[tor-commits] [tor-browser/tor-browser-38.1.0esr-5.0-1] Revert "Bug #15502. Isolate blob URLs to first party; no blobURLs in Web Workers"

mikeperry at torproject.org mikeperry at torproject.org
Tue Jul 28 08:41:37 UTC 2015 

commit b4d97bc75ff672725fd80e0c640748a74c6edc3e
Author: Arthur Edelstein <arthuredelstein at gmail.com>
Date:   Thu Jul 2 12:54:18 2015 -0700

    Revert "Bug #15502. Isolate blob URLs to first party; no blobURLs in Web Workers"
    
    This reverts commit 7a8d11b1ef502688c97d7900c57361c4be6ae13a.
---
 .../pdfjs/content/PdfStreamConverter.jsm           |    7 +-----
 .../extensions/pdfjs/content/build/pdf.worker.js   |    9 +-------
 dom/base/ThirdPartyUtil.cpp                        |    9 --------
 dom/base/nsHostObjectProtocolHandler.cpp           |   23 ++------------------
 dom/workers/URL.cpp                                |    7 ------
 netwerk/base/mozIThirdPartyUtil.idl                |   14 ------------
 6 files changed, 4 insertions(+), 65 deletions(-)

diff --git a/browser/extensions/pdfjs/content/PdfStreamConverter.jsm b/browser/extensions/pdfjs/content/PdfStreamConverter.jsm
index 26515be..11db211 100644
--- a/browser/extensions/pdfjs/content/PdfStreamConverter.jsm
+++ b/browser/extensions/pdfjs/content/PdfStreamConverter.jsm
@@ -250,12 +250,6 @@ ChromeActions.prototype = {
       filename = 'document.pdf';
     }
     var blobUri = data.blobUrl ? NetUtil.newURI(data.blobUrl) : originalUri;
-    var netChannel;
-    try {
-      netChannel = NetUtil.newChannel(blobUri);
-    } catch (e) {
-      netChannel = NetUtil.newChannel(originalUri);
-    }
     var extHelperAppSvc =
           Cc['@mozilla.org/uriloader/external-helper-app-service;1'].
              getService(Ci.nsIExternalHelperAppService);
@@ -263,6 +257,7 @@ ChromeActions.prototype = {
                          getService(Ci.nsIWindowWatcher).activeWindow;
 
     var docIsPrivate = this.isInPrivateBrowsing();
+    var netChannel = NetUtil.newChannel(blobUri);
     if ('nsIPrivateBrowsingChannel' in Ci &&
         netChannel instanceof Ci.nsIPrivateBrowsingChannel) {
       netChannel.setPrivate(docIsPrivate);
diff --git a/browser/extensions/pdfjs/content/build/pdf.worker.js b/browser/extensions/pdfjs/content/build/pdf.worker.js
index a5dfe2f..c9de2ea 100644
--- a/browser/extensions/pdfjs/content/build/pdf.worker.js
+++ b/browser/extensions/pdfjs/content/build/pdf.worker.js
@@ -1152,14 +1152,7 @@ PDFJS.createObjectURL = (function createObjectURLClosure() {
     if (!PDFJS.disableCreateObjectURL &&
         typeof URL !== 'undefined' && URL.createObjectURL) {
       var blob = PDFJS.createBlob(data, contentType);
-      try {
-        return URL.createObjectURL(blob);
-      } catch(e) {
-        // URL.createObjectURL has thrown an error; continue to
-        // data schema fallback.
-        // TODO: Remove this try-catch when we re-enable
-        // createObjectURL in workers.
-      }
+      return URL.createObjectURL(blob);
     }
 
     var buffer = 'data:' + contentType + ';base64,';
diff --git a/dom/base/ThirdPartyUtil.cpp b/dom/base/ThirdPartyUtil.cpp
index eb09b43..d0aed3a 100644
--- a/dom/base/ThirdPartyUtil.cpp
+++ b/dom/base/ThirdPartyUtil.cpp
@@ -746,12 +746,3 @@ ThirdPartyUtil::GetFirstPartyHostForIsolation(nsIURI *aFirstPartyURI,
   aHost.Append("--");
   return NS_OK;
 }
-
-NS_IMETHODIMP
-ThirdPartyUtil::GetFirstPartyHostFromCaller(nsACString& aHost) {
-  nsCOMPtr<nsIURI> uri;
-  nsresult rv = GetFirstPartyIsolationURI(nullptr,
-                 nsContentUtils::GetDocumentFromCaller(), getter_AddRefs(uri));
-  NS_ENSURE_SUCCESS(rv, rv);
-  return GetFirstPartyHostForIsolation(uri, aHost);
-}
diff --git a/dom/base/nsHostObjectProtocolHandler.cpp b/dom/base/nsHostObjectProtocolHandler.cpp
index 8c440f4..aac33f9 100644
--- a/dom/base/nsHostObjectProtocolHandler.cpp
+++ b/dom/base/nsHostObjectProtocolHandler.cpp
@@ -16,7 +16,6 @@
 #include "mozilla/dom/File.h"
 #include "mozilla/Preferences.h"
 #include "mozilla/LoadInfo.h"
-#include "mozIThirdPartyUtil.h"
 
