Bug 1376496 - Part 5 - Don't send child nsILoadInfo's to the parent for requests. r=ckerschb
authorHaik Aftandilian <haftandilian@mozilla.com>
Thu, 20 Jul 2017 11:49:29 -0700
changeset 371107 a3a129c768b6676a1f8f134828626792474f9d92
parent 371106 53d735d834049453a5883e6d3ccbbd60ef06b218
child 371108 f8860e47d9c35e6c133006d16f7e4c75012348c8
push id32240
push usercbook@mozilla.com
push dateThu, 27 Jul 2017 08:56:05 +0000
treeherdermozilla-central@c1ed71da5707 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersckerschb
bugs1376496
milestone56.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1376496 - Part 5 - Don't send child nsILoadInfo's to the parent for requests. r=ckerschb MozReview-Commit-ID: G8fCPL7aLT0
netwerk/ipc/NeckoParent.cpp
netwerk/ipc/NeckoParent.h
netwerk/ipc/PNecko.ipdl
netwerk/protocol/res/ExtensionProtocolHandler.cpp
netwerk/protocol/res/ExtensionProtocolHandler.h
--- a/netwerk/ipc/NeckoParent.cpp
+++ b/netwerk/ipc/NeckoParent.cpp
@@ -957,48 +957,38 @@ NeckoParent::RecvNotifyCurrentTopLevelOu
     NS_WARNING("NS_NotifyCurrentTopLevelOuterContentWindowId failed!");
   }
 
   return IPC_OK();
 }
 
 mozilla::ipc::IPCResult
 NeckoParent::RecvGetExtensionStream(const URIParams& aURI,
-                                    const LoadInfoArgs& aLoadInfo,
                                     GetExtensionStreamResolver&& aResolve)
 {
   nsCOMPtr<nsIURI> deserializedURI = DeserializeURI(aURI);
   if (!deserializedURI) {
     return IPC_FAIL_NO_REASON(this);
   }
 
-  nsCOMPtr<nsILoadInfo> deserializedLoadInfo;
-  nsresult rv;
-  rv = LoadInfoArgsToLoadInfo(aLoadInfo, getter_AddRefs(deserializedLoadInfo));
-  if (NS_FAILED(rv)) {
-    return IPC_FAIL_NO_REASON(this);
-  }
-
   RefPtr<ExtensionProtocolHandler> ph(ExtensionProtocolHandler::GetSingleton());
   MOZ_ASSERT(ph);
 
   // Ask the ExtensionProtocolHandler to give us a new input stream for
   // this URI. The request comes from an ExtensionProtocolHandler in the
   // child process, but is not guaranteed to be a valid moz-extension URI,
   // and not guaranteed to represent a resource that the child should be
   // allowed to access. The ExtensionProtocolHandler is responsible for
   // validating the request. Specifically, only URI's for local files that
   // an extension is allowed to access via moz-extension URI's should be
   // accepted.
   AutoIPCStream autoStream;
   nsCOMPtr<nsIInputStream> inputStream;
   bool terminateSender = true;
-  auto inputStreamOrReason = ph->NewStream(deserializedURI,
-                                           deserializedLoadInfo,
-                                           &terminateSender);
+  auto inputStreamOrReason = ph->NewStream(deserializedURI, &terminateSender);
   if (inputStreamOrReason.isOk()) {
     inputStream = inputStreamOrReason.unwrap();
     ContentParent* contentParent = static_cast<ContentParent*>(Manager());
     Unused << autoStream.Serialize(inputStream, contentParent);
   }
 
   // If NewStream failed, we send back an invalid stream to the child so
   // it can handle the error. MozPromise rejection is reserved for channel
@@ -1009,45 +999,36 @@ NeckoParent::RecvGetExtensionStream(cons
     return IPC_FAIL_NO_REASON(this);
   } else {
     return IPC_OK();
   }
 }
 
 mozilla::ipc::IPCResult
 NeckoParent::RecvGetExtensionFD(const URIParams& aURI,
-                                const OptionalLoadInfoArgs& aLoadInfo,
                                 GetExtensionFDResolver&& aResolve)
 {
   nsCOMPtr<nsIURI> deserializedURI = DeserializeURI(aURI);
   if (!deserializedURI) {
     return IPC_FAIL_NO_REASON(this);
   }
 
