Bug 1433030 - Stop nsTransferable writing to /tmp in PB windows r=jdm
authorArthur Edelstein <arthuredelstein@gmail.com>
Mon, 12 Feb 2018 10:34:00 +0200
changeset 403568 9e19b58d64947fceb81a7d8713e4d5dc1308cf0c
parent 403567 996deca6cc2d893514d9552d9097365ea7de71e6
child 403569 bf20a59521ad778870cb0da31be56de1e23e574d
push id99825
push usershindli@mozilla.com
push dateTue, 13 Feb 2018 10:30:49 +0000
treeherdermozilla-inbound@bf20a59521ad [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjdm
bugs1433030, 21830
milestone60.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1433030 - Stop nsTransferable writing to /tmp in PB windows r=jdm We shouldn't assume it's safe to write to /tmp unless we know for sure we are not in a private browsing window. So use mPrivateData = true as default. Based on a patch by Neill Miller: https://trac.torproject.org/projects/tor/ticket/21830
widget/nsTransferable.cpp
widget/tests/test_bug1123480.xul
--- a/widget/nsTransferable.cpp
+++ b/widget/nsTransferable.cpp
@@ -217,17 +217,17 @@ DataStruct::ReadCache(nsISupports** aDat
 
 
 //-------------------------------------------------------------------------
 //
 // Transferable constructor
 //
 //-------------------------------------------------------------------------
 nsTransferable::nsTransferable()
-  : mPrivateData(false)
+  : mPrivateData(true)
   , mContentPolicyType(nsIContentPolicy::TYPE_OTHER)
 #ifdef DEBUG
   , mInitialized(false)
 #endif
 {
 }
 
 //-------------------------------------------------------------------------
--- a/widget/tests/test_bug1123480.xul
+++ b/widget/tests/test_bug1123480.xul
@@ -32,46 +32,49 @@ https://bugzilla.mozilla.org/show_bug.cg
         clipboardFile.remove(false);
     }
     ok(!clipboardFile.exists(), "failed to presanitize the environment");
 
     // Overflow a nsTransferable region by using the clipboard helper
     const gClipboardHelper = Components.classes["@mozilla.org/widget/clipboardhelper;1"].getService(Components.interfaces.nsIClipboardHelper);
     gClipboardHelper.copyString(Ipsum);
 
-    // Disabled private browsing mode should cache large selections to disk
-    ok(clipboardFile.exists(), "correctly saved memory by caching to disk");
+    // Undefined private browsing mode should not cache to disk
+    ok(!clipboardFile.exists(), "correctly avoided caching to disk when PBM is undefined");
 
-    // Sanitize environment again
-    if (clipboardFile.exists()) {
-        clipboardFile.remove(false);
-    }
-    ok(!clipboardFile.exists(), "failed to postsanitize the environment");
-
-    // Repeat procedure of plain text selection with private browsing enabled
+    // Repeat procedure of plain text selection with private browsing
+    // disabled and enabled
     ChromeUtils.import("resource://gre/modules/PrivateBrowsingUtils.jsm");
-    var Winpriv = window.open("about:blank", "_blank", "chrome, width=500, height=200, private");
-    ok(Winpriv, "failed to open private window");
-    ok(PrivateBrowsingUtils.isContentWindowPrivate(Winpriv), "correctly used a private window context");
+    ChromeUtils.import('resource://gre/modules/Services.jsm');
+    for (let private of [false, true]) {
+      // Sanitize environment again
+      if (clipboardFile.exists()) {
+          clipboardFile.remove(false);
+      }
+      ok(!clipboardFile.exists(), "failed to postsanitize the environment");
 
-    // Select plaintext in private channel
-    ChromeUtils.import('resource://gre/modules/Services.jsm');
-    const nsTransferable = Components.Constructor("@mozilla.org/widget/transferable;1", "nsITransferable");
-    const nsSupportsString = Components.Constructor("@mozilla.org/supports-string;1", "nsISupportsString");
-    var Loadctx = PrivateBrowsingUtils.privacyContextFromWindow(Winpriv);
-    var Transfer = nsTransferable();
-    var Suppstr = nsSupportsString();
-    Suppstr.data = Ipsum;
-    Transfer.init(Loadctx);
-    Transfer.addDataFlavor("text/plain");
-    Transfer.setTransferData("text/plain", Suppstr, Ipsum.length);
-    Services.clipboard.setData(Transfer, null, Services.clipboard.kGlobalClipboard);
+      var win = window.open("about:blank", "_blank", "chrome, width=500, height=200" + (private ? ", private" : ""));
+      ok(win, "failed to open private window");
+      is(PrivateBrowsingUtils.isContentWindowPrivate(win), private, "used correct window context");
 
-    // Enabled private browsing mode should not cache any selection to disk
-    ok(!clipboardFile.exists(), "did not violate private browsing mode");
+      // Select plaintext in private channel
+      const nsTransferable = Components.Constructor("@mozilla.org/widget/transferable;1", "nsITransferable");
+      const nsSupportsString = Components.Constructor("@mozilla.org/supports-string;1", "nsISupportsString");
+      var Loadctx = PrivateBrowsingUtils.privacyContextFromWindow(win);
+      var Transfer = nsTransferable();
+      var Suppstr = nsSupportsString();
+      Suppstr.data = Ipsum;
+      Transfer.init(Loadctx);
+      Transfer.addDataFlavor("text/plain");
+      Transfer.setTransferData("text/plain", Suppstr, Ipsum.length);
+      Services.clipboard.setData(Transfer, null, Services.clipboard.kGlobalClipboard);
+
+      // Enabled private browsing mode should not cache any selection to disk; disabled should
+      is(!clipboardFile.exists(), private, "did not violate private browsing mode");
+    }
   }
   ]]>
   </script>
 
   <!-- test results are displayed in the html:body -->
   <body xmlns="http://www.w3.org/1999/xhtml">
   <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1123480"
      target="_blank">Mozilla Bug 1123480</a>