wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 927196 - Check more stuff in XHR. r=sicking

Browse Source
This commit is contained in:
Martijn Wargers 2013-10-16 19:20:51 +02:00
parent a6ca47dd4b
commit d5ef4d9173
18 changed files with 106 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
browser/extensions/shumway/content/shumway.js
View File

@ -37092,7 +37092,7 @@ var BinaryFileReader = function binaryFileReader() {
},
readAsync: function (ondata, onerror, onopen, oncomplete, onhttpstatus) {
var xhr = new XMLHttpRequest({
mozSystem: true
mozAnon: true, mozSystem: true
});
var url = this.url;
xhr.open(this.method || 'GET', url, true);

2
content/base/src/nsXMLHttpRequest.cpp
View File

@ -391,7 +391,7 @@ nsXMLHttpRequest::InitParameters(bool aAnon, bool aSystem)
// Chrome is always allowed access, so do the permission check only
// for non-chrome pages.
if (!IsSystemXHR()) {
if (!IsSystemXHR() && aSystem) {
nsCOMPtr<nsIDocument> doc = window->GetExtantDoc();
if (!doc) {
return;

5
content/base/src/nsXMLHttpRequest.h
View File

@ -198,6 +198,11 @@ public:
return nullptr;
}
if (!aParams.mMozAnon && aParams.mMozSystem) {
aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
return nullptr;
}
nsRefPtr<nsXMLHttpRequest> req = new nsXMLHttpRequest();
req->Construct(principal->GetPrincipal(), global);
req->InitParameters(aParams.mMozAnon, aParams.mMozSystem);

4
content/base/test/file_restrictedEventSource.sjs
View File

@ -5,9 +5,7 @@ function handleRequest(request, response)
request.getHeader("Authorization") == "Basic dXNlciAxOnBhc3N3b3JkIDE=") ||
(request.queryString == "test=user1_evtsrc" &&
request.hasHeader("Authorization") &&
request.getHeader("Authorization") == "Basic dXNlciAxOnBhc3N3b3JkIDE=" &&
request.hasHeader("Cookie") &&
request.getHeader("Cookie") == "test=5c")) {
request.getHeader("Authorization") == "Basic dXNlciAxOnBhc3N3b3JkIDE=")) {
response.setStatusLine(null, 200, "OK");
response.setHeader("Content-Type", "text/event-stream", false);
response.setHeader("Access-Control-Allow-Origin", "http://mochi.test:8888", false);

1
content/base/test/mochitest.ini
View File

@ -521,6 +521,7 @@ support-files =
[test_bug895974.html]
[test_bug902847.html]
[test_bug907892.html]
[test_bug927196.html]
[test_caretPositionFromPoint.html]
[test_classList.html]
[test_copypaste.html]

18
content/base/test/test_XHR_parameters.html
View File

@ -53,12 +53,11 @@ function runTests() {
}
ok(xhr instanceof XMLHttpRequest, "passed " + JSON.stringify(value));
// If the page doesnt have privileges to create a system or anon XHR,
// these flags will always be false no matter what is passed.
let expectedAnon = false;
// If the page doesnt have privileges to create a system XHR,
// this flag will always be false no matter what is passed.
let expectedAnon = Boolean(value && value.mozAnon);
let expectedSystem = false;
if (havePrivileges) {
expectedAnon = Boolean(value && value.mozAnon);
expectedSystem = Boolean(value && value.mozSystem);
}
is(xhr.mozAnon, expectedAnon, "testing mozAnon");
@ -84,13 +83,12 @@ function runTests() {
// ...and once with privileges.
havePrivileges = true;
SpecialPowers.addPermission("systemXHR", true, document);
SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], function() {
validParameters.forEach(testValidParameter);
invalidParameters.forEach(testInvalidParameter);
validParameters.forEach(testValidParameter);
invalidParameters.forEach(testInvalidParameter);
SpecialPowers.removePermission("systemXHR", document);
SimpleTest.finish();
SimpleTest.finish();
});
}
</script>