-  nsCOMPtr<nsILoadInfo> deserializedLoadInfo;
-  nsresult rv;
-  rv = LoadInfoArgsToLoadInfo(aLoadInfo, getter_AddRefs(deserializedLoadInfo));
-  if (NS_FAILED(rv)) {
-    return IPC_FAIL_NO_REASON(this);
-  }
-
   RefPtr<ExtensionProtocolHandler> ph(ExtensionProtocolHandler::GetSingleton());
   MOZ_ASSERT(ph);
 
   // Ask the ExtensionProtocolHandler to give us a new input stream for
   // this URI. The request comes from an ExtensionProtocolHandler in the
   // child process, but is not guaranteed to be a valid moz-extension URI,
   // and not guaranteed to represent a resource that the child should be
   // allowed to access. The ExtensionProtocolHandler is responsible for
   // validating the request. Specifically, only URI's for local files that
   // an extension is allowed to access via moz-extension URI's should be
   // accepted.
   bool terminateSender = true;
-  auto result = ph->NewFD(deserializedURI, deserializedLoadInfo,
-                          &terminateSender, aResolve);
+  auto result = ph->NewFD(deserializedURI, &terminateSender, aResolve);
 
   if (result.isErr() && terminateSender) {
     return IPC_FAIL_NO_REASON(this);
   }
 
   if (result.isErr()) {
     FileDescriptor invalidFD;
     aResolve(invalidFD);
--- a/netwerk/ipc/NeckoParent.h
+++ b/netwerk/ipc/NeckoParent.h
@@ -235,21 +235,19 @@ protected:
 
   virtual mozilla::ipc::IPCResult RecvRemoveRequestContext(const uint64_t& rcid) override;
 
   virtual mozilla::ipc::IPCResult RecvNotifyCurrentTopLevelOuterContentWindowId(const uint64_t& aWindowId) override;
 
   /* WebExtensions */
   virtual mozilla::ipc::IPCResult
     RecvGetExtensionStream(const URIParams& aURI,
-                           const LoadInfoArgs& aLoadInfo,
                            GetExtensionStreamResolver&& aResolve) override;
 
   virtual mozilla::ipc::IPCResult
     RecvGetExtensionFD(const URIParams& aURI,
-                       const OptionalLoadInfoArgs& aLoadInfo,
                        GetExtensionFDResolver&& aResolve) override;
 };
 
 } // namespace net
 } // namespace mozilla
 
 #endif // mozilla_net_NeckoParent_h
--- a/netwerk/ipc/PNecko.ipdl
+++ b/netwerk/ipc/PNecko.ipdl
@@ -126,20 +126,18 @@ parent:
 
   async PStunAddrsRequest();
 
   prio(high) async NotifyCurrentTopLevelOuterContentWindowId(uint64_t windowId);
 
   /**
    * WebExtension-specific remote resource loading
    */
-  async GetExtensionStream(URIParams uri, LoadInfoArgs loadInfo) returns
-                          (OptionalIPCStream stream);
-  async GetExtensionFD(URIParams uri, OptionalLoadInfoArgs loadInfo) returns
-                      (FileDescriptor fd);
+  async GetExtensionStream(URIParams uri) returns (OptionalIPCStream stream);
+  async GetExtensionFD(URIParams uri) returns (FileDescriptor fd);
 
 child:
   /*
    * Bring up the http auth prompt for a nested remote mozbrowser.
    * NestedFrameId is the id corresponding to the PBrowser.  It is the same id
    * that was passed to the PBrowserOrId param in to the PHttpChannel constructor
    */
   async AsyncAuthPromptForNestedFrame(TabId nestedFrameId, nsCString uri,
--- a/netwerk/protocol/res/ExtensionProtocolHandler.cpp
+++ b/netwerk/protocol/res/ExtensionProtocolHandler.cpp
@@ -15,16 +15,17 @@
 #include "mozilla/net/NeckoChild.h"
 #include "mozilla/RefPtr.h"
 
