Bug 1167808 P2 Block opaque response interception if pref is disabled. r=ehsan
☠☠ backed out by 48347c4899df ☠ ☠
authorBen Kelly <ben@wanderview.com>
Thu, 02 Jul 2015 14:34:00 -0700
changeset 251199 e8ac89eafb1dd37afe6660bad5e162acfd366c78
parent 251198 48abf470ef5b50ab1e8d1229a866c29adf130622
child 251200 9c94c759a0fb72e13ca17c73fcf79d27e25214b6
push id61794
push userbkelly@mozilla.com
push dateThu, 02 Jul 2015 21:34:03 +0000
treeherdermozilla-inbound@1c9c72d93973 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersehsan
bugs1167808
milestone42.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1167808 P2 Block opaque response interception if pref is disabled. r=ehsan
dom/workers/ServiceWorkerEvents.cpp
--- a/dom/workers/ServiceWorkerEvents.cpp
+++ b/dom/workers/ServiceWorkerEvents.cpp
@@ -227,36 +227,43 @@ RespondWithHandler::ResolvedCallback(JSC
   }
 
   nsRefPtr<Response> response;
   nsresult rv = UNWRAP_OBJECT(Response, &aValue.toObject(), response);
   if (NS_FAILED(rv)) {
     return;
   }
 
+  WorkerPrivate* worker = GetCurrentThreadWorkerPrivate();
+  MOZ_ASSERT(worker);
+  worker->AssertIsOnWorkerThread();
+
+  // Allow opaque response interception to be disabled until we can ensure the
+  // security implications are not a complete disaster.
+  if (response->Type() == ResponseType::Opaque &&
+      !worker->OpaqueInterceptionEnabled()) {
+    return;
+  }
+
   // Section 4.2, step 2.2 "If either response's type is "opaque" and request's
   // mode is not "no-cors" or response's type is error, return a network error."
   if (((response->Type() == ResponseType::Opaque) && (mRequestMode != RequestMode::No_cors)) ||
       response->Type() == ResponseType::Error) {
     return;
   }
 
   if (NS_WARN_IF(response->BodyUsed())) {
     return;
   }
 
   nsRefPtr<InternalResponse> ir = response->GetInternalResponse();
   if (NS_WARN_IF(!ir)) {
     return;
   }
 
-  WorkerPrivate* worker = GetCurrentThreadWorkerPrivate();
-  MOZ_ASSERT(worker);
-  worker->AssertIsOnWorkerThread();
-
   nsAutoPtr<RespondWithClosure> closure(
       new RespondWithClosure(mInterceptedChannel, ir, worker->GetChannelInfo()));
   nsCOMPtr<nsIInputStream> body;
   response->GetBody(getter_AddRefs(body));
   // Errors and redirects may not have a body.
   if (body) {
     response->SetBodyUsed();