Bug 1502599: XHR should allow just "GET" method for blob URLs, r=smaug
authorAndrea Marchesini <amarchesini@mozilla.com>
Tue, 30 Oct 2018 22:07:32 +0100
changeset 443653 26bc7f3c808d5346c4c63cc1cde671bdffc9458c
parent 443652 d5c6b95843e380e6fd7870d9e7d3847ff331888f
child 443654 dff3cfb50f190bdcde65d7d1bda09222df9f7600
push id34964
push useraciure@mozilla.com
push dateWed, 31 Oct 2018 05:08:54 +0000
treeherdermozilla-central@1c5ee1a29757 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssmaug
bugs1502599
milestone65.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1502599: XHR should allow just "GET" method for blob URLs, r=smaug
dom/workers/test/mochitest.ini
dom/workers/test/test_bug1317725.html
dom/workers/test/test_bug1317725.js
dom/xhr/XMLHttpRequestMainThread.cpp
dom/xhr/XMLHttpRequestWorker.cpp
testing/web-platform/meta/FileAPI/url/sandboxed-iframe.html.ini
testing/web-platform/meta/FileAPI/url/url-with-xhr.any.js.ini
--- a/dom/workers/test/mochitest.ini
+++ b/dom/workers/test/mochitest.ini
@@ -191,11 +191,12 @@ scheme=https
 [test_sharedWorker_lifetime.html]
 [test_navigator_workers_hardwareConcurrency.html]
 [test_bug1278777.html]
 [test_setTimeoutWith0.html]
 [test_bug1301094.html]
 [test_subworkers_suspended.html]
 skip-if = toolkit == 'android' #bug 1366501
 [test_bug1317725.html]
+support-files = test_bug1317725.js
 [test_sharedworker_event_listener_leaks.html]
 skip-if = (bits == 64 && os == 'linux' && asan && !debug) # Disabled on Linux64 opt asan, bug 1493563
 [test_fileReaderSync_when_closing.html]
--- a/dom/workers/test/test_bug1317725.html
+++ b/dom/workers/test/test_bug1317725.html
@@ -8,41 +8,28 @@
   <title>Test for bug 1317725</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 </head>
 <body>
 
 <input type="file" id="file" />
 
-<script type="text/js-worker" id="worker-src">
-onmessage = function(e) {
-  var data = new FormData();
-  data.append('Filedata', e.data.slice(0, 127), encodeURI(e.data.name));
-  var xhr = new XMLHttpRequest();
-  xhr.open('POST', location.href, false);
-  xhr.send(data);
-  postMessage("No crash \\o/");
-}
-</script>
-
 <script class="testbody" type="text/javascript">
 
 SimpleTest.waitForExplicitFinish();
 
 var url = SimpleTest.getTestFileURL("script_createFile.js");
 script = SpecialPowers.loadChromeScript(url);
 
 function onOpened(message) {
   var input = document.getElementById('file');
   SpecialPowers.wrap(input).mozSetFileArray([message.data]);
 
-  var blob = new Blob([ document.getElementById("worker-src").textContent ],
-                      { type: "text/javascript" });
-  var worker = new Worker(URL.createObjectURL(blob));
+  var worker = new Worker("test_bug1317725.js");
   worker.onerror = function(e) {
     ok(false, "We should not see any error.");
     SimpleTest.finish();
   }
 
   worker.onmessage = function(e) {
     ok(e.data, "Everything seems OK on the worker-side.");
     SimpleTest.finish();
new file mode 100644
--- /dev/null
+++ b/dom/workers/test/test_bug1317725.js
@@ -0,0 +1,8 @@
+onmessage = function(e) {
+  var data = new FormData();
+  data.append('Filedata', e.data.slice(0, 127), encodeURI(e.data.name));
+  var xhr = new XMLHttpRequest();
+  xhr.open('POST', location.href, false);
+  xhr.send(data);
+  postMessage("No crash \\o/");
+}
--- a/dom/xhr/XMLHttpRequestMainThread.cpp
+++ b/dom/xhr/XMLHttpRequestMainThread.cpp
@@ -2878,16 +2878,22 @@ XMLHttpRequestMainThread::SendInternal(c
   // If open() failed to create the channel, then throw a network error
   // as per spec. We really should create the channel here in send(), but
   // we have internal code relying on the channel being created in open().
   if (!mChannel) {
     mFlagSend = true; // so CloseRequestWithError sets us to DONE.
     return MaybeSilentSendFailure(NS_ERROR_DOM_NETWORK_ERR);
   }
 
