Backed out 2 changesets (bug 1405971) on evilpies's request
authorBogdan Tara <btara@mozilla.com>
Mon, 18 Nov 2019 23:08:21 +0200
changeset 502479 765b9da8b818804ee68c8e18f92d2bdaa1794d8e
parent 502478 21f755c04005255c5305a13ad9087420e4489b7b
child 502480 859e84396f6dc4584bbb0d53be2756c26ca78ea0
push id114172
push userdluca@mozilla.com
push dateTue, 19 Nov 2019 11:31:10 +0000
treeherdermozilla-inbound@b5c5ba07d3db [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs1405971
milestone72.0a1
backs outdd473ab6821ecc27e748a756dca9ea8ebceaf0c5
3b42f1a5097a3ea23d91740ffd3bac899d128952
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out 2 changesets (bug 1405971) on evilpies's request Backed out changeset dd473ab6821e (bug 1405971) Backed out changeset 3b42f1a5097a (bug 1405971)
netwerk/protocol/http/nsHttpChannel.cpp
toolkit/components/extensions/test/mochitest/mochitest-common.ini
toolkit/components/extensions/test/mochitest/return_headers_cors.sjs
toolkit/components/extensions/test/mochitest/test_ext_fetch_origin.html
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -9757,47 +9757,34 @@ void nsHttpChannel::MaybeWarnAboutAppCac
   GetCallback(warner);
   if (warner) {
     warner->IssueWarning(Document::eAppCache, false);
   }
 }
 
 // Step 10 of HTTP-network-or-cache fetch
 void nsHttpChannel::SetOriginHeader() {
+  if (mRequestHead.IsGet() || mRequestHead.IsHead()) {
+    return;
+  }
   nsresult rv;
 
   nsAutoCString existingHeader;
   Unused << mRequestHead.GetHeader(nsHttp::Origin, existingHeader);
-  if (!existingHeader.IsEmpty() && !existingHeader.EqualsLiteral("null")) {
-    LOG(
-        ("nsHttpChannel::SetOriginHeader Origin header already present "
-         "[this=%p]",
-         this));
+  if (!existingHeader.IsEmpty()) {
+    LOG(("nsHttpChannel::SetOriginHeader Origin header already present"));
     nsCOMPtr<nsIURI> uri;
     rv = NS_NewURI(getter_AddRefs(uri), existingHeader);
-    if (NS_FAILED(rv) || !dom::ReferrerInfo::IsReferrerSchemeAllowed(uri)) {
-      LOG(
-          ("nsHttpChannel::SetOriginHeader removing header for disallowed "
-           "scheme [this=%p]",
-           this));
-      DebugOnly<nsresult> rv = mRequestHead.ClearHeader(nsHttp::Origin);
+    if (NS_SUCCEEDED(rv) &&
+        ReferrerInfo::ShouldSetNullOriginHeader(this, uri)) {
+      LOG(("nsHttpChannel::SetOriginHeader null Origin by Referrer-Policy"));
+      rv = mRequestHead.SetHeader(nsHttp::Origin, NS_LITERAL_CSTRING("null"),
+                                  false /* merge */);
       MOZ_ASSERT(NS_SUCCEEDED(rv));
-    } else if (ReferrerInfo::ShouldSetNullOriginHeader(this, uri)) {
-      LOG(
-          ("nsHttpChannel::SetOriginHeader null Origin by Referrer-Policy "
-           "[this=%p]",
-           this));
-      DebugOnly<nsresult> rv = mRequestHead.SetHeader(
-          nsHttp::Origin, NS_LITERAL_CSTRING("null"), false /* merge */);
-      MOZ_ASSERT(NS_SUCCEEDED(rv));
-    }
-    return;
-  }
-
-  if (mRequestHead.IsGet() || mRequestHead.IsHead()) {
+    }
     return;
   }
 
