#525: data URL opaque origins M1324406 M1381728

2024-06-10 18:29:43 +00:00 · 2018-09-27 11:01:54 -07:00 · 2018-09-27 11:01:54 -07:00 · 3920907ee4
commit 3920907ee4
parent b95f6e9680
5 changed files with 41 additions and 6 deletions
--- a/dom/base/nsObjectLoadingContent.cpp
+++ b/dom/base/nsObjectLoadingContent.cpp
@ -22,6 +22,7 @@
 #include "nsIExternalProtocolHandler.h"
 #include "nsIInterfaceRequestorUtils.h"
 #include "nsIObjectFrame.h"
 #include "nsIOService.h"
 #include "nsIPermissionManager.h"
 #include "nsPluginHost.h"
 #include "nsPluginInstanceOwner.h"
@ -2524,8 +2525,14 @@ nsObjectLoadingContent::OpenChannel()
                                                               mURI,
                                                               true,   // aInheritForAboutBlank
                                                               false); // aForceInherit
-  nsSecurityFlags securityFlags = nsILoadInfo::SEC_NORMAL;
+  nsSecurityFlags securityFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL;
-  if (inherit) {
+
  bool isData;
  bool isURIUniqueOrigin = nsIOService::IsDataURIUniqueOpaqueOrigin() &&
                           NS_SUCCEEDED(mURI->SchemeIs("data", &isData)) &&
                           isData;
  if (inherit && !isURIUniqueOrigin) {
    securityFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
  }
  if (isSandBoxed) {
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@ -2003,6 +2003,13 @@ pref("security.cert_pinning.enforcement_level", 0);
 // for tests.
 pref("security.cert_pinning.process_headers_from_non_builtin_roots", false);
 // Bug 1324406: Treat 'data:' documents as unique, opaque origins
 // If true, data: URIs will be treated as unique opaque origins, hence will use
 // a NullPrincipal as the security context.
 // Otherwise it will inherit the origin from parent node, this is the legacy
 // behavior of Firefox.
 pref("security.data_uri.unique_opaque_origin", true);
 // Modifier key prefs: default to Windows settings,
 // menu access key = alt, accelerator key = control.
 // Use 17 for Ctrl, 18 for Alt, 224 for Meta, 91 for Win, 0 for none. Mac settings in macprefs.js
--- a/netwerk/base/nsIOService.cpp
+++ b/netwerk/base/nsIOService.cpp
@ -166,7 +166,9 @@ static const char kNetworkActiveChanged[] = "network-active-changed";
 uint32_t   nsIOService::gDefaultSegmentSize = 4096;
 uint32_t   nsIOService::gDefaultSegmentCount = 24;
-bool nsIOService::sTelemetryEnabled = false;
+bool nsIOService::sIsDataURIUniqueOpaqueOrigin = false;
 //bool nsIOService::sTelemetryEnabled = false;
 NS_IMPL_ISUPPORTS(nsAppOfflineInfo, nsIAppOfflineInfo)
@ -250,7 +252,8 @@ nsIOService::Init()
    else
        NS_WARNING("failed to get observer service");
-    Preferences::AddBoolVarCache(&sTelemetryEnabled, "toolkit.telemetry.enabled", false);
+    //Preferences::AddBoolVarCache(&sTelemetryEnabled, "toolkit.telemetry.enabled", false);
    Preferences::AddBoolVarCache(&sIsDataURIUniqueOpaqueOrigin, "security.data_uri.unique_opaque_origin", true);
    Preferences::AddBoolVarCache(&mOfflineMirrorsConnectivity, OFFLINE_MIRRORS_CONNECTIVITY, true);
    gIOService = this;
@ -715,6 +718,7 @@ nsIOService::NewChannelFromURIWithProxyFlagsInternal(nsIURI* aURI,
    if (NS_FAILED(rv))
        return rv;
 #if(0)
    if (sTelemetryEnabled) {
        nsAutoCString path;
        aURI->GetPath(path);
@ -736,6 +740,7 @@ nsIOService::NewChannelFromURIWithProxyFlagsInternal(nsIURI* aURI,
        Telemetry::Accumulate(Telemetry::URL_PATH_CONTAINS_EXCLAMATION_DOUBLE_SLASH,
                              hasBangDoubleSlash);
    }
 #endif
    nsCOMPtr<nsIProtocolHandler> handler;
    rv = GetProtocolHandler(scheme.get(), getter_AddRefs(handler));
@ -2066,3 +2071,9 @@ nsIOService::IsAppOffline(uint32_t aAppId, bool* aResult)
    return NS_OK;
 }
 /*static*/ bool
 nsIOService::IsDataURIUniqueOpaqueOrigin()
 {
    return sIsDataURIUniqueOpaqueOrigin;
 }
--- a/netwerk/base/nsIOService.h
+++ b/netwerk/base/nsIOService.h
@ -87,6 +87,8 @@ public:
    bool IsShutdown() { return mShutdown; }
    bool IsLinkUp();
    static bool IsDataURIUniqueOpaqueOrigin();
    // Should only be called from NeckoChild. Use SetAppOffline instead.
    void SetAppOfflineInternal(uint32_t appId, int32_t status);
@ -174,7 +176,8 @@ private:
    // that is used especially in IsAppOffline
    nsDataHashtable<nsUint32HashKey, int32_t> mAppsOfflineStatus;
-    static bool                          sTelemetryEnabled;
+    //static bool                          sTelemetryEnabled;
    static bool                          sIsDataURIUniqueOpaqueOrigin;
    // These timestamps are needed for collecting telemetry on PR_Connect,
    // PR_ConnectContinue and PR_Close blocking time.  If we spend very long
--- a/netwerk/protocol/data/nsDataHandler.cpp
+++ b/netwerk/protocol/data/nsDataHandler.cpp
@ -55,9 +55,16 @@ nsDataHandler::GetDefaultPort(int32_t *result) {
 NS_IMETHODIMP
 nsDataHandler::GetProtocolFlags(uint32_t *result) {
-    *result = URI_NORELATIVE | URI_NOAUTH | URI_INHERITS_SECURITY_CONTEXT |
+    *result = URI_NORELATIVE | URI_NOAUTH |
        URI_LOADABLE_BY_ANYONE | URI_NON_PERSISTABLE | URI_IS_LOCAL_RESOURCE |
        URI_SYNC_LOAD_IS_OK;
    // From bug 1324406:
    // data: URIs inherit the security context.
    if (!nsIOService::IsDataURIUniqueOpaqueOrigin()) {
        *result |= URI_INHERITS_SECURITY_CONTEXT;
    }
    return NS_OK;
 }