Bug 1325501 - Adds ServiceRequest as a drop-in replacement for XHR, which uses conservative TLS settings r=mossop
☠☠ backed out by 57af1c590bf9 ☠ ☠
authorRobert Helmer <rhelmer@mozilla.com>
Thu, 22 Dec 2016 15:56:37 -0800
changeset 327268 880decff07b3b750e5e6122cb23574b52069052f
parent 327267 8e4f8410c08c7ca1c88e69c606ff2ee12bd2e123
child 327269 c0493757d21e4ca0c1e0281490a7a68efd619722
push id85146
push userphilringnalda@gmail.com
push dateSun, 25 Dec 2016 00:56:51 +0000
treeherdermozilla-inbound@1156db49e976 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmossop
bugs1325501
milestone53.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1325501 - Adds ServiceRequest as a drop-in replacement for XHR, which uses conservative TLS settings r=mossop MozReview-Commit-ID: 5937m90Q948
toolkit/modules/ServiceRequest.jsm
toolkit/modules/moz.build
toolkit/modules/tests/xpcshell/test_servicerequest_xhr.js
toolkit/modules/tests/xpcshell/xpcshell.ini
new file mode 100644
--- /dev/null
+++ b/toolkit/modules/ServiceRequest.jsm
@@ -0,0 +1,49 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components;
+
+/**
+  * This module consolidates various code and data update requests, so flags
+  * can be set, Telemetry collected, etc. in a central place.
+  */
+
+Cu.import("resource://gre/modules/Log.jsm");
+Cu.importGlobalProperties(["XMLHttpRequest"]);
+
+this.EXPORTED_SYMBOLS = [ "ServiceRequest" ];
+
+const logger = Log.repository.getLogger("ServiceRequest");
+logger.level = Log.Level.Debug;
+logger.addAppender(new Log.ConsoleAppender(new Log.BasicFormatter()));
+
+/**
+  * ServiceRequest is intended to be a drop-in replacement for current users
+  * of XMLHttpRequest.
+  *
+  * @param {Object} options - Options for underlying XHR, e.g. { mozAnon: bool }
+  */
+class ServiceRequest extends XMLHttpRequest {
+  constructor(options) {
+    super(options);
+  }
+  /**
+    * Opens an XMLHttpRequest, and sets the NSS "beConservative" flag.
+    * Requests are always async.
+    *
+    * @param {String} method - HTTP method to use, e.g. "GET".
+    * @param {String} url - URL to open.
+    * @param {Object} options - Additional options (reserved for future use).
+    */
+  open(method, url, options) {
+    super.open(method, url, true);
+
+    // Disable cutting edge features, like TLS 1.3, where middleboxes might brick us
+    if (super.channel instanceof Ci.nsIHttpChannelInternal) {
+      super.channel.QueryInterface(Ci.nsIHttpChannelInternal).beConservative = true;
+    }
+  }
+}
--- a/toolkit/modules/moz.build
+++ b/toolkit/modules/moz.build
@@ -77,16 +77,17 @@ EXTRA_JS_MODULES += [
     'RemotePageManager.jsm',
     'RemoteSecurityUI.jsm',
     'RemoteWebProgress.jsm',
     'ResetProfile.jsm',
     'secondscreen/RokuApp.jsm',
     'secondscreen/SimpleServiceDiscovery.jsm',
     'SelectContentHelper.jsm',
     'SelectParentHelper.jsm',
+    'ServiceRequest.jsm',
     'Services.jsm',
     'SessionRecorder.jsm',
     'sessionstore/FormData.jsm',
     'sessionstore/ScrollPosition.jsm',
     'sessionstore/XPathGenerator.jsm',
     'ShortcutUtils.jsm',
     'Sntp.jsm',
     'SpatialNavigation.jsm',
new file mode 100644
--- /dev/null
+++ b/toolkit/modules/tests/xpcshell/test_servicerequest_xhr.js
@@ -0,0 +1,25 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+var {classes: Cc, interfaces: Ci, utils: Cu} = Components;
+
+Cu.import("resource://gre/modules/ServiceRequest.jsm");
+
+add_task(function* test_tls_conservative() {
+  const request = new ServiceRequest();
+  request.open("GET", "http://example.com", false);
+
+  const sr_channel = request.channel.QueryInterface(Ci.nsIHttpChannelInternal);
+  ok(("beConservative" in sr_channel), "TLS setting is present in SR channel");
+  ok(sr_channel.beConservative, "TLS setting in request channel is set to conservative for SR");
+
+  const xhr = new XMLHttpRequest();
+  xhr.open("GET", "http://example.com", false);
+
+  const xhr_channel = xhr.channel.QueryInterface(Ci.nsIHttpChannelInternal);
+  ok(("beConservative" in xhr_channel), "TLS setting is present in XHR channel");
+  ok(!xhr_channel.beConservative, "TLS setting in request channel is not set to conservative for XHR");
+
+});
--- a/toolkit/modules/tests/xpcshell/xpcshell.ini
+++ b/toolkit/modules/tests/xpcshell/xpcshell.ini
@@ -69,8 +69,9 @@ skip-if = toolkit == 'android'
 skip-if = !updater
 reason = LOCALE is not defined without MOZ_UPDATER
 [test_UpdateUtils_updatechannel.js]
 [test_web_channel.js]
 [test_web_channel_broker.js]
 [test_ZipUtils.js]
 skip-if = toolkit == 'android'
 [test_Log_stackTrace.js]
+[test_servicerequest_xhr.js]