 #include "FileDescriptor.h"
 #include "FileDescriptorFile.h"
 #include "LoadInfo.h"
 #include "nsContentUtils.h"
 #include "nsServiceManagerUtils.h"
+#include "nsContentUtils.h"
 #include "nsIFile.h"
 #include "nsIFileChannel.h"
 #include "nsIFileStreams.h"
 #include "nsIFileURL.h"
 #include "nsIJARChannel.h"
 #include "nsIMIMEService.h"
 #include "nsIURL.h"
 #include "nsIChannel.h"
@@ -248,38 +249,34 @@ ExtensionStreamGetter::GetAsync(nsIStrea
 
   mListener = aListener;
   mChannel = aChannel;
 
   // Serialize the URI to send to parent
   mozilla::ipc::URIParams uri;
   SerializeURI(mURI, uri);
 
-  // Serialize the LoadInfo to send to parent
-  OptionalLoadInfoArgs loadInfo;
-  NS_TRY(mozilla::ipc::LoadInfoToLoadInfoArgs(mLoadInfo, &loadInfo));
-
   RefPtr<ExtensionStreamGetter> self = this;
   if (mIsJarChannel) {
     // Request an FD for this moz-extension URI
-    gNeckoChild->SendGetExtensionFD(uri, loadInfo)->Then(
+    gNeckoChild->SendGetExtensionFD(uri)->Then(
       mMainThreadEventTarget,
       __func__,
       [self] (const FileDescriptor& fd) {
         self->OnFD(fd);
       },
       [self] (const mozilla::ipc::PromiseRejectReason) {
         self->OnFD(FileDescriptor());
       }
     );
     return Ok();
   }
 
   // Request an input stream for this moz-extension URI
-  gNeckoChild->SendGetExtensionStream(uri, loadInfo)->Then(
+  gNeckoChild->SendGetExtensionStream(uri)->Then(
     mMainThreadEventTarget,
     __func__,
     [self] (const OptionalIPCStream& stream) {
       nsCOMPtr<nsIInputStream> inputStream;
       if (stream.type() == OptionalIPCStream::OptionalIPCStream::TIPCStream) {
         inputStream = ipc::DeserializeIPCStream(stream);
       }
       self->OnStream(inputStream);
@@ -550,23 +547,20 @@ ExtensionProtocolHandler::DevRepoContain
     NS_TRY(mDevRepo->Contains(aRequestedFile, aResult));
   }
 
   return Ok();
 }
 #endif /* !defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX) */
 
 Result<nsCOMPtr<nsIInputStream>, nsresult>
-ExtensionProtocolHandler::NewStream(nsIURI* aChildURI,
-                                    nsILoadInfo* aChildLoadInfo,
-                                    bool* aTerminateSender)
+ExtensionProtocolHandler::NewStream(nsIURI* aChildURI, bool* aTerminateSender)
 {
   MOZ_ASSERT(!IsNeckoChild());
   NS_TRY(aChildURI ? NS_OK : NS_ERROR_INVALID_ARG);
-  NS_TRY(aChildLoadInfo ? NS_OK : NS_ERROR_INVALID_ARG);
   NS_TRY(aTerminateSender ? NS_OK : NS_ERROR_INVALID_ARG);
 
   *aTerminateSender = true;
   nsresult rv;
 
   // We should never receive a URI that isn't for a moz-extension because
   // these requests ordinarily come from the child's ExtensionProtocolHandler.
   // Ensure this request is for a moz-extension URI. A rogue child process
@@ -609,20 +603,25 @@ ExtensionProtocolHandler::NewStream(nsIU
     return Err(NS_ERROR_FILE_NOT_DIRECTORY);
   }
 
   /*
    * Now get a channel for the resolved child URI and make sure the
    * channel is a file channel.
    */
 
+  // We use the system principal to get a file channel for the request,
+  // but only after we've checked (above) that the child URI is of
+  // moz-extension scheme and that the URI host maps to a directory.
   nsCOMPtr<nsIChannel> channel;
-  NS_TRY(NS_NewChannelInternal(getter_AddRefs(channel),
-                               aChildURI,
-                               aChildLoadInfo));
+  NS_TRY(NS_NewChannel(getter_AddRefs(channel),
+                       aChildURI,
+                       nsContentUtils::GetSystemPrincipal(),
+                       nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
+                       nsIContentPolicy::TYPE_OTHER));
 
