#633: M1666072 M1556259 M1558023 M1578633 bad ports update M1678413

2021-01-21 11:42:12 -08:00 · 2021-01-21 11:42:12 -08:00 · 0bb76284cd
parent 7b437c98d9
commit 0bb76284cd
5 changed files with 104 additions and 65 deletions
--- a/layout/base/nsCaret.cpp
+++ b/layout/base/nsCaret.cpp
@ -396,7 +396,7 @@ nsCaret::GetFrameAndOffset(Selection* aSelection,
    return nullptr;
  }

-  if (!focusNode || !focusNode->IsContent()) {
+  if (!focusNode || !focusNode->IsContent() || !aSelection) {
    return nullptr;
  }

--- a/netwerk/base/nsIOService.cpp
+++ b/netwerk/base/nsIOService.cpp
@ -105,7 +105,7 @@ int16_t gBadPortList[] = {
    17,    // qotd
    19,    // chargen
    20,    // ftp-data
-  21,   // ftp-cntl 
+    21,    // ftp
    22,    // ssh
    23,    // telnet
    25,    // smtp
@ -128,33 +128,47 @@ int16_t gBadPortList[] = {
    115,   // sftp
    117,   // uucp-path
    119,   // nntp
-  123,  // NTP
+    123,   // ntp
    135,   // loc-srv / epmap
    139,   // netbios
    143,   // imap2
-  179,  // BGP
+    179,   // bgp
    389,   // ldap
-  465,  // smtp+ssl
+    427,   // afp (alternate)
+    465,   // smtp (alternate)
    512,   // print / exec
    513,   // login
    514,   // shell
    515,   // printer
    526,   // tempo
    530,   // courier
-  531,  // Chat         
+    531,   // chat
    532,   // netnews
    540,   // uucp
+    548,   // afp
+    554,   // rtsp
    556,   // remotefs
    563,   // nntp+ssl
-  587,  //
-  601,  //       
+    587,   // smtp (outgoing)
+    601,   // syslog-conn
    636,   // ldap+ssl
    993,   // imap+ssl
    995,   // pop3+ssl
+    1720,  // h323hostcall
+    1723,  // pptp
    2049,  // nfs
+    3659,  // apple-sasl
    4045,  // lockd
+    5060,  // sip
+    5061,  // sips
    6000,  // x11
-  0,    // This MUST be zero so that we can populating the array
+    6665,  // irc (alternate)
+    6666,  // irc (alternate)
+    6667,  // irc (default)
+    6668,  // irc (alternate)
+    6669,  // irc (alternate)
+    6697,  // irc+tls
+    0,     // Sentinel value: This MUST be zero
 };

 static const char kProfileChangeNetTeardownTopic[] = "profile-change-net-teardown";
--- a/netwerk/protocol/viewsource/nsViewSourceChannel.cpp
+++ b/netwerk/protocol/viewsource/nsViewSourceChannel.cpp
@ -141,6 +141,10 @@ nsViewSourceChannel::InitSrcdoc(nsIURI* aURI,
    return NS_OK;
 }

+void nsViewSourceChannel::ReleaseListeners() {
+  mListener = nullptr;
+}
+
 ////////////////////////////////////////////////////////////////////////////////
 // nsIRequest methods:

@ -331,6 +335,8 @@ nsViewSourceChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *ctxt)

    if (NS_SUCCEEDED(rv)) {
        mOpened = true;
+    } else {
+        ReleaseListeners();
    }

    return rv;
@ -695,9 +701,12 @@ nsViewSourceChannel::OnStopRequest(nsIRequest *aRequest, nsISupports* aContext,
                                     nullptr, aStatus);
        }
    }
-    return mListener->OnStopRequest(static_cast<nsIViewSourceChannel*>
-                                               (this),
+
+    nsresult rv;
+    rv = mListener->OnStopRequest(static_cast<nsIViewSourceChannel*>(this),
                                  aContext, aStatus);
+    ReleaseListeners();
+    return rv;
 }


--- a/netwerk/protocol/viewsource/nsViewSourceChannel.h
+++ b/netwerk/protocol/viewsource/nsViewSourceChannel.h
@ -60,6 +60,7 @@ public:

 protected:
    ~nsViewSourceChannel() {}
+    void ReleaseListeners();

    nsCOMPtr<nsIChannel>        mChannel;
    nsCOMPtr<nsIHttpChannel>    mHttpChannel;
--- a/toolkit/components/captivedetect/captivedetect.js
+++ b/toolkit/components/captivedetect/captivedetect.js
@ -36,6 +36,15 @@ function URLFetcher(url, timeout) {
  xhr.channel.loadFlags |= Ci.nsIRequest.INHIBIT_CACHING;
  // Prevent privacy leaks
  xhr.channel.loadFlags |= Ci.nsIRequest.LOAD_ANONYMOUS;
+
+  // We don't want to follow _any_ redirects
+  xhr.channel.QueryInterface(Ci.nsIHttpChannel).redirectionLimit = 0;
+
+  // bug 1666072 - firefox.com returns a HSTS header triggering a https upgrade
+  // but the upgrade triggers an internal redirect causing an incorrect locked
+  // portal notification. We exclude CP detection from STS.
+  xhr.channel.QueryInterface(Ci.nsIHttpChannel).allowSTS = false;
+
  // The Cache-Control header is only interpreted by proxies and the
  // final destination. It does not help if a resource is already
  // cached locally.
@ -56,6 +65,12 @@ function URLFetcher(url, timeout) {
        self.onsuccess(xhr.responseText);
      } else if (xhr.status) {
        self.onredirectorerror(xhr.status);
+      } else if (xhr.channel && xhr.channel.status == Cr.NS_ERROR_REDIRECT_LOOP) {
+        // For some redirects we don't get a status, so we need to check it
+        // this way. This only works because we set the redirectionLimit to 0.
+        self.onredirectorerror(300);
+        // No need to invoke the onerror callback, we handled it here.
+        xhr.onerror = null;
      }
    }
  };