; + } + if (aDisabledMode == DisabledTrackMode::SILENCE_BLACK) { + aSegment->ReplaceWithDisabled(); + if (aRawSegment) { + aRawSegment->ReplaceWithDisabled(); + } + } else if (aDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { + aSegment->ReplaceWithNull(); + if (aRawSegment) { + aRawSegment->ReplaceWithNull(); + } + } else { + MOZ_CRASH("Unsupported mode"); + } +} + MediaTrackGraphImpl::~MediaTrackGraphImpl() { MOZ_ASSERT(mTracks.IsEmpty() && mSuspendedTracks.IsEmpty(), "All tracks should have been destroyed by messages from the main " @@ -2421,6 +2442,7 @@ RefPtr<GenericPromise> MediaTrack::RemoveListener( void MediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); // Base implementation, for tracks that don't support direct track listeners. RefPtr<DirectMediaTrackListener> listener = aListener; listener->NotifyDirectListenerInstalled( @@ -2503,6 +2525,7 @@ void MediaTrack::RunAfterPendingUpdates( } void MediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); MOZ_DIAGNOSTIC_ASSERT( aMode == DisabledTrackMode::ENABLED || mDisabledMode == DisabledTrackMode::ENABLED, @@ -2531,22 +2554,8 @@ void MediaTrack::SetDisabledTrackMode(DisabledTrackMode aMode) { void MediaTrack::ApplyTrackDisabling(MediaSegment* aSegment, MediaSegment* aRawSegment) { - if (mDisabledMode == DisabledTrackMode::ENABLED) { - return; - } - if (mDisabledMode == DisabledTrackMode::SILENCE_BLACK) { - aSegment->ReplaceWithDisabled(); - if (aRawSegment) { - aRawSegment->ReplaceWithDisabled(); - } - } else if (mDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { - aSegment->ReplaceWithNull(); - if (aRawSegment) { - aRawSegment->ReplaceWithNull(); - } - } else { - MOZ_CRASH("Unsupported mode"); - } + MOZ_ASSERT(mGraph->OnGraphThread()); + mozilla::ApplyTrackDisabling(mDisabledMode, aSegment, aRawSegment); } void MediaTrack::AddMainThreadListener( @@ -2866,7 +2875,7 @@ TrackTime SourceMediaTrack::AppendData(MediaSegment* aSegment, // Apply track disabling before notifying any consumers directly // or inserting into the graph - ApplyTrackDisabling(aSegment, aRawSegment); + mozilla::ApplyTrackDisabling(mDirectDisabledMode, aSegment, aRawSegment); ResampleAudioToGraphSampleRate(aSegment); @@ -2910,6 +2919,7 @@ void SourceMediaTrack::NotifyDirectConsumers(MediaSegment* aSegment) { void SourceMediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); MutexAutoLock lock(mMutex); RefPtr<DirectMediaTrackListener> listener = aListener; @@ -2979,6 +2989,7 @@ void SourceMediaTrack::AddDirectListenerImpl( void SourceMediaTrack::RemoveDirectListenerImpl( DirectMediaTrackListener* aListener) { + mGraph->AssertOnGraphThreadOrNotRunning(); MutexAutoLock lock(mMutex); for (int32_t i = mDirectTrackListeners.Length() - 1; i >= 0; --i) { const RefPtr<DirectMediaTrackListener>& l = mDirectTrackListeners[i]; @@ -3008,17 +3019,20 @@ void SourceMediaTrack::End() { } void SourceMediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); { MutexAutoLock lock(mMutex); + const DisabledTrackMode oldMode = mDirectDisabledMode; + const bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; + const bool enabled = aMode == DisabledTrackMode::ENABLED; + mDirectDisabledMode = aMode; for (const auto& l : mDirectTrackListeners) { - DisabledTrackMode oldMode = mDisabledMode; - bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; - if (!oldEnabled && aMode == DisabledTrackMode::ENABLED) { + if (!oldEnabled && enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener enabled", GraphImpl(), this)); l->DecreaseDisabled(oldMode); - } else if (oldEnabled && aMode != DisabledTrackMode::ENABLED) { + } else if (oldEnabled && !enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener disabled", GraphImpl(), this)); ===================================== dom/media/MediaTrackGraph.h ===================================== @@ -652,18 +652,8 @@ class SourceMediaTrack : public MediaTrack { */ void End(); - // Overriding allows us to hold the mMutex lock while changing the track - // enable status void SetDisabledTrackModeImpl(DisabledTrackMode aMode) override; - // Overriding allows us to ensure mMutex is locked while changing the track - // enable status - void ApplyTrackDisabling(MediaSegment* aSegment, - MediaSegment* aRawSegment = nullptr) override { - mMutex.AssertCurrentThreadOwns(); - MediaTrack::ApplyTrackDisabling(aSegment, aRawSegment); - } - uint32_t NumberOfChannels() const override; void RemoveAllDirectListenersImpl() override; @@ -742,6 +732,11 @@ class SourceMediaTrack : public MediaTrack { // protected by mMutex float mVolume MOZ_GUARDED_BY(mMutex) = 1.0; UniquePtr<TrackData> mUpdateTrack MOZ_GUARDED_BY(mMutex); + // This track's associated