[tor-commits] [tor-browser] 01/14: Bug 1762078 - Blocking SerivceWorker interception for no_cors cross-origin range request. r=dom-worker-reviewers, karlt, a=dmeehan

gitolite role git at cupani.torproject.org
Thu Nov 17 14:03:40 UTC 2022


This is an automated email from the git hooks/post-receive script.

richard pushed a commit to branch tor-browser-91.13.0esr-11.5-1
in repository tor-browser.

commit 1846b2503b265a81dd68a280402fcaff042168e4
Author: Eden Chuang <echuang at mozilla.com>
AuthorDate: Wed Oct 19 21:38:04 2022 +0000

    Bug 1762078 - Blocking SerivceWorker interception for no_cors cross-origin range request. r=dom-worker-reviewers,karlt, a=dmeehan
    
    Differential Revision: https://phabricator.services.mozilla.com/D146553
---
 .../ServiceWorkerInterceptController.cpp           | 59 ++++++++++++++--------
 dom/serviceworkers/moz.build                       |  7 +++
 .../meta/fetch/range/sw.https.window.js.ini        | 24 +++++++--
 3 files changed, 66 insertions(+), 24 deletions(-)

diff --git a/dom/serviceworkers/ServiceWorkerInterceptController.cpp b/dom/serviceworkers/ServiceWorkerInterceptController.cpp
index 3869d6bbe5de..4dfcaedfcf73 100644
--- a/dom/serviceworkers/ServiceWorkerInterceptController.cpp
+++ b/dom/serviceworkers/ServiceWorkerInterceptController.cpp
@@ -9,11 +9,14 @@
 #include "mozilla/BasePrincipal.h"
 #include "mozilla/StaticPrefs_dom.h"
 #include "mozilla/StorageAccess.h"
+#include "mozilla/dom/InternalRequest.h"
+#include "mozilla/net/HttpBaseChannel.h"
 #include "nsCOMPtr.h"
 #include "nsContentUtils.h"
 #include "nsIChannel.h"
 #include "ServiceWorkerManager.h"
 #include "nsIPrincipal.h"
+#include "nsQueryObject.h"
 
 namespace mozilla {
 namespace dom {
@@ -37,29 +40,45 @@ ServiceWorkerInterceptController::ShouldPrepareForIntercept(
   if (!nsContentUtils::IsNonSubresourceRequest(aChannel)) {
     const Maybe<ServiceWorkerDescriptor>& controller =
         loadInfo->GetController();
+
     // If the controller doesn't handle fetch events, return false
-    if (controller.isSome()) {
-      *aShouldIntercept = controller.ref().HandlesFetch();
-
-      // The service worker has no fetch event handler, try to schedule a
-      // soft-update through ServiceWorkerRegistrationInfo.
-      // Get ServiceWorkerRegistrationInfo by the ServiceWorkerInfo's principal
-      // and scope
-      if (!*aShouldIntercept && swm) {
-        nsCOMPtr<nsIPrincipal> principal =
-            controller.ref().GetPrincipal().unwrap();
-        RefPtr<ServiceWorkerRegistrationInfo> registration =
-            swm->GetRegistration(principal, controller.ref().Scope());
-        // Could not get ServiceWorkerRegistration here if unregister is
-        // executed before getting here.
-        if (NS_WARN_IF(!registration)) {
-          return NS_OK;
-        }
-        registration->MaybeScheduleTimeCheckAndUpdate();
+    if (!controller.isSome()) {
+      return NS_OK;
+    }
+
+    *aShouldIntercept = controller.ref().HandlesFetch();
+
+    // The service worker has no fetch event handler, try to schedule a
+    // soft-update through ServiceWorkerRegistrationInfo.
+    // Get ServiceWorkerRegistrationInfo by the ServiceWorkerInfo's principal
+    // and scope
+    if (!*aShouldIntercept && swm) {
+      nsCOMPtr<nsIPrincipal> principal =
+          controller.ref().GetPrincipal().unwrap();
+      RefPtr<ServiceWorkerRegistrationInfo> registration =
+          swm->GetRegistration(principal, controller.ref().Scope());
+      // Could not get ServiceWorkerRegistration here if unregister is
+      // executed before getting here.
+      if (NS_WARN_IF(!registration)) {
+        return NS_OK;
       }
-    } else {
-      *aShouldIntercept = false;
+      registration->MaybeScheduleTimeCheckAndUpdate();
     }
+
+    RefPtr<net::HttpBaseChannel> httpChannel = do_QueryObject(aChannel);
+
+    if (httpChannel &&
+        httpChannel->GetRequestHead()->HasHeader(net::nsHttp::Range)) {
+      RequestMode requestMode =
+          InternalRequest::MapChannelToRequestMode(aChannel);
+      bool mayLoad = nsContentUtils::CheckMayLoad(
+          loadInfo->GetLoadingPrincipal(), aChannel,
+          /*allowIfInheritsPrincipal*/ false);
+      if (requestMode == RequestMode::No_cors && !mayLoad) {
+        *aShouldIntercept = false;
+      }
+    }
+
     return NS_OK;
   }
 
diff --git a/dom/serviceworkers/moz.build b/dom/serviceworkers/moz.build
index 885c87dace33..11100a511317 100644
--- a/dom/serviceworkers/moz.build
+++ b/dom/serviceworkers/moz.build
@@ -103,6 +103,13 @@ IPDL_SOURCES += [
     "ServiceWorkerRegistrarTypes.ipdlh",
 ]
 
+LOCAL_INCLUDES += [
+    # For HttpBaseChannel.h dependencies
+    "/netwerk/base",
+    # For HttpBaseChannel.h
+    "/netwerk/protocol/http",
+]
+
 include("/ipc/chromium/chromium-config.mozbuild")
 
 FINAL_LIBRARY = "xul"
diff --git a/testing/web-platform/meta/fetch/range/sw.https.window.js.ini b/testing/web-platform/meta/fetch/range/sw.https.window.js.ini
index f1c1ad7348bc..e3b1e847940b 100644
--- a/testing/web-platform/meta/fetch/range/sw.https.window.js.ini
+++ b/testing/web-platform/meta/fetch/range/sw.https.window.js.ini
@@ -2,10 +2,8 @@
   disabled:
     if asan and (os == "linux") and (bits == 64): https://bugzilla.mozilla.org/show_bug.cgi?id=1509373
   max-asserts: 2
-  expected:
-    if (os == "linux") and not debug and webrender and not fission: [OK, ERROR]
-    if (os == "win") and (processor == "x86") and not debug: [OK, TIMEOUT]
-    if (os == "mac") and not debug: [OK, ERROR]
+  expected: TIMEOUT # see previous revision for how to re-enable
+
   [Ranged response not allowed following no-cors ranged request]
     expected:
       if (os == "linux") and not debug and webrender: [FAIL, PASS]
@@ -30,3 +28,21 @@
     expected:
       if (processor == "x86") and not debug: [PASS, NOTRUN]
 
+  [Defer range header filter tests to service worker]
+    expected: TIMEOUT
+
+  [Defer range header passthrough tests to service worker]
+    expected: NOTRUN
+
+  [Ranged response not allowed following no-cors ranged request]
+    expected: NOTRUN
+
+  [Non-opaque ranged response executed]
+    expected: NOTRUN
+
+  [Accept-Encoding should not appear in a service worker]
+    expected: NOTRUN
+
+  [Opaque range preload successes and failures should be indistinguishable]
+    expected: NOTRUN
+

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the tor-commits mailing list