author | Csoregi Natalia <ncsoregi@mozilla.com> |
Tue, 28 Apr 2020 10:01:30 +0300 | |
changeset 526395 | a99c73301874690830624ae0a98c7940bc754c7d |
parent 526394 | 14568f3c84b6b7f1c15b940aee0b2a28725530d9 |
child 526396 | 064453fc2dac1435319bf0441d442a614137e0f3 |
push id | 114248 |
push user | ncsoregi@mozilla.com |
push date | Tue, 28 Apr 2020 07:03:49 +0000 |
treeherder | autoland@a99c73301874 [default view] [failures only] |
perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
bugs | 1575356 |
milestone | 77.0a1 |
backs out | 14568f3c84b6b7f1c15b940aee0b2a28725530d9 |
first release with | nightly linux32
a99c73301874
/
77.0a1
/
20200428100141
/
files
nightly linux64
a99c73301874
/
77.0a1
/
20200428100141
/
files
nightly mac
a99c73301874
/
77.0a1
/
20200428100141
/
files
nightly win32
a99c73301874
/
77.0a1
/
20200428100141
/
files
nightly win64
a99c73301874
/
77.0a1
/
20200428100141
/
files
|
last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
releases | nightly linux32
77.0a1
/
20200428100141
/
pushlog to previous
nightly linux64
77.0a1
/
20200428100141
/
pushlog to previous
nightly mac
77.0a1
/
20200428100141
/
pushlog to previous
nightly win32
77.0a1
/
20200428100141
/
pushlog to previous
nightly win64
77.0a1
/
20200428100141
/
pushlog to previous
|
--- a/browser/base/content/test/siteIdentity/browser.ini +++ b/browser/base/content/test/siteIdentity/browser.ini @@ -114,12 +114,11 @@ support-files = [browser_check_identity_state.js] [browser_iframe_navigation.js] support-files = iframe_navigation.html [browser_navigation_failures.js] [browser_secure_transport_insecure_scheme.js] [browser_ignore_same_page_navigation.js] [browser_mixed_content_with_navigation.js] -tags = mcb support-files = file_mixedPassiveContent.html file_bug1045809_1.html
--- a/docshell/base/BrowsingContext.h +++ b/docshell/base/BrowsingContext.h @@ -127,20 +127,17 @@ class WindowProxyHolder; FIELD(UserAgentOverride, nsString) \ FIELD(EmbedderElementType, Maybe<nsString>) \ FIELD(MessageManagerGroup, nsString) \ FIELD(MaxTouchPointsOverride, uint8_t) \ FIELD(FullZoom, float) \ FIELD(WatchedByDevtools, bool) \ FIELD(TextZoom, float) \ /* See nsIRequest for possible flags. */ \ - FIELD(DefaultLoadFlags, uint32_t) \ - /* Mixed-Content: If the corresponding documentURI is https, \ - * then this flag is true. */ \ - FIELD(IsSecure, bool) + FIELD(DefaultLoadFlags, uint32_t) // BrowsingContext, in this context, is the cross process replicated // environment in which information about documents is stored. In // particular the tree structure of nested browsing contexts is // represented by the tree of BrowsingContexts. // // The tree of BrowsingContexts is created in step with its // corresponding nsDocShell, and when nsDocShells are connected
--- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -4783,51 +4783,53 @@ nsDocShell::GetFailedChannel(nsIChannel* NS_IMETHODIMP nsDocShell::GetMixedContentChannel(nsIChannel** aMixedContentChannel) { NS_ENSURE_ARG_POINTER(aMixedContentChannel); NS_IF_ADDREF(*aMixedContentChannel = mMixedContentChannel); return NS_OK; } NS_IMETHODIMP -nsDocShell::GetAllowMixedContentAndConnectionData(bool* aAllowMixedContent) { +nsDocShell::GetAllowMixedContentAndConnectionData( + bool* aRootHasSecureConnection, bool* aAllowMixedContent, + bool* aIsRootDocShell) { + *aRootHasSecureConnection = true; *aAllowMixedContent = false; - - // If there is a rootDocShell and calling GetMixedContentChannel() on that - // rootShell returns