disabled mode for uses on the producing thread. + // It can either by disabled by frames being replaced by black, or by + // retaining the previous frame. + DisabledTrackMode mDirectDisabledMode MOZ_GUARDED_BY(mMutex) = + DisabledTrackMode::ENABLED; nsTArray<RefPtr<DirectMediaTrackListener>> mDirectTrackListeners MOZ_GUARDED_BY(mMutex); }; ===================================== gfx/2d/RecordedEventImpl.h ===================================== @@ -65,7 +65,7 @@ class RecordedDrawTargetCreation BackendType mBackendType; IntRect mRect; SurfaceFormat mFormat; - bool mHasExistingData; + bool mHasExistingData = false; RefPtr<SourceSurface> mExistingData; private: ===================================== gfx/2d/RecordingTypes.h ===================================== @@ -24,6 +24,28 @@ struct ElementStreamFormat { aStream.read(reinterpret_cast<char*>(&aElement), sizeof(T)); } }; +template <class S> +struct ElementStreamFormat<S, bool> { + static void Write(S& aStream, const bool& aElement) { + char boolChar = aElement ? '\x01' : '\x00'; + aStream.write(&boolChar, sizeof(boolChar)); + } + static void Read(S& aStream, bool& aElement) { + char boolChar; + aStream.read(&boolChar, sizeof(boolChar)); + switch (boolChar) { + case '\x00': + aElement = false; + break; + case '\x01': + aElement = true; + break; + default: + aStream.SetIsBad(); + break; + } + } +}; template <class S, class T> void WriteElement(S& aStream, const T& aElement) { ===================================== netwerk/cookie/CookieCommons.cpp ===================================== @@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) { bool CookieCommons::CheckName(const CookieStruct& aCookieData) { const char illegalNameCharacters[] = { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, - 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00}; + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00}; const auto* start = aCookieData.name().BeginReading(); const auto* end = aCookieData.name().EndReading(); ===================================== testing/web-platform/meta/cookies/name/name-ctl.html.ini ===================================== @@ -11,36 +11,6 @@ [Cookie with %xd in name is rejected (DOM).] expected: FAIL - [Cookie with %x7f in name is rejected (DOM).] - expected: FAIL - - [Cookie with %x0 in name is rejected or modified (HTTP).] - expected: FAIL - - [Cookie with %x1 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x2 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x3 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x4 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x5 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x6 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x7 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x8 in name is rejected (HTTP).] - expected: FAIL - [Cookie with %x9 in name is accepted (HTTP).] expected: FAIL ===================================== testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini deleted ===================================== @@ -1,26 +0,0 @@ -[cache-put.https.any.serviceworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.sharedworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.worker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL ===================================== toolkit/components/httpsonlyerror/content/errorpage.html ===================================== @@ -67,6 +67,7 @@ <button id="openInsecure" data-l10n-id="about-httpsonly-button-continue-to-site" + inert ></button> </div> <div class="suggestion-box" hidden> ===================================== toolkit/components/httpsonlyerror/content/errorpage.js ===================================== @@ -34,6 +34,11 @@ function initPage() { .getElementById("openInsecure") .addEventListener("click", onOpenInsecureButtonClick); + const delay = RPMGetIntPref("security.dialog_enable_delay", 1000); + setTimeout(() => { + document.getElementById("openInsecure").removeAttribute("inert"); + }, delay); + if (window.top == window) { document .getElementById("goBack") ===================================== toolkit/components/search/OpenSearchEngine.sys.mjs ===================================== @@ -144,7 +144,12 @@ export class OpenSearchEngine extends SearchEngine { lazy.logConsole.debug("_install: Downloading engine from:", loadURI.spec); - var chan = lazy.SearchUtils.makeChannel(loadURI); + var chan = lazy.SearchUtils.makeChannel( + loadURI, + // OpenSearchEngine is loading a definition file for a search engine, + // TYPE_DOCUMENT captures that load best + Ci.nsIContentPolicy.TYPE_DOCUMENT + ); if (this._engineToUpdate && chan instanceof Ci.nsIHttpChannel) { var lastModified = this._engineToUpdate.getAttr("updatelastmodified"); ===================================== toolkit/components/search/SearchEngine.sys.mjs ===================================== @@ -821,7 +821,10 @@ export class SearchEngine { this._hasPreferredIcon = isPreferred; }; - let chan = lazy.SearchUtils.makeChannel(uri); + let chan = lazy.SearchUtils.makeChannel( + uri, + Ci.nsIContentPolicy.TYPE_IMAGE + ); let listener = new lazy.SearchUtils.LoadListener( chan, /^image\//, ===================================== toolkit/components/search/SearchUtils.sys.mjs ===================================== @@ -248,19 +248,24 @@ export var SearchUtils = { * * @param {string|nsIURI} url * The URL string from which to create an nsIChannel. + * @param {nsIContentPolicy} contentPolicyType + * The type of document being loaded. * @returns {nsIChannel} * an nsIChannel object, or null if the url is invalid. */ - makeChannel(url) { + makeChannel(url, contentPolicyType) { + if (!contentPolicyType) { + throw new Error("makeChannel called with invalid content policy type"); + } try { let uri = typeof url == "string" ? Services.io.newURI(url) : url; return Services.io.newChannelFromURI( uri, null /* loadingNode */, - Services.scriptSecurityManager.getSystemPrincipal(), + Services.scriptSecurityManager.createNullPrincipal({}), null /* triggeringPrincipal */, Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL, - Ci.nsIContentPolicy.TYPE_OTHER + contentPolicyType ); } catch (ex) {} ===================================== toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs ===================================== @@ -10,7 +10,7 @@ function handleRequest(request, response) { response.setStatusLine("1.1", 302, "Moved"); if (request.queryString == "type=invalid") { response.setHeader("Content-Type", "image/png", false); - response.setHeader("Location", "engine.xml", false); + response.setHeader("Location", "/head_search.js", false); } else { response.setHeader("Content-Type", "text/html", false); response.setHeader("Location", "remoteIcon.ico", false); ===================================== toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js ===================================== @@ -12,9 +12,11 @@ add_task(async function setup() { }); add_task(async function test_installedresourceicon() { + // Attempts to load a resource:// url as an icon. let engine1 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/resourceicon.xml`, }); + // Attempts to load a chrome:// url as an icon. let engine2 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/chromeicon.xml`, }); @@ -32,12 +34,13 @@ add_task(async function test_installedhttpplace() { // The easiest way to test adding the icon is via a generated xml, otherwise // we have to somehow insert the address of the server into it. + // Attempts to load a non-image page into an image icon. let engine = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}data/engineMaker.sjs?` + JSON.stringify({ baseURL: gDataUrl, - image: "opensearch/resourceicon.xml", + image: "head_search.js", name: "invalidicon", method: "GET", }), ===================================== toolkit/components/search/tests/xpcshell/test_webextensions_install.js ===================================== @@ -5,6 +5,8 @@ const { promiseShutdownManager, promiseStartupManager } = AddonTestUtils; +let gBaseUrl; + async function getEngineNames() { let engines = await Services.search.getEngines(); return engines.map(engine => engine._name); @@ -13,6 +15,8 @@ async function getEngineNames() { add_task(async function setup() { let server = useHttpServer(); server.registerContentType("sjs", "sjs"); + gBaseUrl = `http://localhost:${server.identity.primaryPort}/`; + await SearchTestUtils.useTestEngines("test-extensions"); await promiseStartupManager(); @@ -132,7 +136,7 @@ add_task(async function test_load_favicon_invalid() { // User installs a new search engine let extension = await SearchTestUtils.installSearchExtension( { - favicon_url: `${gDataUrl}engine.xml`, + favicon_url: `${gBaseUrl}/head_search.js`, }, { skipUnload: true } ); ===================================== toolkit/modules/RemotePageAccessManager.sys.mjs ===================================== @@ -66,6 +66,7 @@ export let RemotePageAccessManager = { }, "about:httpsonlyerror": { RPMGetFormatURLPref: ["app.support.baseURL"], + RPMGetIntPref: ["security.dialog_enable_delay"], RPMSendAsyncMessage: ["goBack", "openInsecure"], RPMAddMessageListener: ["WWWReachable"], RPMTryPingSecureWWWLink: ["*"], View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/a78a91…
-- View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/a78a91…
You're receiving this email because of your account on
gitlab.torproject.org
.
