Bug 807852 - Position of real request is predictable in Completion requests. r=dcamp
authorGian-Carlo Pascutto <gpascutto@mozilla.com>
Sat, 03 Nov 2012 01:53:11 +0100
changeset 112209 2718739a1c835fe960dfee9b91d717c2c4e30f6f
parent 112208 a82389691227e07d67735eab8f9cfb33583d83dd
child 112236 63643a0306fd80ee7d209fa85ad445ca013b17a2
push id23799
push usergpascutto@mozilla.com
push dateSat, 03 Nov 2012 00:54:01 +0000
treeherdermozilla-central@2718739a1c83 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersdcamp
bugs807852
milestone19.0a1
first release with
nightly linux32
2718739a1c83 / 19.0a1 / 20121103030715 / files
nightly linux64
2718739a1c83 / 19.0a1 / 20121103030715 / files
nightly mac
2718739a1c83 / 19.0a1 / 20121103030715 / files
nightly win32
2718739a1c83 / 19.0a1 / 20121103030715 / files
nightly win64
2718739a1c83 / 19.0a1 / 20121103030715 / files
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
releases
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 807852 - Position of real request is predictable in Completion requests. r=dcamp
toolkit/components/url-classifier/nsUrlClassifierHashCompleter.js
--- a/toolkit/components/url-classifier/nsUrlClassifierHashCompleter.js
+++ b/toolkit/components/url-classifier/nsUrlClassifierHashCompleter.js
@@ -307,16 +307,26 @@ HashCompleterRequest.prototype = {
 
     for (let i = 0; i < this._requests.length; i++) {
       let request = this._requests[i];
       if (prefixes.indexOf(request.partialHash) == -1) {
         prefixes.push(request.partialHash);
       }
     }
 
+    // Randomize the order to obscure the original request from noise
+    // unbiased Fisher-Yates shuffle
+    let i = prefixes.length;
+    while (i--) {
+      let j = Math.floor(Math.random() * (i + 1));
+      let temp = prefixes[i];
+      prefixes[i] = prefixes[j];
+      prefixes[j] = temp;
+    }
+
     let body;
     body = PARTIAL_LENGTH + ":" + (PARTIAL_LENGTH * prefixes.length) +
            "\n" + prefixes.join("");
 
     return body;
   },
 
   // Sets the request body of this._channel.