Bug 1632581 - do not construct URIs when comparing password manager origins if we cannot upgrade or wildcard subdomains, r=MattN
authorGijs Kruitbosch <gijskruitbosch@gmail.com>
Mon, 27 Apr 2020 17:45:05 +0000
changeset 526307 c84e287b9bd60401a98dec2d9f3c62f9240a3c5e
parent 526306 673480d4520bc5a810761957dace5b95b0881d64
child 526308 4f569032e9f1ad79d5b9086d1fcdfa291181f90d
push id114184
push usergijskruitbosch@gmail.com
push dateMon, 27 Apr 2020 18:18:54 +0000
treeherderautoland@c84e287b9bd6 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersMattN
bugs1632581
milestone77.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1632581 - do not construct URIs when comparing password manager origins if we cannot upgrade or wildcard subdomains, r=MattN As there is no way that the method can return true, we might as well skip the work of constructing URIs. This also avoids unnecessary errors when trying to do so for chrome URIs that are not valid, like the ones produced by FxA. Differential Revision: https://phabricator.services.mozilla.com/D72556
toolkit/components/passwordmgr/LoginHelper.jsm
--- a/toolkit/components/passwordmgr/LoginHelper.jsm
+++ b/toolkit/components/passwordmgr/LoginHelper.jsm
@@ -328,16 +328,22 @@ this.LoginHelper = {
     if (!aOptions) {
       return false;
     }
 
     if (aOptions.acceptWildcardMatch && aLoginOrigin == "") {
       return true;
     }
 
+    // We can only match logins now if either of these flags are true, so
+    // avoid doing the work of constructing URL objects if neither is true.
+    if (!aOptions.acceptDifferentSubdomains && !aOptions.schemeUpgrades) {
+      return false;
+    }
+
     try {
       let loginURI = Services.io.newURI(aLoginOrigin);
       let searchURI = Services.io.newURI(aSearchOrigin);
       let schemeMatches =
         loginURI.scheme == "http" && searchURI.scheme == "https";
 
       if (aOptions.acceptDifferentSubdomains) {
         let loginBaseDomain = Services.eTLD.getBaseDomain(loginURI);