1
0
0
0
[Git][tpo/applications/tor-browser][tor-browser-115.4.0esr-13.0-1] 8 commits: Bug 1738426 - Ignoring status 206 and vary header checking for opaque response...
by richard (@richard)
23 Oct '23
23 Oct '23
richard pushed to branch tor-browser-115.4.0esr-13.0-1 at The Tor Project / Applications / Tor Browser Commits: 2abd55fd by Eden Chuang at 2023-10-21T19:53:08+02:00 Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth Differential Revision:
https://phabricator.services.mozilla.com/D186431
- - - - - 9935a5d2 by edgul at 2023-10-21T20:19:27+02:00 Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers Differential Revision:
https://phabricator.services.mozilla.com/D182373
- - - - - 17f51380 by Kelsey Gilbert at 2023-10-21T20:26:18+02:00 Bug 1819497 - Don't race on static bool for initialization. r=gfx-reviewers,aosmond We could do non-racy static init here (e.g. with a static initializer self-calling-closure), but there doesn't seem to be a strong reason for this. Let's just use a switch and get robustness from -Werror=switch. Differential Revision:
https://phabricator.services.mozilla.com/D188054
- - - - - 220260c4 by Mark Banner at 2023-10-21T20:56:11+02:00 Bug 1845752. r=ckerschb Differential Revision:
https://phabricator.services.mozilla.com/D186676
- - - - - 12d376c9 by Bob Owen at 2023-10-21T21:02:12+02:00 Bug 1850072: Initialize RecordedDrawTargetCreation::mHasExistingData. r=jrmuizel This also specializes ElementStreamFormat for bool. Differential Revision:
https://phabricator.services.mozilla.com/D187794
- - - - - 2488f011 by Malte Juergens at 2023-10-21T21:24:39+02:00 Bug 1850200 - Add delay to HTTPS-Only "Continue to HTTPS Site" button r=freddyb Differential Revision:
https://phabricator.services.mozilla.com/D187887
- - - - - 523a7efe by Andreas Pehrson at 2023-10-21T21:42:20+02:00 Bug 1851803 - Introduce SourceMediaTrack::mDirectDisabledMode. r=karlt Similar to MediaTrack::mDisabledMode, but this is for uses on the SourceMediaTrack producer thread. It is still signaled via a control message from the control thread to maintain order of operations, and is protected by the SourceMediaTrack mutex. Differential Revision:
https://phabricator.services.mozilla.com/D187554
- - - - - c932accf by richard at 2023-10-23T11:42:18+00:00 Merge branch 'bug42191-confidential-issue' into 'tor-browser-115.4.0esr-13.0-1' Bug 42191: backports from 119 to esr115 See merge request ma1/tor-browser-confidential!4 - - - - - 18 changed files: - dom/cache/TypeUtils.cpp - dom/canvas/WebGLContextExtensions.cpp - dom/media/MediaTrackGraph.cpp - dom/media/MediaTrackGraph.h - gfx/2d/RecordedEventImpl.h - gfx/2d/RecordingTypes.h - netwerk/cookie/CookieCommons.cpp - testing/web-platform/meta/cookies/name/name-ctl.html.ini - − testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini - toolkit/components/httpsonlyerror/content/errorpage.html - toolkit/components/httpsonlyerror/content/errorpage.js - toolkit/components/search/OpenSearchEngine.sys.mjs - toolkit/components/search/SearchEngine.sys.mjs - toolkit/components/search/SearchUtils.sys.mjs - toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs - toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js - toolkit/components/search/tests/xpcshell/test_webextensions_install.js - toolkit/modules/RemotePageAccessManager.sys.mjs Changes: ===================================== dom/cache/TypeUtils.cpp ===================================== @@ -184,7 +184,7 @@ void TypeUtils::ToCacheResponseWithoutBody(CacheResponse& aOut, aOut.statusText() = aIn.GetUnfilteredStatusText(); RefPtr<InternalHeaders> headers = aIn.UnfilteredHeaders(); MOZ_DIAGNOSTIC_ASSERT(headers); - if (HasVaryStar(headers)) { + if (aIn.Type() != ResponseType::Opaque && HasVaryStar(headers)) { aRv.ThrowTypeError("Invalid Response object with a 'Vary: *' header."); return; } ===================================== dom/canvas/WebGLContextExtensions.cpp ===================================== @@ -17,15 +17,10 @@ namespace