a non null mixedContentChannel indicates that the - // document has Mixed Active Content that was initially blocked from loading, - // but the user has choosen to override the block and allow the content to - // load. - // mMixedContentChannel is set to the document's channel when the user allows - // mixed content. The MixedContentBlocker content policy checks if the - // document's root channel matches the mMixedContentChannel. - - nsCOMPtr<nsIDocShell> rootShell = mBrowsingContext->Top()->GetDocShell(); - // XXX Fission: Cross origin iframes can not access the top-level docshell. - // Bug 1632160: Remove GetAllowMixedContentAndConnectionData from - // nsIDocShell and expose similar functionality on BrowsingContext - if (!rootShell) { - return NS_OK; - } - - nsCOMPtr<nsIChannel> mixedChannel; - rootShell->GetMixedContentChannel(getter_AddRefs(mixedChannel)); - if (!mixedChannel) { - return NS_OK; - } - - RefPtr<Document> rootDoc = rootShell->GetDocument(); - if (!rootDoc) { - return NS_OK; - } - - // Check the root doc's channel against the root docShell's - // mMixedContentChannel to see if they are the same. If they are the same, - // the user has overriden the block. - *aAllowMixedContent = (mixedChannel == rootDoc->GetChannel()); + *aIsRootDocShell = false; + + nsCOMPtr<nsIDocShellTreeItem> sameTypeRoot; + GetInProcessSameTypeRootTreeItem(getter_AddRefs(sameTypeRoot)); + NS_ASSERTION( + sameTypeRoot, + "No document shell root tree item from document shell tree item!"); + *aIsRootDocShell = + sameTypeRoot.get() == static_cast<nsIDocShellTreeItem*>(this); + + // now get the document from sameTypeRoot + RefPtr<Document> rootDoc = sameTypeRoot->GetDocument(); + if (rootDoc) { + nsCOMPtr<nsIPrincipal> rootPrincipal = rootDoc->NodePrincipal(); + + // For things with system principal (e.g. scratchpad) there is no uri + // aRootHasSecureConnection should be false. + nsCOMPtr<nsIURI> rootUri = rootPrincipal->GetURI(); + if (rootPrincipal->IsSystemPrincipal() || !rootUri || + !SchemeIsHTTPS(rootUri)) { + *aRootHasSecureConnection = false; + } + + // Check the root doc's channel against the root docShell's + // mMixedContentChannel to see if they are the same. If they are the same, + // the user has overriden the block. + nsCOMPtr<nsIDocShell> rootDocShell = do_QueryInterface(sameTypeRoot); + nsCOMPtr<nsIChannel> mixedChannel; + rootDocShell->GetMixedContentChannel(getter_AddRefs(mixedChannel)); + *aAllowMixedContent = + mixedChannel && (mixedChannel == rootDoc->GetChannel()); + } return NS_OK; } NS_IMETHODIMP nsDocShell::SetVisibility(bool aVisibility) { // Show()/Hide() may change mContentViewer. nsCOMPtr<nsIContentViewer> cv = mContentViewer;
--- a/docshell/base/nsIDocShell.idl +++ b/docshell/base/nsIDocShell.idl @@ -727,18 +727,21 @@ interface nsIDocShell : nsIDocShellTreeI * will be false, mMixedContentChannel will remain null since blocking active content has * been disabled and hence mMixedContentChannel will never be set. */ attribute nsIChannel mixedContentChannel; /** * Checks whether the channel associated with the root docShell is equal to * mMixedContentChannel. If they are the same, allowMixedContent is set to true. + * Checks if the root document has a secure connection. If it is, sets + * rootHasSecureConnection to true. If the docShell is the root doc shell, + * isRootDocShell is set to true. */ - void GetAllowMixedContentAndConnectionData(out boolean allowMixedContent); + void GetAllowMixedContentAndConnectionData(out boolean rootHasSecureConnection, out boolean allowMixedContent, out boolean isRootDocShell); /** * Are plugins allowed in the current document loaded in this docshell ? * (if there is one). This depends on whether plugins are allowed by this * docshell itself or if the document is sandboxed and hence plugins should * not be allowed. */
