Backed out 2 changesets (bug 1560741) for mochitest failures at test_permission_isHandlingUserInput.xul. CLOSED TREE
authorBrindusan Cristian <cbrindusan@mozilla.com>
Tue, 13 Aug 2019 00:23:59 +0300
changeset 487532 46b45c5243e972afb0ed9fb47b9d512bacc6cc06
parent 487531 0281da0505bd2f0ddd652153f5e7f1963859899d
child 487540 a9697d53f08cd4e9874fe725cc7cf41b152e1feb
push id92319
push usercbrindusan@mozilla.com
push dateMon, 12 Aug 2019 21:32:14 +0000
treeherderautoland@46b45c5243e9 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs1560741
milestone70.0a1
backs outc08aa2078829f2826a58a34ea60b7bca23008bd7
9dc1d39d27866ce6254c5246a9d15f551ad02021
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out 2 changesets (bug 1560741) for mochitest failures at test_permission_isHandlingUserInput.xul. CLOSED TREE Backed out changeset c08aa2078829 (bug 1560741) Backed out changeset 9dc1d39d2786 (bug 1560741)
browser/components/BrowserGlue.jsm
browser/modules/webrtcUI.jsm
dom/locales/en-US/chrome/dom/dom.properties
dom/notification/Notification.cpp
dom/notification/test/mochitest/blank.html
dom/notification/test/mochitest/mochitest.ini
dom/notification/test/mochitest/test_notification_crossorigin_iframe.html
modules/libpref/init/StaticPrefList.yaml
toolkit/components/telemetry/Histograms.json
--- a/browser/components/BrowserGlue.jsm
+++ b/browser/components/BrowserGlue.jsm
@@ -3960,16 +3960,26 @@ ContentPermissionPrompt.prototype = {
       // user. We shouldn't record this request.
       if (ex.result != Cr.NS_ERROR_FAILURE) {
         Cu.reportError(ex);
       }
       return;
     }
     schemeHistogram.add(type, scheme);
 
+    // request.element should be the browser element in e10s.
+    if (request.element && request.element.contentPrincipal) {
+      let thirdPartyHistogram = Services.telemetry.getKeyedHistogramById(
+        "PERMISSION_REQUEST_THIRD_PARTY_ORIGIN"
+      );
+      let isThirdParty =
+        request.principal.origin != request.element.contentPrincipal.origin;
+      thirdPartyHistogram.add(type, isThirdParty);
+    }
+
     let userInputHistogram = Services.telemetry.getKeyedHistogramById(
       "PERMISSION_REQUEST_HANDLING_USER_INPUT"
     );
     userInputHistogram.add(type, request.isHandlingUserInput);
   },
 };
 
 var DefaultBrowserCheck = {
--- a/browser/modules/webrtcUI.jsm
+++ b/browser/modules/webrtcUI.jsm
@@ -1147,16 +1147,19 @@ function prompt(aBrowser, aRequest) {
     secondaryActions,
     options
   );
   notification.callID = aRequest.callID;
 
   let schemeHistogram = Services.telemetry.getKeyedHistogramById(
     "PERMISSION_REQUEST_ORIGIN_SCHEME"
   );
+  let thirdPartyHistogram = Services.telemetry.getKeyedHistogramById(
+    "PERMISSION_REQUEST_THIRD_PARTY_ORIGIN"
+  );
   let userInputHistogram = Services.telemetry.getKeyedHistogramById(
     "PERMISSION_REQUEST_HANDLING_USER_INPUT"
   );
 
   let docURI = aRequest.documentURI;
   let scheme = 0;
   if (docURI.startsWith("https")) {
     scheme = 2;
@@ -1166,16 +1169,17 @@ function prompt(aBrowser, aRequest) {
 
   for (let requestType of requestTypes) {
     if (requestType == "AudioCapture") {
       requestType = "Microphone";
     }
     requestType = requestType.toLowerCase();
 
     schemeHistogram.add(requestType, scheme);
+    thirdPartyHistogram.add(requestType, aRequest.isThirdPartyOrigin);
     userInputHistogram.add(requestType, aRequest.isHandlingUserInput);
   }
 }
 