   // Instead of consulting Preferences::GetInt() all the time we
   // can cache the result to speed things up.
   static int32_t sSendOriginHeader = 0;
   static bool sIsInited = false;
   if (!sIsInited) {
--- a/toolkit/components/extensions/test/mochitest/mochitest-common.ini
+++ b/toolkit/components/extensions/test/mochitest/mochitest-common.ini
@@ -43,17 +43,16 @@ support-files =
   head_unlimitedStorage.js
   head_webrequest.js
   hsts.sjs
   mochitest_console.js
   oauth.html
   redirect_auto.sjs
   redirection.sjs
   return_headers.sjs
-  return_headers_cors.sjs
   slow_response.sjs
   webrequest_worker.js
   !/dom/tests/mochitest/geolocation/network_geolocation.sjs
   !/toolkit/components/passwordmgr/test/authenticate.sjs
   file_redirect_data_uri.html
   file_redirect_cors_bypass.html
 prefs =
   security.mixed_content.upgrade_display_content=false
@@ -149,9 +148,8 @@ skip-if = (webrender && os == 'linux') #
 [test_ext_webrequest_hsts.html]
 skip-if = os == 'android' || os == 'linux'
 [test_ext_webrequest_upgrade.html]
 [test_ext_webrequest_upload.html]
 skip-if = os == 'android' # Currently fails in emulator tests
 [test_ext_webrequest_redirect_data_uri.html]
 [test_ext_window_postMessage.html]
 [test_ext_webrequest_redirect_bypass_cors.html]
-[test_ext_fetch_origin.html]
deleted file mode 100644
--- a/toolkit/components/extensions/test/mochitest/return_headers_cors.sjs
+++ /dev/null
@@ -1,24 +0,0 @@
-/* -*- Mode: indent-tabs-mode: nil; js-indent-level: 2 -*- */
-/* vim: set ft=javascript sts=2 sw=2 et tw=80: */
-"use strict";
-
-/* exported handleRequest */
-
-function handleRequest(request, response) {
-  response.setStatusLine(request.httpVersion, 200, "OK");
-  response.setHeader("Content-Type", "text/json", false);
-  response.setHeader("Access-Control-Allow-Credentials", "true", false);
-  response.setHeader("Access-Control-Allow-Origin", "*", false);
-
-
-  let headers = {};
-  // Why on earth is this a nsISimpleEnumerator...
-  let enumerator = request.headers;
-  while (enumerator.hasMoreElements()) {
-    let header = enumerator.getNext().data;
-    headers[header.toLowerCase()] = request.getHeader(header);
-  }
-
-  response.write(JSON.stringify(headers));
-}
-
deleted file mode 100644
--- a/toolkit/components/extensions/test/mochitest/test_ext_fetch_origin.html
+++ /dev/null
@@ -1,60 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<head>
-  <title>Test for simple WebExtension</title>
-  <script src="/tests/SimpleTest/SimpleTest.js"></script>
-  <script src="/tests/SimpleTest/ExtensionTestUtils.js"></script>
-  <script type="text/javascript" src="head.js"></script>
-  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
-</head>
-<body>
-
-<script type="text/javascript">
-"use strict";
-
-add_task(async function test_fetch_origin() {
-  let extension = ExtensionTestUtils.loadExtension({
-    manifest: {
-      permissions: [
-        // We purposefully don't add any host permission for example.org
-        // (or all_urls). This ensures the requests below use CORS,
-        // which would normally send an Origin header with a moz-extension:
-        // scheme.
-      ],
-    },
-    async background() {
-      const PATH = "https://example.org/tests/toolkit/components/extensions/test/mochitest/return_headers_cors.sjs";
-
-      let response = await fetch(PATH);
-      let headers = await response.json();
-
-      browser.test.assertEq(headers.host, "example.org", "right host");
-      browser.test.assertFalse("origin" in headers, "no Origin header")
-
-      headers = await new Promise((resolve, reject) => {
-        /* eslint-disable mozilla/balanced-listeners */
-        let xhr = new XMLHttpRequest();
-        xhr.open("GET", PATH);
-        xhr.addEventListener("load", () => {
-          resolve(JSON.parse(xhr.response));
-        })
-        xhr.addEventListener("error", reject)
-        xhr.send();
-      })
-
-      browser.test.assertEq(headers.host, "example.org", "right host");
-      browser.test.assertFalse("origin" in headers, "no Origin header");
-
-      browser.test.sendMessage("finished");
-    },
-  });
-
-  await extension.startup();
-  await extension.awaitMessage("finished");
-  await extension.unload();
-});
-
-</script>
-
-</body>
-</html>