--- a/dom/base/Document.cpp +++ b/dom/base/Document.cpp @@ -3588,24 +3588,16 @@ void Document::SetDocumentURI(nsIURI* aU Unused << thirdPartyUtil->GetBaseDomain(mDocumentURI, mBaseDomain); } // Tell our WindowGlobalParent that the document's URI has been changed. nsPIDOMWindowInner* inner = GetInnerWindow(); if (inner && inner->GetWindowGlobalChild()) { inner->GetWindowGlobalChild()->SetDocumentURI(mDocumentURI); } - - auto* browsingContext = GetBrowsingContext(); - if (browsingContext) { - nsCOMPtr<nsIURI> innerDocURI = NS_GetInnermostURI(mDocumentURI); - if (innerDocURI) { - browsingContext->SetIsSecure(innerDocURI->SchemeIs("https")); - } - } } static void GetFormattedTimeString(PRTime aTime, nsAString& aFormattedTimeString) { PRExplodedTime prtime; PR_ExplodeTime(aTime, PR_LocalTimeParameters, &prtime); // "MM/DD/YYYY hh:mm:ss" char formatedTime[24];
--- a/dom/security/nsMixedContentBlocker.cpp +++ b/dom/security/nsMixedContentBlocker.cpp @@ -32,17 +32,16 @@ #include "nsAsyncRedirectVerifyHelper.h" #include "mozilla/LoadInfo.h" #include "nsISiteSecurityService.h" #include "prnetdb.h" #include "mozilla/BasePrincipal.h" #include "mozilla/Logging.h" #include "mozilla/StaticPrefs_dom.h" -#include "mozilla/StaticPrefs_fission.h" #include "mozilla/StaticPrefs_security.h" #include "mozilla/Telemetry.h" #include "mozilla/dom/ContentChild.h" #include "mozilla/ipc/URIUtils.h" #include "mozilla/net/DNS.h" using namespace mozilla; using namespace mozilla::dom; @@ -827,71 +826,89 @@ nsresult nsMixedContentBlocker::ShouldLo document->InnerWindowID(), !!document->NodePrincipal()->OriginAttributesRef().mPrivateBrowsingId); *aDecision = REJECT_REQUEST; return NS_OK; } // Determine if the rootDoc is https and if the user decided to allow Mixed // Content - bool rootHasSecureConnection = - docShell->GetBrowsingContext()->Top()->GetIsSecure(); + bool rootHasSecureConnection = false; bool allowMixedContent = false; - nsresult rv = - docShell->GetAllowMixedContentAndConnectionData(&allowMixedContent); + bool isRootDocShell = false; + nsresult rv = docShell->GetAllowMixedContentAndConnectionData( + &rootHasSecureConnection, &allowMixedContent, &isRootDocShell); if (NS_FAILED(rv)) { *aDecision = REJECT_REQUEST; return rv; } + // Get the sameTypeRoot tree item from the docshell + nsCOMPtr<nsIDocShellTreeItem> sameTypeRoot; + docShell->GetInProcessSameTypeRootTreeItem(getter_AddRefs(sameTypeRoot)); + NS_ASSERTION(sameTypeRoot, "No root tree item from docshell!"); + // When navigating an iframe, the iframe may be https // but its parents may not be. Check the parents to see if any of them are // https. If none of the parents are https, allow the load. if (aContentType == TYPE_SUBDOCUMENT && !rootHasSecureConnection) { bool httpsParentExists = false; - RefPtr<BrowsingContext> curBC = docShell->GetBrowsingContext(); + nsCOMPtr<nsIDocShellTreeItem> parentTreeItem; + parentTreeItem = docShell; + + while (!httpsParentExists && parentTreeItem) { + nsCOMPtr<nsIWebNavigation> parentAsNav(do_QueryInterface(parentTreeItem)); + NS_ASSERTION(parentAsNav, + "No web navigation object from parent's docshell tree