Bug 1591736 - Fix AddonManagerWebAPI::IsAPIEnabled in out-of-process iframes r=mixedpuppy
authorTomislav Jovanovic <tomica@gmail.com>
Mon, 28 Oct 2019 21:51:30 +0000
changeset 499515 51c14691f8e7b7577905b2fa77e340fdaf338ec8
parent 499514 da9cbdbdfcbf74ba8f995e54803ab9fcfd1b3552
child 499516 90a75d99806846c79ddd82d99afcf2152474c4f9
push id114161
push userncsoregi@mozilla.com
push dateTue, 29 Oct 2019 21:34:24 +0000
treeherdermozilla-inbound@25bf8e097e60 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmixedpuppy
bugs1591736
milestone72.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1591736 - Fix AddonManagerWebAPI::IsAPIEnabled in out-of-process iframes r=mixedpuppy Differential Revision: https://phabricator.services.mozilla.com/D50713
toolkit/mozapps/extensions/AddonManagerWebAPI.cpp
toolkit/mozapps/extensions/test/browser/browser.ini
toolkit/mozapps/extensions/test/browser/browser_webapi_access.js
toolkit/mozapps/extensions/test/xpinstall/browser.ini
--- a/toolkit/mozapps/extensions/AddonManagerWebAPI.cpp
+++ b/toolkit/mozapps/extensions/AddonManagerWebAPI.cpp
@@ -103,27 +103,30 @@ bool AddonManagerWebAPI::IsAPIEnabled(JS
       return false;
     }
 
     if (!IsValidSite(win->GetDocumentURI())) {
       return false;
     }
 
     // Checks whether there is a parent frame of the same type. This won't cross
-    // mozbrowser or chrome boundaries.
+    // mozbrowser or chrome or fission/process boundaries.
     nsCOMPtr<nsIDocShellTreeItem> parent;
     nsresult rv = docShell->GetInProcessSameTypeParent(getter_AddRefs(parent));
     if (NS_FAILED(rv)) {
       return false;
     }
 
+    // No parent means we've hit a mozbrowser or chrome or process boundary.
     if (!parent) {
-      // No parent means we've hit a mozbrowser or chrome boundary so allow
-      // access to the API.
-      return true;
+      // With Fission, a cross-origin iframe has an out-of-process parent, but
+      // DocShell knows nothing about it. We need to ask BrowsingContext here,
+      // and only allow API access if AMO is actually at the top, not framed
+      // by evilleagueofevil.com.
+      return docShell->GetBrowsingContext()->IsTopContent();
     }
 
     Document* doc = win->GetDoc();
     if (!doc) {
       return false;
     }
 
     doc = doc->GetInProcessParentDocument();
--- a/toolkit/mozapps/extensions/test/browser/browser.ini
+++ b/toolkit/mozapps/extensions/test/browser/browser.ini
@@ -103,20 +103,17 @@ skip-if = verify
 [browser_task_next_test.js]
 [browser_updateid.js]
 [browser_updatessl.js]
 [browser_webapi.js]
 [browser_webapi_abuse_report.js]
 support-files =
   head_abuse_report.js
 [browser_webapi_access.js]
-skip-if = fission
 [browser_webapi_addon_listener.js]
-skip-if = fission
 [browser_webapi_enable.js]
 [browser_webapi_install.js]
-skip-if = fission && debug
 [browser_webapi_install_disabled.js]
 [browser_webapi_theme.js]
 [browser_webapi_uninstall.js]
 [browser_webext_icon.js]
 [browser_webext_incognito.js]
 [browser_webext_incognito_doorhanger_telemetry.js]
--- a/toolkit/mozapps/extensions/test/browser/browser_webapi_access.js
+++ b/toolkit/mozapps/extensions/test/browser/browser_webapi_access.js
@@ -2,27 +2,21 @@
  * http://creativecommons.org/publicdomain/zero/1.0/
  */
 
 registerCleanupFunction(() => {
   Services.prefs.clearUserPref("extensions.webapi.testing");
 });
 
 function check_frame_availability(browser) {
-  return ContentTask.spawn(browser, null, async function() {
-    let frame = content.document.getElementById("frame");
-    return (
-      frame.contentWindow.document.getElementById("result").textContent ==
-      "true"
-    );
-  });
+  return check_availability(browser.browsingContext.getChildren()[0]);
 }
 
 function check_availability(browser) {
-  return ContentTask.spawn(browser, null, async function() {
+  return SpecialPowers.spawn(browser, [], async function() {
     return content.document.getElementById("result").textContent == "true";
   });
 }
 
 // Test that initially the API isn't available in the test domain
 add_task(async function test_not_available() {
   await BrowserTestUtils.withNewTab(
     `${SECURE_TESTROOT}webapi_checkavailable.html`,
--- a/toolkit/mozapps/extensions/test/xpinstall/browser.ini
+++ b/toolkit/mozapps/extensions/test/xpinstall/browser.ini
@@ -76,11 +76,10 @@ skip-if = debug # Bug 1541577 - leaks on
 [browser_relative.js]
 [browser_softwareupdate.js]
 [browser_trigger_redirect.js]
 [browser_unsigned_trigger.js]
 skip-if = require_signing
 [browser_unsigned_trigger_iframe.js]
 skip-if = require_signing
 [browser_unsigned_trigger_xorigin.js]
-skip-if = fission
 [browser_unsigned_url.js]
 skip-if = require_signing