mozilla { const char* GetExtensionName(const WebGLExtensionID ext) { - static EnumeratedArray<WebGLExtensionID, WebGLExtensionID::Max, const char*> - sExtensionNamesEnumeratedArray; - static bool initialized = false; - - if (!initialized) { - initialized = true; - + switch (ext) { #define WEBGL_EXTENSION_IDENTIFIER(x) \ - sExtensionNamesEnumeratedArray[WebGLExtensionID::x] = #x; + case WebGLExtensionID::x: \ + return #x; WEBGL_EXTENSION_IDENTIFIER(ANGLE_instanced_arrays) WEBGL_EXTENSION_IDENTIFIER(EXT_blend_minmax) @@ -67,9 +62,11 @@ const char* GetExtensionName(const WebGLExtensionID ext) { WEBGL_EXTENSION_IDENTIFIER(WEBGL_provoking_vertex) #undef WEBGL_EXTENSION_IDENTIFIER - } - return sExtensionNamesEnumeratedArray[ext]; + case WebGLExtensionID::Max: + break; + } + MOZ_CRASH("bad WebGLExtensionID"); } // ---------------------------- ===================================== dom/media/MediaTrackGraph.cpp ===================================== @@ -145,6 +145,27 @@ class GraphKey final { nsTHashMap<nsGenericHashKey<GraphKey>, MediaTrackGraphImpl*> gGraphs; } // anonymous namespace +static void ApplyTrackDisabling(DisabledTrackMode aDisabledMode, + MediaSegment* aSegment, + MediaSegment* aRawSegment) { + if (aDisabledMode == DisabledTrackMode::ENABLED) { + return; + } + if (aDisabledMode == DisabledTrackMode::SILENCE_BLACK) { + aSegment->ReplaceWithDisabled(); + if (aRawSegment) { + aRawSegment->ReplaceWithDisabled(); + } + } else if (aDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { + aSegment->ReplaceWithNull(); + if (aRawSegment) { + aRawSegment->ReplaceWithNull(); + } + } else { + MOZ_CRASH("Unsupported mode"); + } +} + MediaTrackGraphImpl::~MediaTrackGraphImpl() { MOZ_ASSERT(mTracks.IsEmpty() && mSuspendedTracks.IsEmpty(), "All tracks should have been destroyed by messages from the main " @@ -2421,6 +2442,7 @@ RefPtr<GenericPromise> MediaTrack::RemoveListener( void MediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); // Base implementation, for tracks that don't support direct track listeners. RefPtr<DirectMediaTrackListener> listener = aListener; listener->NotifyDirectListenerInstalled( @@ -2503,6 +2525,7 @@ void MediaTrack::RunAfterPendingUpdates( } void MediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); MOZ_DIAGNOSTIC_ASSERT( aMode == DisabledTrackMode::ENABLED || mDisabledMode == DisabledTrackMode::ENABLED, @@ -2531,22 +2554,8 @@ void MediaTrack::SetDisabledTrackMode(DisabledTrackMode aMode) { void MediaTrack::ApplyTrackDisabling(MediaSegment* aSegment, MediaSegment* aRawSegment) { - if (mDisabledMode == DisabledTrackMode::ENABLED) { - return; - } - if (mDisabledMode == DisabledTrackMode::SILENCE_BLACK) { - aSegment->ReplaceWithDisabled(); - if (aRawSegment) { - aRawSegment->ReplaceWithDisabled(); - } - } else if (mDisabledMode == DisabledTrackMode::SILENCE_FREEZE) { - aSegment->ReplaceWithNull(); - if (aRawSegment) { - aRawSegment->ReplaceWithNull(); - } - } else { - MOZ_CRASH("Unsupported mode"); - } + MOZ_ASSERT(mGraph->OnGraphThread()); + mozilla::ApplyTrackDisabling(mDisabledMode, aSegment, aRawSegment); } void MediaTrack::AddMainThreadListener( @@ -2866,7 +2875,7 @@ TrackTime SourceMediaTrack::AppendData(MediaSegment* aSegment, // Apply track disabling before notifying any consumers directly // or inserting into the graph - ApplyTrackDisabling(aSegment, aRawSegment); + mozilla::ApplyTrackDisabling(mDirectDisabledMode, aSegment, aRawSegment); ResampleAudioToGraphSampleRate(aSegment); @@ -2910,6 +2919,7 @@ void SourceMediaTrack::NotifyDirectConsumers(MediaSegment* aSegment) { void SourceMediaTrack::AddDirectListenerImpl( already_AddRefed<DirectMediaTrackListener> aListener) { + MOZ_ASSERT(mGraph->OnGraphThread()); MutexAutoLock lock(mMutex); RefPtr<DirectMediaTrackListener> listener = aListener; @@ -2979,6 +2989,7 @@ void SourceMediaTrack::AddDirectListenerImpl( void SourceMediaTrack::RemoveDirectListenerImpl( DirectMediaTrackListener* aListener) { + mGraph->AssertOnGraphThreadOrNotRunning(); MutexAutoLock