[tor-commits] [tor-browser] 12/43: Bug 1735923 - Error on opacity change. r=edenchuang, a=RyanVM

Tue May 31 07:06:55 UTC 2022

This is an automated email from the git hooks/post-receive script.

pierov pushed a commit to branch tor-browser-91.10.0esr-11.0-1
in repository tor-browser.

commit 202c10db327154a0be10d71447ab8ca35665e859
Author: Karl Tomlinson <karlt+ at karlt.net>
AuthorDate: Tue May 3 22:12:40 2022 +0000

    Bug 1735923 - Error on opacity change. r=edenchuang, a=RyanVM
---
 dom/media/ChannelMediaResource.cpp | 39 +++++++++++++++++++++++++++++++++++++-
 dom/media/ChannelMediaResource.h   | 11 +++++++----
 2 files changed, 45 insertions(+), 5 deletions(-)

diff --git a/dom/media/ChannelMediaResource.cpp b/dom/media/ChannelMediaResource.cpp
index 7643ed249f0ff..804884b1e359e 100644
--- a/dom/media/ChannelMediaResource.cpp
+++ b/dom/media/ChannelMediaResource.cpp
@@ -803,6 +803,7 @@ void ChannelMediaResource::UpdatePrincipal() {
   if (!secMan) {
     return;
   }
+  bool hadData = mSharedInfo->mPrincipal != nullptr;
   nsCOMPtr<nsIPrincipal> principal;
   secMan->GetChannelResultPrincipal(mChannel, getter_AddRefs(principal));
   if (nsContentUtils::CombineResourcePrincipals(&mSharedInfo->mPrincipal,
@@ -810,8 +811,44 @@ void ChannelMediaResource::UpdatePrincipal() {
     for (auto* r : mSharedInfo->mResources) {
       r->CacheClientNotifyPrincipalChanged();
     }
+    if (!mChannel) {  // Sometimes cleared during NotifyPrincipalChanged()
+      return;
+    }
+  }
+  nsCOMPtr<nsILoadInfo> loadInfo = mChannel->LoadInfo();
+  auto mode = loadInfo->GetSecurityMode();
+  if (mode != nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT) {
+    MOZ_ASSERT(
+        mode == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_INHERITS_SEC_CONTEXT ||
+            mode == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
+        "no-cors request");
+    bool finalResponseIsOpaque =
+        // GetChannelResultPrincipal() returns the original request URL for
+        // null-origin Responses from ServiceWorker, in which case the URL
+        // does not indicate the real source of data.  Such null-origin
+        // Responses have Basic LoadTainting.  CORS filtered Responses from
+        // ServiceWorker also cannot be mixed with no-cors cross-origin
+        // responses.
+        loadInfo->GetTainting() == LoadTainting::Opaque &&
+        // Although intermediate cross-origin redirects back to URIs with
+        // loadingPrincipal will have LoadTainting::Opaque and will taint the
+        // media element, they are not considered opaque when verifying
+        // network responses; they can be mixed with non-opaque responses from
+        // subsequent loads on the same-origin finalURI.
+        !nsContentUtils::CheckMayLoad(loadInfo->GetLoadingPrincipal(), mChannel,
+                                      /*allowIfInheritsPrincipal*/ true);
+    if (!hadData) {  // First response with data
+      mSharedInfo->mFinalResponsesAreOpaque = finalResponseIsOpaque;
+    } else if (mSharedInfo->mFinalResponsesAreOpaque != finalResponseIsOpaque) {
+      for (auto* r : mSharedInfo->mResources) {
+        r->mCallback->NotifyNetworkError(MediaResult(
+            NS_ERROR_CONTENT_BLOCKED, "opaque and non-opaque responses"));
+      }
+      // Our caller, OnStartRequest() will CloseChannel() on discovering the
+      // error, so no data will be read from the channel.
+      return;
+    }
   }
-
   // ChannelMediaResource can recreate the channel. When this happens, we don't
   // want to overwrite mHadCrossOriginRedirects because the new channel could
   // skip intermediate redirects.
diff --git a/dom/media/ChannelMediaResource.h b/dom/media/ChannelMediaResource.h
index 1de692ca89970..f1d6f185b8a66 100644
--- a/dom/media/ChannelMediaResource.h
+++ b/dom/media/ChannelMediaResource.h
@@ -68,11 +68,14 @@ class ChannelMediaResource
   struct SharedInfo {
     NS_INLINE_DECL_REFCOUNTING(SharedInfo);
 
-    SharedInfo() : mHadCrossOriginRedirects(false) {}
-
-    nsCOMPtr<nsIPrincipal> mPrincipal;
     nsTArray<ChannelMediaResource*> mResources;
-    bool mHadCrossOriginRedirects;
+    // Null if there is not yet any data from any origin.
+    nsCOMPtr<nsIPrincipal> mPrincipal;
+    // Meaningful only when mPrincipal is non-null,
+    // unaffected by intermediate cross-origin redirects.
+    bool mFinalResponsesAreOpaque = false;
+
+    bool mHadCrossOriginRedirects = false;
 
    private:
     ~SharedInfo() = default;

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
