Bug 1354633 - When privacy.resistFingerprinting = true, MediaError.message can only get whitelisted messages r=arthuredelstein,jwwang
authorChung-Sheng Fu <cfu@mozilla.com>
Fri, 04 Aug 2017 18:46:26 +0800
changeset 378265 120bb4c9f8aaf17fbb50d21573d778a705fe303a
parent 378264 53f5d47a7cb0f32f7cc1281f8ca5ce5f855e3fc4
child 378266 bdd7fa60afcf91bd67e10ce16d14a753c70b7fa9
push id50247
push userryanvm@gmail.com
push dateFri, 01 Sep 2017 19:29:09 +0000
treeherderautoland@bdd7fa60afcf [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersarthuredelstein, jwwang
bugs1354633
milestone57.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1354633 - When privacy.resistFingerprinting = true, MediaError.message can only get whitelisted messages r=arthuredelstein,jwwang MozReview-Commit-ID: mYBftzcZT5
dom/html/MediaError.cpp
--- a/dom/html/MediaError.cpp
+++ b/dom/html/MediaError.cpp
@@ -1,17 +1,24 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "mozilla/dom/MediaError.h"
+
+#include <string>
+#include <unordered_set>
+
 #include "nsDOMClassInfoID.h"
 #include "mozilla/dom/MediaErrorBinding.h"
+#include "nsContentUtils.h"
+#include "nsIScriptError.h"
+#include "jsapi.h"
 
 namespace mozilla {
 namespace dom {
 
 NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(MediaError, mParent)
 NS_IMPL_CYCLE_COLLECTING_ADDREF(MediaError)
 NS_IMPL_CYCLE_COLLECTING_RELEASE(MediaError)
 
@@ -26,16 +33,60 @@ MediaError::MediaError(HTMLMediaElement*
   , mCode(aCode)
   , mMessage(aMessage)
 {
 }
 
 void
 MediaError::GetMessage(nsAString& aResult) const
 {
+  // When fingerprinting resistance is enabled, only messages in this list
+  // can be returned to content script.
+  static const std::unordered_set<std::string> whitelist = {
+    "404: Not Found"
+    // TODO
+  };
+
+  bool shouldBlank = (whitelist.find(mMessage.get()) == whitelist.end());
+
+  if (shouldBlank) {
+    // Print a warning message to JavaScript console to alert developers of
+    // a non-whitelisted error message.
+    nsAutoCString message =
+      NS_LITERAL_CSTRING(
+        "This error message will be blank when privacy.resistFingerprinting = true."
+        "  If it is really necessary, please add it to the whitelist in"
+        " MediaError::GetMessage: ") +
+      mMessage;
+    nsIDocument* ownerDoc = mParent->OwnerDoc();
+    AutoJSAPI api;
+    if (api.Init(ownerDoc->GetScopeObject())) {
+      // We prefer this API because it can also print to our debug log and
+      // try server's log viewer.
+      JS_ReportWarningASCII(api.cx(), "%s", message.get());
+    } else {
+      // If failed to use JS_ReportWarningASCII, fall back to
+      // nsContentUtils::ReportToConsoleNonLocalized, which can only print to
+      // JavaScript console.
+      nsContentUtils::ReportToConsoleNonLocalized(
+        NS_ConvertASCIItoUTF16(message),
+        nsIScriptError::warningFlag,
+        NS_LITERAL_CSTRING("MediaError"),
+        ownerDoc
+      );
+    }
+  }
+
+  if (!nsContentUtils::IsCallerChrome() &&
+      nsContentUtils::ShouldResistFingerprinting() &&
+      shouldBlank) {
+    aResult.Truncate();
+    return;
+  }
+
   CopyUTF8toUTF16(mMessage, aResult);
 }
 
 JSObject*
 MediaError::WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto)
 {
   return MediaErrorBinding::Wrap(aCx, this, aGivenProto);
 }