lock(mMutex); for (int32_t i = mDirectTrackListeners.Length() - 1; i >= 0; --i) { const RefPtr<DirectMediaTrackListener>& l = mDirectTrackListeners[i]; @@ -3008,17 +3019,20 @@ void SourceMediaTrack::End() { } void SourceMediaTrack::SetDisabledTrackModeImpl(DisabledTrackMode aMode) { + MOZ_ASSERT(mGraph->OnGraphThread()); { MutexAutoLock lock(mMutex); + const DisabledTrackMode oldMode = mDirectDisabledMode; + const bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; + const bool enabled = aMode == DisabledTrackMode::ENABLED; + mDirectDisabledMode = aMode; for (const auto& l : mDirectTrackListeners) { - DisabledTrackMode oldMode = mDisabledMode; - bool oldEnabled = oldMode == DisabledTrackMode::ENABLED; - if (!oldEnabled && aMode == DisabledTrackMode::ENABLED) { + if (!oldEnabled && enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener enabled", GraphImpl(), this)); l->DecreaseDisabled(oldMode); - } else if (oldEnabled && aMode != DisabledTrackMode::ENABLED) { + } else if (oldEnabled && !enabled) { LOG(LogLevel::Debug, ("%p: SourceMediaTrack %p setting " "direct listener disabled", GraphImpl(), this)); ===================================== dom/media/MediaTrackGraph.h ===================================== @@ -652,18 +652,8 @@ class SourceMediaTrack : public MediaTrack { */ void End(); - // Overriding allows us to hold the mMutex lock while changing the track - // enable status void SetDisabledTrackModeImpl(DisabledTrackMode aMode) override; - // Overriding allows us to ensure mMutex is locked while changing the track - // enable status - void ApplyTrackDisabling(MediaSegment* aSegment, - MediaSegment* aRawSegment = nullptr) override { - mMutex.AssertCurrentThreadOwns(); - MediaTrack::ApplyTrackDisabling(aSegment, aRawSegment); - } - uint32_t NumberOfChannels() const override; void RemoveAllDirectListenersImpl() override; @@ -742,6 +732,11 @@ class SourceMediaTrack : public MediaTrack { // protected by mMutex float mVolume MOZ_GUARDED_BY(mMutex) = 1.0; UniquePtr<TrackData> mUpdateTrack MOZ_GUARDED_BY(mMutex); + // This track's associated disabled mode for uses on the producing thread. + // It can either by disabled by frames being replaced by black, or by + // retaining the previous frame. + DisabledTrackMode mDirectDisabledMode MOZ_GUARDED_BY(mMutex) = + DisabledTrackMode::ENABLED; nsTArray<RefPtr<DirectMediaTrackListener>> mDirectTrackListeners MOZ_GUARDED_BY(mMutex); }; ===================================== gfx/2d/RecordedEventImpl.h ===================================== @@ -65,7 +65,7 @@ class RecordedDrawTargetCreation BackendType mBackendType; IntRect mRect; SurfaceFormat mFormat; - bool mHasExistingData; + bool mHasExistingData = false; RefPtr<SourceSurface> mExistingData; private: ===================================== gfx/2d/RecordingTypes.h ===================================== @@ -24,6 +24,28 @@ struct ElementStreamFormat { aStream.read(reinterpret_cast<char*>(&aElement), sizeof(T)); } }; +template <class S> +struct ElementStreamFormat<S, bool> { + static void Write(S& aStream, const bool& aElement) { + char boolChar = aElement ? '\x01' : '\x00'; + aStream.write(&boolChar, sizeof(boolChar)); + } + static void Read(S& aStream, bool& aElement) { + char boolChar; + aStream.read(&boolChar, sizeof(boolChar)); + switch (boolChar) { + case '\x00': + aElement = false; + break; + case '\x01': + aElement = true; + break; + default: + aStream.SetIsBad(); + break; + } + } +}; template <class S, class T> void WriteElement(S& aStream, const T& aElement) { ===================================== netwerk/cookie/CookieCommons.cpp ===================================== @@ -200,9 +200,9 @@ bool CookieCommons::CheckNameAndValueSize(const CookieStruct& aCookieData) { bool CookieCommons::CheckName(const CookieStruct& aCookieData) { const char illegalNameCharacters[] = { - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, - 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, - 