Bug 1432949 - Allow system principal initialize a channel for revoked blob URLs r=geckoview-reviewers,snorp,baku,ckerschb
authorowlishDeveloper <bugzeeeeee@gmail.com>
Wed, 20 May 2020 14:39:28 +0000
changeset 531247 8b425b5dfb9f08cf17fab269b91b01aa861208b4
parent 531246 862f6454d127fa4d10c6e96995470de0e1e20512
child 531248 2c5eea62791725beabc11d5fcfe17f0c5f515860
push id37436
push userncsoregi@mozilla.com
push dateWed, 20 May 2020 21:30:50 +0000
treeherdermozilla-central@6c10970490f3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgeckoview-reviewers, snorp, baku, ckerschb
bugs1432949
milestone78.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1432949 - Allow system principal initialize a channel for revoked blob URLs r=geckoview-reviewers,snorp,baku,ckerschb Differential Revision: https://phabricator.services.mozilla.com/D75659
dom/file/uri/BlobURLProtocolHandler.cpp
--- a/dom/file/uri/BlobURLProtocolHandler.cpp
+++ b/dom/file/uri/BlobURLProtocolHandler.cpp
@@ -798,17 +798,25 @@ BlobURLProtocolHandler::NewChannel(nsIUR
   MOZ_ASSERT(NS_IsMainThread(),
              "without locking gDataTable is main-thread only");
   DataInfo* info = GetDataInfoFromURI(aURI, true /*aAlsoIfRevoked */);
   if (!info || info->mObjectType != DataInfo::eBlobImpl || !info->mBlobImpl) {
     return NS_OK;
   }
 
   if (blobURL->Revoked()) {
+#ifdef MOZ_WIDGET_ANDROID
+    // if the channel was not triggered by the system principal,
+    // then we return here because the URL had been revoked
+    if (aLoadInfo && !aLoadInfo->TriggeringPrincipal()->IsSystemPrincipal()) {
+      return NS_OK;
+    }
+#else
     return NS_OK;
+#endif
   }
 
   // We want to be sure that we stop the creation of the channel if the blob URL
   // is copy-and-pasted on a different context (ex. private browsing or
   // containers).
   //
   // We also allow the system principal to create the channel regardless of the
   // OriginAttributes.  This is primarily for the benefit of mechanisms like