 function removePrompt(aBrowser, aCallId) {
   let chromeWin = aBrowser.ownerGlobal;
   let notification = chromeWin.PopupNotifications.getNotification(
     "webRTC-shareDevices",
--- a/dom/locales/en-US/chrome/dom/dom.properties
+++ b/dom/locales/en-US/chrome/dom/dom.properties
@@ -319,17 +319,16 @@ LargeAllocationSuccess=This page was loa
 # LOCALIZATION NOTE: Do not translate "Large-Allocation", as it is a literal header name. Do not translate GET.
 LargeAllocationNonGetRequest=A Large-Allocation header was ignored due to the load being triggered by a non-GET request.
 # LOCALIZATION NOTE: Do not translate "Large-Allocation", as it is a literal header name. Do not translate `window.opener`.
 LargeAllocationNotOnlyToplevelInTabGroup=A Large-Allocation header was ignored due to the presence of windows which have a reference to this browsing context through the frame hierarchy or window.opener.
 # LOCALIZATION NOTE: Do not translate "Large-Allocation", as it is a literal header name
 LargeAllocationNonE10S=A Large-Allocation header was ignored due to the document not being loaded out of process.
 GeolocationInsecureRequestIsForbidden=A Geolocation request can only be fulfilled in a secure context.
 NotificationsInsecureRequestIsForbidden=The Notification permission may only be requested in a secure context.
-NotificationsCrossOriginIframeRequestIsForbidden=The Notification permission may only be requested in a top-level document or same-origin iframe.
 NotificationsRequireUserGesture=The Notification permission may only be requested from inside a short running user-generated event handler.
 # LOCALIZATION NOTE: Do not translate "Large-Allocation", as it is a literal header name.
 LargeAllocationNonWin32=This page would be loaded in a new process due to a Large-Allocation header, however Large-Allocation process creation is disabled on non-Win32 platforms.
 # LOCALIZATION NOTE: Do not translate "content", "Window", and "window.top"
 WindowContentUntrustedWarning=The ‘content’ attribute of Window objects is deprecated.  Please use ‘window.top’ instead.
 # LOCALIZATION NOTE: The first %S is the tag name of the element that starts the loop, the second %S is the element's ID.
 SVGRefLoopWarning=The SVG <%S> with ID “%S” has a reference loop.
 # LOCALIZATION NOTE: The first %S is the tag name of the element in the chain where the chain was broken, the second %S is the element's ID.
--- a/dom/notification/Notification.cpp
+++ b/dom/notification/Notification.cpp
@@ -465,31 +465,28 @@ NS_IMPL_RELEASE_INHERITED(NotificationPe
                           ContentPermissionRequestBase)
 
 NS_IMPL_QUERY_INTERFACE_CYCLE_COLLECTION_INHERITED(
     NotificationPermissionRequest, ContentPermissionRequestBase, nsIRunnable,
     nsINamed)
 
 NS_IMETHODIMP
 NotificationPermissionRequest::Run() {
-  bool isSystem = nsContentUtils::IsSystemPrincipal(mPrincipal);
-  bool blocked = false;
-  if (isSystem) {
+  if (nsContentUtils::IsSystemPrincipal(mPrincipal)) {
     mPermission = NotificationPermission::Granted;
   } else {
     // File are automatically granted permission.
     nsCOMPtr<nsIURI> uri;
     mPrincipal->GetURI(getter_AddRefs(uri));
 
     if (uri && uri->SchemeIs("file")) {
       mPermission = NotificationPermission::Granted;
     } else if (!StaticPrefs::dom_webnotifications_allowinsecure() &&
                !mWindow->IsSecureContext()) {
       mPermission = NotificationPermission::Denied;
-      blocked = true;
       nsCOMPtr<Document> doc = mWindow->GetExtantDoc();
       if (doc) {
         nsContentUtils::ReportToConsole(
             nsIScriptError::errorFlag, NS_LITERAL_CSTRING("DOM"), doc,
             nsContentUtils::eDOM_PROPERTIES,
             "NotificationsInsecureRequestIsForbidden");
       }
     }
@@ -507,32 +504,16 @@ NotificationPermissionRequest::Run() {
     case PromptResult::Denied:
       mPermission = NotificationPermission::Denied;
       break;
     default:
       // ignore
       break;
   }
 
-  // Check this after checking the prompt prefs to make sure this pref overrides
-  // those.  We rely on this for testing purposes.
-  if (!isSystem && !blocked &&
-      !StaticPrefs::dom_webnotifications_allowcrossoriginiframe() &&
-      !mPrincipal->Subsumes(mTopLevelPrincipal)) {
-    mPermission = NotificationPermission::Denied;
-    blocked = true;
-    nsCOMPtr<Document> doc = mWindow->GetExtantDoc();
-    if (doc) {
-      nsContentUtils::ReportToConsole(
-          nsIScriptError::errorFlag, NS_LITERAL_CSTRING("DOM"), doc,
-          nsContentUtils::eDOM_PROPERTIES,
-          "NotificationsCrossOriginIframeRequestIsForbidden");
-    }
-  }
-
   if (mPermission != NotificationPermission::Default) {
     return DispatchResolvePromise();
   }
 
   return nsContentPermissionUtils::AskPermission(this, mWindow);
 }
 
 NS_IMETHODIMP
deleted file mode 100644
--- a/dom/notification/test/mochitest/blank.html
+++ /dev/null
@@ -1,4 +0,0 @@
-<!DOCTYPE html>
-<html>
-  <body></body>
-</html>
--- a/dom/notification/test/mochitest/mochitest.ini
+++ b/dom/notification/test/mochitest/mochitest.ini
@@ -1,18 +1,16 @@
 [DEFAULT]
 
 support-files =
-  blank.html
   create_notification.html
   MockServices.js
   NotificationTest.js
 skip-if = toolkit == 'android' && !is_fennec # Bug 1531097
 