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x00}; + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, + 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x3B, 0x3D, 0x7F, 0x00}; const auto* start = aCookieData.name().BeginReading(); const auto* end = aCookieData.name().EndReading(); ===================================== testing/web-platform/meta/cookies/name/name-ctl.html.ini ===================================== @@ -11,36 +11,6 @@ [Cookie with %xd in name is rejected (DOM).] expected: FAIL - [Cookie with %x7f in name is rejected (DOM).] - expected: FAIL - - [Cookie with %x0 in name is rejected or modified (HTTP).] - expected: FAIL - - [Cookie with %x1 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x2 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x3 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x4 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x5 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x6 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x7 in name is rejected (HTTP).] - expected: FAIL - - [Cookie with %x8 in name is rejected (HTTP).] - expected: FAIL - [Cookie with %x9 in name is accepted (HTTP).] expected: FAIL ===================================== testing/web-platform/meta/service-workers/cache-storage/cache-put.https.any.js.ini deleted ===================================== @@ -1,26 +0,0 @@ -[cache-put.https.any.serviceworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.sharedworker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL - - -[cache-put.https.any.worker.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [Cache.put with a VARY:* opaque response should not reject] - expected: FAIL ===================================== toolkit/components/httpsonlyerror/content/errorpage.html ===================================== @@ -67,6 +67,7 @@ <button id="openInsecure" data-l10n-id="about-httpsonly-button-continue-to-site" + inert ></button> </div> <div class="suggestion-box" hidden> ===================================== toolkit/components/httpsonlyerror/content/errorpage.js ===================================== @@ -34,6 +34,11 @@ function initPage() { .getElementById("openInsecure") .addEventListener("click", onOpenInsecureButtonClick); + const delay = RPMGetIntPref("security.dialog_enable_delay", 1000); + setTimeout(() => { + document.getElementById("openInsecure").removeAttribute("inert"); + }, delay); + if (window.top == window) { document .getElementById("goBack") ===================================== toolkit/components/search/OpenSearchEngine.sys.mjs ===================================== @@ -144,7 +144,12 @@ export class OpenSearchEngine extends SearchEngine { lazy.logConsole.debug("_install: Downloading engine from:", loadURI.spec); - var chan = lazy.SearchUtils.makeChannel(loadURI); + var chan = lazy.SearchUtils.makeChannel( + loadURI, + // OpenSearchEngine is loading a definition file for a search engine, + // TYPE_DOCUMENT captures that load best + Ci.nsIContentPolicy.TYPE_DOCUMENT + ); if (this._engineToUpdate && chan instanceof Ci.nsIHttpChannel) { var lastModified = this._engineToUpdate.getAttr("updatelastmodified"); ===================================== toolkit/components/search/SearchEngine.sys.mjs ===================================== @@ -821,7 +821,10 @@ export class SearchEngine { this._hasPreferredIcon = isPreferred; }; - let chan = lazy.SearchUtils.makeChannel(uri); + let chan = lazy.SearchUtils.makeChannel( + uri, + Ci.nsIContentPolicy.TYPE_IMAGE + ); let listener = new lazy.SearchUtils.LoadListener( chan, /^image\//, ===================================== toolkit/components/search/SearchUtils.sys.mjs ===================================== @@ -248,19 +248,24 @@ export var SearchUtils = { * * @param {string|nsIURI} url * The URL string from which to create an nsIChannel. + * @param {nsIContentPolicy} contentPolicyType + * The type of document being loaded. * @returns {nsIChannel} * an nsIChannel object, or null if the url is invalid. */ - makeChannel(url) { + makeChannel(url, contentPolicyType) { + if (!contentPolicyType) { + throw new Error("makeChannel called with invalid content policy type"); + } try { let uri = typeof url == "string" ? Services.io.newURI(url) : url; return Services.io.newChannelFromURI( uri, null /* loadingNode */, - Services.scriptSecurityManager.getSystemPrincipal(), + Services.scriptSecurityManager.createNullPrincipal({}), null /* triggeringPrincipal */, Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL, - Ci.nsIContentPolicy.TYPE_OTHER + contentPolicyType ); } catch (ex) {} ===================================== toolkit/components/search/tests/xpcshell/data/iconsRedirect.sjs ===================================== @@ -10,7 +10,7 @@ function handleRequest(request, response) { response.setStatusLine("1.1", 302, "Moved"); if (request.queryString == "type=invalid") { response.setHeader("Content-Type", "image/png", false); - response.setHeader("Location", "engine.xml", false); + response.setHeader("Location", "/head_search.js", false); } else { response.setHeader("Content-Type", "text/html", false); response.setHeader("Location", "remoteIcon.ico", false); ===================================== toolkit/components/search/tests/xpcshell/test_opensearch_icons_invalid.js ===================================== @@ -12,9 +12,11 @@ add_task(async function setup() { }); add_task(async function test_installedresourceicon() { + // Attempts to load a resource:// url as an icon. let engine1 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/resourceicon.xml`, }); + // Attempts to load a chrome:// url as an icon. let engine2 = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}opensearch/chromeicon.xml`, }); @@ -32,12 +34,13 @@ add_task(async function test_installedhttpplace() { // The easiest way to test adding the icon is via a generated xml, otherwise // we have to somehow insert the address of the server into it. + // Attempts to load a non-image page into an image icon. let engine = await SearchTestUtils.promiseNewSearchEngine({ url: `${gDataUrl}data/engineMaker.sjs?` + JSON.stringify({ baseURL: gDataUrl, - image: "opensearch/resourceicon.xml", + image: "head_search.js", name: "invalidicon", method: "GET", }), ===================================== toolkit/components/search/tests/xpcshell/test_webextensions_install.js ===================================== @@ -5,6 +5,8 @@ const { promiseShutdownManager, promiseStartupManager } = AddonTestUtils; +let gBaseUrl; + async function getEngineNames() { let engines = await Services.search.getEngines(); return engines.map(engine => engine._name); @@ -13,6 +15,8 @@ async function getEngineNames() { add_task(async function setup() { let server = useHttpServer(); server.registerContentType("sjs", "sjs"); + gBaseUrl = `http://localhost:${server.identity.primaryPort}/`; + await SearchTestUtils.useTestEngines("test-extensions"); await promiseStartupManager(); @@ -132,7 +136,7 @@ add_task(async function test_load_favicon_invalid() { // User installs a new search engine let extension = await SearchTestUtils.installSearchExtension( { - favicon_url: `${gDataUrl}engine.xml`, + favicon_url: `${gBaseUrl}/head_search.js`, }, { skipUnload: true } ); ===================================== toolkit/modules/RemotePageAccessManager.sys.mjs ===================================== @@ -66,6 +66,7 @@ export let RemotePageAccessManager = { }, "about:httpsonlyerror": { RPMGetFormatURLPref: ["app.support.baseURL"], + RPMGetIntPref: ["security.dialog_enable_delay"], RPMSendAsyncMessage: ["goBack", "openInsecure"], RPMAddMessageListener: ["WWWReachable"], RPMTryPingSecureWWWLink: ["*"], View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/466147…
-- View it on GitLab:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/466147…
You're receiving this email because of your account on
gitlab.torproject.org
.
1
0
0
0
← Newer
1
2
3
4
5
6
...
17
Older →
Jump to page:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Results per page:
10
25
50
100
200