   // Channel should be a file channel. It should never be a JAR
   // channel because we only request remote streams for unpacked
   // extension resource loads where the URI resolves to a file.
   nsCOMPtr<nsIFileChannel> fileChannel = do_QueryInterface(channel, &rv);
   NS_TRY(rv);
 
   nsCOMPtr<nsIFile> requestedFile;
@@ -666,23 +665,21 @@ ExtensionProtocolHandler::NewStream(nsIU
                                     -1,
                                     nsIFileInputStream::DEFER_OPEN));
 
   return inputStream;
 }
 
 Result<Ok, nsresult>
 ExtensionProtocolHandler::NewFD(nsIURI* aChildURI,
-                                nsILoadInfo* aChildLoadInfo,
                                 bool* aTerminateSender,
                                 NeckoParent::GetExtensionFDResolver& aResolve)
 {
   MOZ_ASSERT(!IsNeckoChild());
   NS_TRY(aChildURI ? NS_OK : NS_ERROR_INVALID_ARG);
-  NS_TRY(aChildLoadInfo ? NS_OK : NS_ERROR_INVALID_ARG);
   NS_TRY(aTerminateSender ? NS_OK : NS_ERROR_INVALID_ARG);
 
   *aTerminateSender = true;
   nsresult rv;
 
   // Ensure this is a moz-extension URI
   bool isExtScheme = false;
   if (NS_FAILED(aChildURI->SchemeIs(EXTENSION_SCHEME, &isExtScheme)) ||
--- a/netwerk/protocol/res/ExtensionProtocolHandler.h
+++ b/netwerk/protocol/res/ExtensionProtocolHandler.h
@@ -27,56 +27,52 @@ public:
   static already_AddRefed<ExtensionProtocolHandler> GetSingleton();
 
   /**
    * To be called in the parent process to obtain an input stream for a
    * a web accessible resource from an unpacked WebExtension dir.
    *
    * @param aChildURI a moz-extension URI sent from the child that refers
    *        to a web accessible resource file in an enabled unpacked extension
-   * @param aChildLoadInfo the loadinfo for the request sent from the child
    * @param aTerminateSender out param set to true when the params are invalid
    *        and indicate the child should be terminated. If |aChildURI| is
    *        not a moz-extension URI, the child is in an invalid state and
    *        should be terminated.
    * @return NS_OK with |aTerminateSender| set to false on success. On
    *         failure, returns an error and sets |aTerminateSender| to indicate
    *         whether or not the child process should be terminated.
    *         A moz-extension URI from the child that doesn't resolve to a
    *         resource file within the extension could be the result of a bug
    *         in the extension and doesn't result in |aTerminateSender| being
    *         set to true.
    */
   Result<nsCOMPtr<nsIInputStream>, nsresult> NewStream(nsIURI* aChildURI,
-                                                       nsILoadInfo* aChildLoadInfo,
                                                        bool* aTerminateSender);
 
   /**
    * To be called in the parent process to obtain a file descriptor for an
    * enabled WebExtension JAR file.
    *
    * @param aChildURI a moz-extension URI sent from the child that refers
    *        to a web accessible resource file in an enabled unpacked extension
-   * @param aChildLoadInfo the loadinfo for the request sent from the child
    * @param aTerminateSender out param set to true when the params are invalid
    *        and indicate the child should be terminated. If |aChildURI| is
    *        not a moz-extension URI, the child is in an invalid state and
    *        should be terminated.
    * @param aPromise a promise that will be resolved asynchronously when the
    *        file descriptor is available.
    * @return NS_OK with |aTerminateSender| set to false on success. On
    *         failure, returns an error and sets |aTerminateSender| to indicate
    *         whether or not the child process should be terminated.
    *         A moz-extension URI from the child that doesn't resolve to an
    *         enabled WebExtension JAR could be the result of a bug in the
    *         extension and doesn't result in |aTerminateSender| being
    *         set to true.
    */
   Result<Ok, nsresult> NewFD(nsIURI* aChildURI,
-                             nsILoadInfo* aChildLoadInfo,
                              bool* aTerminateSender,
                              NeckoParent::GetExtensionFDResolver& aResolve);
 
 protected:
   ~ExtensionProtocolHandler() {}
 
 private:
   explicit ExtensionProtocolHandler();