 [test_notification_basics.html]
-[test_notification_crossorigin_iframe.html]
 # This test needs to be run on HTTP (not HTTPS).
 [test_notification_insecure_context.html]
 [test_notification_storage.html]
 [test_bug931307.html]
 skip-if = (os == 'android') # Bug 1258975 on android.
 [test_notification_tag.html]
 fail-if = fission
deleted file mode 100644
--- a/dom/notification/test/mochitest/test_notification_crossorigin_iframe.html
+++ /dev/null
@@ -1,52 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<!--
-Tests that Notification permissions are denied in cross-origin iframes.
-https://bugzilla.mozilla.org/show_bug.cgi?id=1560741
--->
-<head>
-  <title>Notification permission in cross-origin iframes</title>
-  <script src="/tests/SimpleTest/SimpleTest.js"></script>
-  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
-</head>
-<body>
-  <p id="display"></p>
-  <div id="content" style="display: none">
-  </div>
-  <pre id="test">
-  <script class="testbody" type="text/javascript">
-  SimpleTest.waitForExplicitFinish();
-
-  const kBlankURL = "https://example.com/tests/dom/notification/test/mochitest/blank.html";
-
-  (async function runTest() {
-    await SpecialPowers.setBoolPref("notification.prompt.testing", true);
-    await SpecialPowers.setBoolPref("notification.prompt.testing.allow", true);
-    await SpecialPowers.setBoolPref("dom.webnotifications.allowinsecure", true);
-
-    let iframe = document.createElement("iframe");
-    iframe.src = kBlankURL;
-    document.body.appendChild(iframe);
-    await new Promise(resolve => {
-      iframe.onload = resolve;
-    });
-
-    const Notif = SpecialPowers.wrap(iframe.contentWindow).Notification;
-    let response = await Notif.requestPermission();
-    is(response, "denied", "Denied permission in cross-origin iframe");
-
-    await SpecialPowers.pushPrefEnv({"set": [["dom.webnotifications.allowcrossoriginiframe", true]]});
-
-    response = await Notif.requestPermission();
-    is(response, "granted", "Granted permission in cross-origin iframe with pref set");
-
-    await SpecialPowers.clearUserPref("notification.prompt.testing");
-    await SpecialPowers.clearUserPref("notification.prompt.testing.allow");
-    await SpecialPowers.clearUserPref("dom.webnotifications.allowinsecure");
-
-    SimpleTest.finish();
-  })();
-  </script>
-  </pre>
-</body>
-</html>
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@@ -2332,21 +2332,16 @@
   value: false
   mirror: always
 
 - name: dom.webnotifications.allowinsecure
   type: RelaxedAtomicBool
   value: false
   mirror: always
 
-- name: dom.webnotifications.allowcrossoriginiframe
-  type: RelaxedAtomicBool
-  value: false
-  mirror: always
-
 - name: dom.webnotifications.enabled
   type: RelaxedAtomicBool
   value: true
   mirror: always
 
 - name: dom.webnotifications.requireuserinteraction
   type: RelaxedAtomicBool
   value: @IS_EARLY_BETA_OR_EARLIER@
--- a/toolkit/components/telemetry/Histograms.json
+++ b/toolkit/components/telemetry/Histograms.json
@@ -15172,16 +15172,26 @@
     "alert_emails": ["jhofmann@mozilla.com"],
     "bug_numbers": [1345077, 1494589],
     "expires_in_version": "70",
     "kind": "enumerated",
     "n_values": 10,
     "keyed": true,
     "description": "Permission requests (showing a permission prompt) by origin scheme (0=other,1=http,2=https)."
   },
+  "PERMISSION_REQUEST_THIRD_PARTY_ORIGIN": {
+    "record_in_processes": ["main"],
+    "products": ["firefox", "fennec", "geckoview"],
+    "alert_emails": ["jhofmann@mozilla.com"],
+    "bug_numbers": [1345077, 1494589],
+    "expires_in_version": "70",
+    "kind": "boolean",
+    "keyed": true,
+    "description": "Permission requests (showing a permission prompt) by whether they come from a third party origin."
+  },
   "PERMISSION_REQUEST_HANDLING_USER_INPUT": {
     "record_in_processes": ["main"],
     "products": ["firefox", "fennec", "geckoview"],
     "alert_emails": ["jhofmann@mozilla.com"],
     "bug_numbers": [1345077, 1494589],
     "expires_in_version": "70",
     "kind": "boolean",
     "keyed": true,