6
content/base/test/test_XHR_system.html
View File

@ -26,7 +26,7 @@ tests.push(function test_cross_origin() {
is(window.location.hostname, "mochi.test", "correct origin");
let xhr = new XMLHttpRequest({mozSystem: true});
let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozSystem, true, ".mozSystem == true");
xhr.open("GET", CROSSSITE_URL);
xhr.onload = function onload() {
@ -45,7 +45,7 @@ tests.push(function test_cross_origin() {
tests.push(function test_file_uri() {
// System XHR is not permitted to access file:/// URIs.
let xhr = new XMLHttpRequest({mozSystem: true});
let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozSystem, true, ".mozSystem == true");
xhr.open("GET", PROTECTED_URL);
let error;
@ -64,7 +64,7 @@ tests.push(function test_file_uri() {
tests.push(function test_redirect_to_file_uri() {
// System XHR won't load file:/// URIs even if an HTTP resource redirects there.
let xhr = new XMLHttpRequest({mozSystem: true});
let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozSystem, true, ".mozSystem == true");
xhr.open("GET", REDIRECT_URL);
xhr.onload = function onload() {

12
content/base/test/test_bug338583.html
View File

@ -464,8 +464,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=338583
function doTest5_c(test_id)
{
// credentials using the auth cache and cookies
var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
// credentials using the auth cache
var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
xhr.withCredentials = true;
// also, test mixed mode UI
xhr.open("GET", "https://example.com/tests/content/base/test/file_restrictedEventSource.sjs?test=user1_xhr", true, "user 1", "password 1");
@ -494,7 +494,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=338583
function doTest5_d(test_id)
{
var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
xhr.withCredentials = true;
xhr.open("GET", "https://example.com/tests/content/base/test/file_restrictedEventSource.sjs?test=user2_xhr", true, "user 2", "password 2");
xhr.send();
@ -521,8 +521,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=338583
function doTest5_e(test_id)
{
// credentials using the auth cache and cookies
var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
// credentials using the auth cache
var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
xhr.withCredentials = true;
xhr.open("GET", "http://example.org/tests/content/base/test/file_restrictedEventSource.sjs?test=user1_xhr", true, "user 1", "password 1");
xhr.send();
@ -550,7 +550,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=338583
function doTest5_f(test_id)
{
var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
xhr.withCredentials = true;
xhr.open("GET", "http://example.org/tests/content/base/test/file_restrictedEventSource.sjs?test=user2_xhr", true, "user 2", "password 2");
xhr.send();

2
content/base/test/test_bug426308.html
View File

@ -22,7 +22,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=426308
const SJS_URL = "http://example.org:80/tests/content/base/test/bug426308-redirect.sjs";
function startTest() {
var req = new XMLHttpRequest({mozAnon: false, mozSystem: true});
var req = new XMLHttpRequest({mozAnon: true, mozSystem: true});
req.open("GET", SJS_URL + "?" + window.location.href, false);
req.send(null);

2
content/base/test/test_bug431701.html
View File

@ -51,7 +51,7 @@ function createDoc() {
function xhrDoc(idx) {
return function() {
// Defy same-origin restrictions!
var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
xhr.open("GET", docSources[idx], false);
xhr.send();
return xhr.responseXML;

6
content/base/test/test_bug804395.html
View File

@ -19,7 +19,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=804395
<script type="application/javascript">
function test200() {
var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
xhr.open('GET', 'jar:http://example.org/tests/content/base/test/file_bug804395.jar!/foo.bar', true);
xhr.onreadystatechange = function() {
if (xhr.readyState == 4) {
@ -31,7 +31,7 @@ function test200() {
}
function test404() {
var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
xhr.open('GET', 'jar:http://example.org/tests/content/base/test/file_bug804395.jar!/foo.do_not_exist', true);
xhr.onreadystatechange = function() {
if (xhr.readyState == 4) {
@ -43,7 +43,7 @@ function test404() {
}
function test0() {
var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
xhr.open('GET', 'jar:http://example.org/tests/content/base/test/file_bug804395.jar!/foo.bar', true);
ok(xhr.status == 0, "Not Sent request must have status 0");
runTests();

