This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch tor-browser-91.13.0esr-11.5-1 in repository tor-browser.
commit 1846b2503b265a81dd68a280402fcaff042168e4 Author: Eden Chuang echuang@mozilla.com AuthorDate: Wed Oct 19 21:38:04 2022 +0000
Bug 1762078 - Blocking SerivceWorker interception for no_cors cross-origin range request. r=dom-worker-reviewers,karlt, a=dmeehan
Differential Revision: https://phabricator.services.mozilla.com/D146553 --- .../ServiceWorkerInterceptController.cpp | 59 ++++++++++++++-------- dom/serviceworkers/moz.build | 7 +++ .../meta/fetch/range/sw.https.window.js.ini | 24 +++++++-- 3 files changed, 66 insertions(+), 24 deletions(-)
diff --git a/dom/serviceworkers/ServiceWorkerInterceptController.cpp b/dom/serviceworkers/ServiceWorkerInterceptController.cpp index 3869d6bbe5de..4dfcaedfcf73 100644 --- a/dom/serviceworkers/ServiceWorkerInterceptController.cpp +++ b/dom/serviceworkers/ServiceWorkerInterceptController.cpp @@ -9,11 +9,14 @@ #include "mozilla/BasePrincipal.h" #include "mozilla/StaticPrefs_dom.h" #include "mozilla/StorageAccess.h" +#include "mozilla/dom/InternalRequest.h" +#include "mozilla/net/HttpBaseChannel.h" #include "nsCOMPtr.h" #include "nsContentUtils.h" #include "nsIChannel.h" #include "ServiceWorkerManager.h" #include "nsIPrincipal.h" +#include "nsQueryObject.h"
namespace mozilla { namespace dom { @@ -37,29 +40,45 @@ ServiceWorkerInterceptController::ShouldPrepareForIntercept( if (!nsContentUtils::IsNonSubresourceRequest(aChannel)) { const Maybe<ServiceWorkerDescriptor>& controller = loadInfo->GetController(); + // If the controller doesn't handle fetch events, return false - if (controller.isSome()) { - *aShouldIntercept = controller.ref().HandlesFetch(); - - // The service worker has no fetch event handler, try to schedule a - // soft-update through ServiceWorkerRegistrationInfo. - // Get ServiceWorkerRegistrationInfo by the ServiceWorkerInfo's principal - // and scope - if (!*aShouldIntercept && swm) { - nsCOMPtr<nsIPrincipal> principal = - controller.ref().GetPrincipal().unwrap(); - RefPtr<ServiceWorkerRegistrationInfo> registration = - swm->GetRegistration(principal, controller.ref().Scope()); - // Could not get ServiceWorkerRegistration here if unregister is - // executed before getting here. - if (NS_WARN_IF(!registration)) { - return NS_OK; - } - registration->MaybeScheduleTimeCheckAndUpdate(); + if (!controller.isSome()) { + return NS_OK; + } + + *aShouldIntercept = controller.ref().HandlesFetch(); + + // The service worker has no fetch event handler, try to schedule a + // soft-update through ServiceWorkerRegistrationInfo. + // Get ServiceWorkerRegistrationInfo by the ServiceWorkerInfo's principal + // and scope + if (!*aShouldIntercept && swm) { + nsCOMPtr<nsIPrincipal> principal = + controller.ref().GetPrincipal().unwrap(); + RefPtr<ServiceWorkerRegistrationInfo> registration = + swm->GetRegistration(principal, controller.ref().Scope()); + // Could not get ServiceWorkerRegistration here if unregister is + // executed before getting here. + if (NS_WARN_IF(!registration)) { + return NS_OK; } - } else { - *aShouldIntercept = false; + registration->MaybeScheduleTimeCheckAndUpdate(); } + + RefPtrnet::HttpBaseChannel httpChannel = do_QueryObject(aChannel); + + if (httpChannel && + httpChannel->GetRequestHead()->HasHeader(net::nsHttp::Range)) { + RequestMode requestMode = + InternalRequest::MapChannelToRequestMode(aChannel); + bool mayLoad = nsContentUtils::CheckMayLoad( + loadInfo->GetLoadingPrincipal(), aChannel, + /*allowIfInheritsPrincipal*/ false); + if (requestMode == RequestMode::No_cors && !mayLoad) { + *aShouldIntercept = false; + } + } + return NS_OK; }
diff --git a/dom/serviceworkers/moz.build b/dom/serviceworkers/moz.build index 885c87dace33..11100a511317 100644 --- a/dom/serviceworkers/moz.build +++ b/dom/serviceworkers/moz.build @@ -103,6 +103,13 @@ IPDL_SOURCES += [ "ServiceWorkerRegistrarTypes.ipdlh", ]
+LOCAL_INCLUDES += [ + # For HttpBaseChannel.h dependencies + "/netwerk/base", + # For HttpBaseChannel.h + "/netwerk/protocol/http", +] + include("/ipc/chromium/chromium-config.mozbuild")
FINAL_LIBRARY = "xul" diff --git a/testing/web-platform/meta/fetch/range/sw.https.window.js.ini b/testing/web-platform/meta/fetch/range/sw.https.window.js.ini index f1c1ad7348bc..e3b1e847940b 100644 --- a/testing/web-platform/meta/fetch/range/sw.https.window.js.ini +++ b/testing/web-platform/meta/fetch/range/sw.https.window.js.ini @@ -2,10 +2,8 @@ disabled: if asan and (os == "linux") and (bits == 64): https://bugzilla.mozilla.org/show_bug.cgi?id=1509373 max-asserts: 2 - expected: - if (os == "linux") and not debug and webrender and not fission: [OK, ERROR] - if (os == "win") and (processor == "x86") and not debug: [OK, TIMEOUT] - if (os == "mac") and not debug: [OK, ERROR] + expected: TIMEOUT # see previous revision for how to re-enable + [Ranged response not allowed following no-cors ranged request] expected: if (os == "linux") and not debug and webrender: [FAIL, PASS] @@ -30,3 +28,21 @@ expected: if (processor == "x86") and not debug: [PASS, NOTRUN]
+ [Defer range header filter tests to service worker] + expected: TIMEOUT + + [Defer range header passthrough tests to service worker] + expected: NOTRUN + + [Ranged response not allowed following no-cors ranged request] + expected: NOTRUN + + [Non-opaque ranged response executed] + expected: NOTRUN + + [Accept-Encoding should not appear in a service worker] + expected: NOTRUN + + [Opaque range preload successes and failures should be indistinguishable] + expected: NOTRUN +