Bug 1443942 - Block mid-flight redirects to cross origin destinations during media loads. r=jya
authorChris Pearce <cpearce@mozilla.com>
Tue, 06 Mar 2018 09:55:03 +1300
changeset 412492 d8c358ea16eb86d821547f03820399314f55849f
parent 412491 d2b269a30cba2645488b6f67e10a681ba750120c
child 412493 038cca3ed2ca2b4aae354d14a6fbfc8b2e1ed6e5
push id101938
push usercpearce@mozilla.com
push dateTue, 10 Apr 2018 03:44:24 +0000
treeherdermozilla-inbound@41039837009c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjya
bugs1443942
milestone61.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1443942 - Block mid-flight redirects to cross origin destinations during media loads. r=jya There's no compelling use case for mid-flight redirects, and Chrome already blocks it, so there's little point in maintaining it. Add a hidden pref to toggle blocking, so we can toggle it off during testing to ensure that we're blocking a working mid-flight redirect. MozReview-Commit-ID: EnGNmYFr8Uv
dom/media/ChannelMediaDecoder.cpp
dom/media/ChannelMediaResource.cpp
dom/media/DecoderTraits.cpp
dom/media/DecoderTraits.h
dom/media/MediaPrefs.h
--- a/dom/media/ChannelMediaDecoder.cpp
+++ b/dom/media/ChannelMediaDecoder.cpp
@@ -162,19 +162,19 @@ ChannelMediaDecoder::NotifyPrincipalChan
     // We'll receive one notification when the channel's initial principal
     // is known, after all HTTP redirects have resolved. This isn't really a
     // principal change, so return here to avoid the mSameOriginMedia check
     // below.
     mInitialChannelPrincipalKnown = true;
     return;
   }
   if (!mSameOriginMedia &&
-      DecoderTraits::CrossOriginRedirectsProhibited(ContainerType())) {
-    // For some content types we block mid-flight channel redirects to cross
-    // origin destinations due to security constraints. See bug 1441153.
+      Preferences::GetBool("media.block-midflight-redirects", true)) {
+    // Block mid-flight redirects to non CORS same origin destinations.
+    // See bugs 1441153, 1443942.
     LOG("ChannnelMediaDecoder prohibited cross origin redirect blocked.");
     NetworkError(MediaResult(NS_ERROR_DOM_BAD_URI,
                              "Prohibited cross origin redirect blocked"));
   }
 }
 
 void
 ChannelMediaDecoder::ResourceCallback::NotifySuspendedStatusChanged(
--- a/dom/media/ChannelMediaResource.cpp
+++ b/dom/media/ChannelMediaResource.cpp
@@ -280,16 +280,21 @@ ChannelMediaResource::OnStartRequest(nsI
     // Not an HTTP channel. Assume data will be sent from position zero.
     startOffset = 0;
   }
 
   // Update principals before OnDataAvailable() putting the data in the cache.
   // This is important, we want to make sure all principals are updated before
   // any consumer can see the new data.
   UpdatePrincipal();
+  if (owner->HasError()) {
+    // Updating the principal resulted in an error. Abort the load.
+    CloseChannel();
+    return NS_OK;
+  }
 
   mCacheStream.NotifyDataStarted(mLoadID, startOffset, seekable, length);
   mIsTransportSeekable = seekable;
 
   mSuspendAgent.Delegate(mChannel);
 
   // Fires an initial progress event.
   owner->DownloadProgressed();
--- a/dom/media/DecoderTraits.cpp
+++ b/dom/media/DecoderTraits.cpp
@@ -320,16 +320,9 @@ bool DecoderTraits::IsSupportedInVideoDo
     ADTSDecoder::IsSupportedType(*type) ||
     FlacDecoder::IsSupportedType(*type) ||
 #ifdef MOZ_ANDROID_HLS_SUPPORT
     HLSDecoder::IsSupportedType(*type) ||
 #endif
     false;
 }
 
-/* static */
-bool
-DecoderTraits::CrossOriginRedirectsProhibited(const MediaContainerType& aType)
-{
-  return WaveDecoder::IsSupportedType(aType);
-}
-
 } // namespace mozilla
--- a/dom/media/DecoderTraits.h
+++ b/dom/media/DecoderTraits.h
@@ -52,18 +52,14 @@ public:
 
   // Returns true if aType is MIME type of hls.
   static bool IsHttpLiveStreamingType(const MediaContainerType& aType);
 
   // Returns true if aType is matroska type.
   static bool IsMatroskaType(const MediaContainerType& aType);
 
   static bool IsSupportedType(const MediaContainerType& aType);
-
-  // For some content types we block channel redirects to cross origin
-  // destinations due to security constraints. See bug 1441153.
-  static bool CrossOriginRedirectsProhibited(const MediaContainerType& aType);
 };
 
 } // namespace mozilla
 
 #endif
 
--- a/dom/media/MediaPrefs.h
+++ b/dom/media/MediaPrefs.h
@@ -195,16 +195,17 @@ private:
 
   // resume background video decoding when the cursor is hovering over the tab.
   DECL_MEDIA_PREF("media.resume-bkgnd-video-on-tabhover",     ResumeVideoDecodingOnTabHover, bool, false);
 
   DECL_MEDIA_PREF("media.videocontrols.lock-video-orientation",  VideoOrientationLockEnabled, bool, false);
 
   // Media Seamless Looping
   DECL_MEDIA_PREF("media.seamless-looping",                   SeamlessLooping, bool, true);
+
 public:
   // Manage the singleton:
   static MediaPrefs& GetSingleton();
   static bool SingletonExists();
 
 private:
   template<class T> friend class StaticAutoPtr;
   static StaticAutoPtr<MediaPrefs> sInstance;