+  // non-GET requests aren't allowed for blob.
+  if (IsBlobURI(mRequestURL) && !mRequestMethod.EqualsLiteral("GET")) {
+    mFlagSend = true; // so CloseRequestWithError sets us to DONE.
+    return MaybeSilentSendFailure(NS_ERROR_DOM_NETWORK_ERR);
+  }
+
   // XXX We should probably send a warning to the JS console
   //     if there are no event listeners set and we are doing
   //     an asynchronous call.
 
   mUploadTransferred = 0;
   mUploadTotal = 0;
   // By default we don't have any upload, so mark upload complete.
   mUploadComplete = true;
--- a/dom/xhr/XMLHttpRequestWorker.cpp
+++ b/dom/xhr/XMLHttpRequestWorker.cpp
@@ -1293,23 +1293,16 @@ EventRunnable::WorkerRun(JSContext* aCx,
 
   state->mReadyState = mReadyState;
 
   state->mResponseURL = mResponseURL;
 
   XMLHttpRequestWorker* xhr = mProxy->mXMLHttpRequestPrivate;
   xhr->UpdateState(*state.get(), mUseCachedArrayBufferResponse);
 
-  if (mType.EqualsASCII(sEventStrings[STRING_readystatechange])) {
-    if (mReadyState == 4 && !mUploadEvent && !mProxy->mSeenLoadStart) {
-      // We've already dispatched premature abort events.
-      return true;
-    }
-  }
-
   if (mUploadEvent && !xhr->GetUploadObjectNoCreate()) {
     return true;
   }
 
   XMLHttpRequestEventTarget* target;
   if (mUploadEvent) {
     target = xhr->GetUploadObjectNoCreate();
   }
--- a/testing/web-platform/meta/FileAPI/url/sandboxed-iframe.html.ini
+++ b/testing/web-platform/meta/FileAPI/url/sandboxed-iframe.html.ini
@@ -7,34 +7,16 @@
       if debug and e10s and (os == "mac") and (version == "OS X 10.10.5") and (processor == "x86_64") and (bits == 64): FAIL
 
   [Only exact matches should revoke URLs, using XHR]
     expected: FAIL
 
   [Appending a query string should cause XHR to fail]
     expected: FAIL
 
-  [XHR with method "HEAD" should fail]
-    expected: FAIL
-
-  [XHR with method "POST" should fail]
-    expected: FAIL
-
-  [XHR with method "DELETE" should fail]
-    expected: FAIL
-
-  [XHR with method "OPTIONS" should fail]
-    expected: FAIL
-
-  [XHR with method "PUT" should fail]
-    expected: FAIL
-
-  [XHR with method "CUSTOM" should fail]
-    expected: FAIL
-
   [Only exact matches should revoke URLs, using fetch]
     expected: FAIL
 
   [Appending a query string should cause fetch to fail]
     expected: FAIL
 
   [Revoke blob URL after creating Request, will fetch]
     expected: FAIL
--- a/testing/web-platform/meta/FileAPI/url/url-with-xhr.any.js.ini
+++ b/testing/web-platform/meta/FileAPI/url/url-with-xhr.any.js.ini
@@ -1,51 +1,15 @@
 [url-with-xhr.any.worker.html]
   [Only exact matches should revoke URLs, using XHR]
     expected: FAIL
 
   [Appending a query string should cause XHR to fail]
     expected: FAIL
 
-  [XHR with method "HEAD" should fail]
-    expected: FAIL
-
-  [XHR with method "POST" should fail]
-    expected: FAIL
-
-  [XHR with method "DELETE" should fail]
-    expected: FAIL
-
-  [XHR with method "OPTIONS" should fail]
-    expected: FAIL
-
-  [XHR with method "PUT" should fail]
-    expected: FAIL
-
-  [XHR with method "CUSTOM" should fail]
-    expected: FAIL
-
 
 [url-with-xhr.any.html]
   [Only exact matches should revoke URLs, using XHR]
     expected: FAIL
 
   [Appending a query string should cause XHR to fail]
     expected: FAIL
 
-  [XHR with method "HEAD" should fail]
-    expected: FAIL
-
-  [XHR with method "POST" should fail]
-    expected: FAIL
-
-  [XHR with method "DELETE" should fail]
-    expected: FAIL
-
-  [XHR with method "OPTIONS" should fail]
-    expected: FAIL
-
-  [XHR with method "PUT" should fail]
-    expected: FAIL
-
-  [XHR with method "CUSTOM" should fail]
-    expected: FAIL
-