item"); + nsCOMPtr<nsIURI> parentURI; + + parentAsNav->GetCurrentURI(getter_AddRefs(parentURI)); + if (!parentURI) { + // if getting the URI fails, assume there is a https parent and break. + httpsParentExists = true; + break; + } - while (!httpsParentExists && curBC) { - httpsParentExists = curBC->GetIsSecure(); - curBC = curBC->GetParent(); - } + nsCOMPtr<nsIURI> innerParentURI = NS_GetInnermostURI(parentURI); + if (!innerParentURI) { + NS_ERROR("Can't get innerURI from parentURI"); + *aDecision = REJECT_REQUEST; + return NS_OK; + } + + httpsParentExists = innerParentURI->SchemeIs("https"); + + // When the parent and the root are the same, we have traversed all the + // way up the same type docshell tree. Break out of the while loop. + if (sameTypeRoot == parentTreeItem) { + break; + } + + // update the parent to the grandparent. + nsCOMPtr<nsIDocShellTreeItem> newParentTreeItem; + parentTreeItem->GetInProcessSameTypeParent( + getter_AddRefs(newParentTreeItem)); + parentTreeItem = newParentTreeItem; + } // end while loop. if (!httpsParentExists) { *aDecision = nsIContentPolicy::ACCEPT; return NS_OK; } } - // Get the root document from the rootShell - nsCOMPtr<nsIDocShell> rootShell = - docShell->GetBrowsingContext()->Top()->GetDocShell(); - nsCOMPtr<Document> rootDoc = rootShell ? rootShell->GetDocument() : nullptr; - - // TODO Fission: Bug 1631405: Make Mixed Content UI fission compatible - // At this point we know it's a mixed content load, which means we we would - // allow mixed passive content to load but only allow mixed active content - // if the user has updated prefs or overriden mixed content using the UI. - // In fission however, we might not have access to the rootShell or RootDoc - // so might not be able to access Mixed Content UI. Until we have fixed - // Bug 1631405 we assume default behavior and allow mixed passive content - // but block mixed active content in fission. - if (StaticPrefs::fission_autostart()) { - if (!rootShell || !rootDoc) { - if (classification == eMixedDisplay) { - *aDecision = nsIContentPolicy::ACCEPT; - return NS_OK; - } - *aDecision = nsIContentPolicy::REJECT_REQUEST; - return NS_OK; - } - } + // Get the root document from the sameTypeRoot + nsCOMPtr<Document> rootDoc = sameTypeRoot->GetDocument(); + NS_ASSERTION(rootDoc, "No root document from document shell root tree item."); nsDocShell* nativeDocShell = nsDocShell::Cast(docShell); - + nsCOMPtr<nsIDocShell> rootShell = do_GetInterface(sameTypeRoot); + NS_ASSERTION(rootShell, + "No root docshell from document shell root tree item."); uint32_t state = nsIWebProgressListener::STATE_IS_BROKEN; nsCOMPtr<nsISecureBrowserUI> securityUI; rootShell->GetSecurityUI(getter_AddRefs(securityUI)); // If there is no securityUI, document doesn't have a security state. // Allow load and return early. if (!securityUI) { *aDecision = nsIContentPolicy::ACCEPT; return NS_OK;
--- a/security/manager/ssl/tests/mochitest/mixedcontent/mochitest.ini +++ b/security/manager/ssl/tests/mochitest/mixedcontent/mochitest.ini @@ -59,11 +59,12 @@ disabled=intermitently fails, quite ofte [test_unsecureIframe.html] [test_unsecureIframe2.html] [test_unsecureIframeMetaRedirect.html] disabled=intermittently fails, less often, bug 487632 [test_unsecureIframeRedirect.html] fail-if = fission [test_unsecurePicture.html] [test_unsecurePictureDup.html] +skip-if = fission && debug [test_unsecurePictureInIframe.html] [test_unsecureRedirect.html] skip-if = verify && debug && (os == 'linux' || os == 'mac')