64
content/base/test/test_bug927196.html Normal file
View File

@ -0,0 +1,64 @@
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=426308
-->
<head>
<title>Test for Bug 426308</title>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=927196">Mozilla Bug 927196</a>
<p id="display"></p>
<div id="content" style="display: none">
</div>
<pre id="test">
<script class="testbody" type="text/javascript">
/** Test for Bug 927196 **/
function startTest() {
try {
req = new XMLHttpRequest({mozSystem: true});
ok(false, "Should not be reached");
} catch(e) {
is(e.name, "SecurityError", "XMLHttpRequest should not be mozSystem");
}
req = new XMLHttpRequest({mozAnon: true});
is(req.mozAnon, true, "XMLHttpRequest should be mozAnon");
is(req.mozSystem, false, "XMLHttpRequest should not be mozSystem");
req = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(req.mozAnon, true, "XMLHttpRequest should be mozAnon");
is(req.mozSystem, true, "XMLHttpRequest should be mozSystem");
try {
req = new XMLHttpRequest({mozAnon: false, mozSystem: true});
ok(false, "Should not be reached");
} catch(e) {
is(e.name, "SecurityError", "XMLHttpRequest should throw SecurityError");
}
SimpleTest.finish();
}
SimpleTest.waitForExplicitFinish();
var req = new XMLHttpRequest({mozAnon: true});
is(req.mozAnon, true, "XMLHttpRequest should be mozAnon");
is(req.mozSystem, false, "XMLHttpRequest should not be mozSystem");
req = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(req.mozAnon, false, "XMLHttpRequest should be mozAnon");
is(req.mozSystem, false, "XMLHttpRequest should not be mozSystem");
addLoadEvent(function() {
SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], startTest);
});
</script>
</pre>
</body>
</html>

2
content/base/test/test_xhr_forbidden_headers.html
View File

@ -70,7 +70,7 @@ function startTest() {
}
// Try setting headers in privileged context
request = new XMLHttpRequest({mozAnon: false, mozSystem: true});
request = new XMLHttpRequest({mozAnon: true, mozSystem: true});
request.open("GET", window.location.href);
for (i = 0; i < headers.length; i++)
request.setRequestHeader(headers[i], "test" + i);

2
dom/permission/tests/test_systemXHR.html
View File

@ -17,7 +17,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=815105
<script type="application/javascript;version=1.8" src="file_framework.js"></script>
<script type="application/javascript;version=1.8">
function verifier(success, failure) {
var xhr = new XMLHttpRequest({mozSystem: true});
var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
if (xhr.mozSystem === true) {
success("systemXHR");
} else {

5
dom/workers/XMLHttpRequest.cpp
View File

@ -1499,6 +1499,11 @@ XMLHttpRequest::Constructor(const GlobalObject& aGlobal,
WorkerPrivate* workerPrivate = GetWorkerPrivateFromContext(cx);
MOZ_ASSERT(workerPrivate);
if (!aParams.mMozAnon && aParams.mMozSystem) {
aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
return nullptr;
}
nsRefPtr<XMLHttpRequest> xhr = new XMLHttpRequest(workerPrivate);
if (workerPrivate->XHRParamsAllowed()) {

6
dom/workers/test/test_xhr_system.html
View File

@ -26,8 +26,6 @@ function message(event) {
};
function test1() {
// ...and once with privileges.
SpecialPowers.addPermission("systemXHR", true, document);
var worker = new Worker("test_xhr_system.js");
worker.onmessage = message;
worker.postMessage(true);
@ -36,7 +34,6 @@ function test1() {
var tests = [ test1 ];
function run() {
if (!tests.length) {
SpecialPowers.removePermission("systemXHR", document);
SimpleTest.finish();
return;
}
@ -46,7 +43,8 @@ function run() {
}
SimpleTest.waitForExplicitFinish();
run();
SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], run);
</script>
</pre>

4
dom/workers/test/test_xhr_system.js
View File

@ -11,9 +11,9 @@ self.onmessage = function onmessage(event) {
// An XHR with system privileges will be able to do cross-site calls.
const TEST_URL = "http://example.com/tests/content/base/test/test_XHR_system.html";
is(location.hostname, "mochi.test", "hostname");
is(location.hostname, "mochi.test", "hostname should be mochi.test");
var xhr = new XMLHttpRequest({mozSystem: true});
var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
is(xhr.mozSystem, true, ".mozSystem == true");
xhr.open("GET", TEST_URL);
xhr.onload = function onload() {

1
testing/mochitest/manifest.webapp
View File

@ -27,7 +27,6 @@
"idle":{},
"network-events":{},
"embed-apps":{},
"systemXHR":{},
"audio-channel-content":{},
"audio-channel-alarm":{}
},