Bug 1354633 - When privacy.resistFingerprinting = true, MediaError.message can only get whitelisted messages r=arthuredelstein,jwwang
authorChung-Sheng Fu <cfu@mozilla.com>
Fri, 04 Aug 2017 18:46:26 +0800
changeset 378307 120bb4c9f8aaf17fbb50d21573d778a705fe303a
parent 378306 53f5d47a7cb0f32f7cc1281f8ca5ce5f855e3fc4
child 378308 bdd7fa60afcf91bd67e10ce16d14a753c70b7fa9
push id32428
push userarchaeopteryx@coole-files.de
push dateSat, 02 Sep 2017 08:52:28 +0000
treeherdermozilla-central@b01a7e57425b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersarthuredelstein, jwwang
bugs1354633
milestone57.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1354633 - When privacy.resistFingerprinting = true, MediaError.message can only get whitelisted messages r=arthuredelstein,jwwang MozReview-Commit-ID: mYBftzcZT5
dom/html/MediaError.cpp
--- a/dom/html/MediaError.cpp
+++ b/dom/html/MediaError.cpp
@@ -1,17 +1,24 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "mozilla/dom/MediaError.h"
+
+#include <string>
+#include <unordered_set>
+
 #include "nsDOMClassInfoID.h"
 #include "mozilla/dom/MediaErrorBinding.h"
+#include "nsContentUtils.h"
+#include "nsIScriptError.h"
+#include "jsapi.h"
 
 namespace mozilla {
 namespace dom {
 
 NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(MediaError, mParent)
 NS_IMPL_CYCLE_COLLECTING_ADDREF(MediaError)
 NS_IMPL_CYCLE_COLLECTING_RELEASE(MediaError)
 
@@ -26,16 +33,60 @@ MediaError::MediaError(HTMLMediaElement*
   , mCode(aCode)
   , mMessage(aMessage)
 {
 }
 
 void
 MediaError::GetMessage(nsAString& aResult) const
 {
+  // When fingerprinting resistance is enabled, only messages in this list
+  // can be returned to content script.
+  static const std::unordered_set<std::string> whitelist = {
+    "404: Not Found"
+    // TODO
+  };
+
+  bool shouldBlank = (whitelist.find(mMessage.get()) == whitelist.end());
+
+  if (shouldBlank) {
+    // Print a warning message to JavaScript console to alert developers of
+    // a non-whitelisted error message.
+    nsAutoCString message =
+      NS_LITERAL_CSTRING(
+        "This error message will be blank when privacy.resistFingerprinting = true."
+        "  If it is really necessary, please add it to the whitelist in"
+        " MediaError::GetMessage: ") +
+      mMessage;
+    nsIDocument* ownerDoc = mParent->OwnerDoc();
+    AutoJSAPI api;
+    if (api.Init(ownerDoc->GetScopeObject())) {
+      // We prefer this API because it can also print to our debug log and
+      // try server's log viewer.
+      JS_ReportWarningASCII(api.cx(), "%s", message.get());
+    } else {
+      // If failed to use JS_ReportWarningASCII, fall back to
+      // nsContentUtils::ReportToConsoleNonLocalized, which can only print to
+      // JavaScript console.
+      nsContentUtils::ReportToConsoleNonLocalized(
+        NS_ConvertASCIItoUTF16(message),
+        nsIScriptError::warningFlag,
+        NS_LITERAL_CSTRING("MediaError"),
+        ownerDoc
+      );
+    }
+  }
+
+  if (!nsContentUtils::IsCallerChrome() &&
+      nsContentUtils::ShouldResistFingerprinting() &&
+      shouldBlank) {
+    aResult.Truncate();
+    return;
+  }
+
   CopyUTF8toUTF16(mMessage, aResult);
 }
 
 JSObject*
 MediaError::WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto)
 {
   return MediaErrorBinding::Wrap(aCx, this, aGivenProto);
 }