 using mozilla::dom::FileImpl;
 using mozilla::ErrorResult;
@@ -30,20 +29,9 @@ struct DataInfo
   nsCOMPtr<nsISupports> mObject;
   nsCOMPtr<nsIPrincipal> mPrincipal;
   nsCString mStack;
-  nsCString mFirstPartyHost;
 };
 
 static nsClassHashtable<nsCStringHashKey, DataInfo>* gDataTable;
-static nsCOMPtr<mozIThirdPartyUtil> gThirdPartyUtilService;
-
-static nsCString GetFirstPartyHostFromCaller() {
-  if (!gThirdPartyUtilService) {
-    gThirdPartyUtilService = do_GetService(THIRDPARTYUTIL_CONTRACTID);
-  }
-  nsCString host;
-  gThirdPartyUtilService->GetFirstPartyHostFromCaller(host);
-  return host;
-}
 
 // Memory reporting for the hash table.
 namespace mozilla {
@@ -325,8 +313,6 @@ nsHostObjectProtocolHandler::AddDataEntry(const nsACString& aScheme,
 
   info->mObject = aObject;
   info->mPrincipal = aPrincipal;
-  // Record the first party host that originated this object.
-  info->mFirstPartyHost = GetFirstPartyHostFromCaller();
   mozilla::BlobURLsReporter::GetJSStackForBlob(info);
 
   gDataTable->Put(aUri, info);
@@ -451,10 +437,7 @@ GetDataObject(nsIURI* aURI)
   aURI->GetSpec(spec);
 
   DataInfo* info = GetDataInfo(spec);
-  // Deny access to this object if the current first-party host
-  // doesn't match the originating first-party host.
-  return (info && info->mFirstPartyHost == GetFirstPartyHostFromCaller())
-         ? info->mObject : nullptr;
+  return info ? info->mObject : nullptr;
 }
 
 // -----------------------------------------------------------------------
@@ -512,9 +495,7 @@ nsHostObjectProtocolHandler::NewChannel2(nsIURI* uri,
 
   DataInfo* info = GetDataInfo(spec);
 
-  // Deny access to this URI if the current first party host
-  // doesn't match the first party host when it was created.
-  if (!info || (info->mFirstPartyHost != GetFirstPartyHostFromCaller())) {
+  if (!info) {
     return NS_ERROR_DOM_BAD_URI;
   }
 
diff --git a/dom/workers/URL.cpp b/dom/workers/URL.cpp
index 2ad1276..fbf6987 100644
--- a/dom/workers/URL.cpp
+++ b/dom/workers/URL.cpp
@@ -889,13 +889,6 @@ URL::CreateObjectURL(const GlobalObject& aGlobal, File& aBlob,
   JSContext* cx = aGlobal.Context();
   WorkerPrivate* workerPrivate = GetWorkerPrivateFromContext(cx);
 
-  if (!workerPrivate->IsChromeWorker()) {
-    workerPrivate->ReportError(cx, "Worker attempted to use createObjectURL; denied.", nullptr);
-    NS_NAMED_LITERAL_STRING(argStr, "URL.createObjectURL");
-    aRv.ThrowTypeError(MSG_METHOD_THIS_UNWRAPPING_DENIED, &argStr);
-    return;
-  }
-
   nsRefPtr<FileImpl> blobImpl = aBlob.Impl();
   MOZ_ASSERT(blobImpl);
 
diff --git a/netwerk/base/mozIThirdPartyUtil.idl b/netwerk/base/mozIThirdPartyUtil.idl
index a06841d..68a7099 100644
--- a/netwerk/base/mozIThirdPartyUtil.idl
+++ b/netwerk/base/mozIThirdPartyUtil.idl
@@ -262,20 +262,6 @@ interface mozIThirdPartyUtil : nsISupports
    */
   AUTF8String getFirstPartyHostForIsolation(in nsIURI aFirstPartyURI);
 
-  /**
-   * getFirstPartyHostFromCaller
-   *
-   * Obtain the host or pseudo-host for the first party URI belonging
-   * to the calling document. See getFirstPartyHostForIsolation(...) for
-   * examples.
-   *
-   * @return host or pseudo host.
-   *
-   * @throws if the calling document's first party URI lacks a host
-   *         and the scheme is not a whitelisted one for which we
-   *         generate a pseudo host.
-   */
-  AUTF8String getFirstPartyHostFromCaller();
 };
 
 %{ C++

More information about the tor-commits mailing list