Backed out 2 changesets (bug 1636629) for causing xpcshell failures on test_ext_permissions_api.js. CLOSED TREE
authorIulian Moraru <imoraru@mozilla.com>
Mon, 25 Oct 2021 22:17:27 +0300
changeset 596879 a5bba1f25e5ab6085648c5906cecbfe9417e74e3
parent 596878 965cddea02f0ddb9216f35985070277d937db232
child 596880 9a3b77c276a9a80d328d6e8f11e28f8e6f15e82f
push id38913
push userimoraru@mozilla.com
push dateTue, 26 Oct 2021 04:22:28 +0000
treeherdermozilla-central@ecc71584f003 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs1636629
milestone95.0a1
backs out9791a5dc84d8eb1622d5ad8d6ad8bdbb3539f403
8ec39d08c9afc4c7eeef775ce7076bf6baa4b5b8
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out 2 changesets (bug 1636629) for causing xpcshell failures on test_ext_permissions_api.js. CLOSED TREE Backed out changeset 9791a5dc84d8 (bug 1636629) Backed out changeset 8ec39d08c9af (bug 1636629)
dom/chrome-webidl/ChannelWrapper.webidl
modules/libpref/init/StaticPrefList.yaml
toolkit/components/extensions/schemas/web_request.json
toolkit/components/extensions/webrequest/ChannelWrapper.cpp
toolkit/components/extensions/webrequest/ChannelWrapper.h
toolkit/components/extensions/webrequest/StreamFilterParent.cpp
toolkit/components/extensions/webrequest/WebRequest.jsm
xpcom/ds/StaticAtoms.py
--- a/dom/chrome-webidl/ChannelWrapper.webidl
+++ b/dom/chrome-webidl/ChannelWrapper.webidl
@@ -270,22 +270,16 @@ interface ChannelWrapper : EventTarget {
   /**
    * The LoadInfo object for this channel, if available. Null for channels
    * without load info, until support for those is removed.
    */
   [Cached, Pure]
   readonly attribute LoadInfo? loadInfo;
 
   /**
-   * True if this load for a service worker script (either a main script or import scripts).
-   */
-  [Cached, Pure]
-  readonly attribute boolean isServiceWorkerScript;
-
-  /**
    * True if this load was triggered by a system caller. This currently always
    * false if the request has no LoadInfo or is a top-level document load.
    */
   [Cached, Pure]
   readonly attribute boolean isSystemLoad;
 
   /**
    * The URL of the principal that triggered this load. This is equivalent to
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@@ -4217,22 +4217,16 @@
 # NOTE: WebExtensions Framework ability to register a background service worker
 # is not controlled by this pref, only the extension code ability to use
 # navigator.serviceWorker.register is locked behind this pref.
 - name: extensions.serviceWorkerRegister.allowed
   type: bool
   value: false
   mirror: always
 
-# Legacy behavior on filterResponse calls on intercepted sw script requests.
-- name: extensions.filterResponseServiceWorkerScript.disabled
-  type: bool
-  value: false
-  mirror: always
-
 # This pref governs whether we run webextensions in a separate process (true)
 # or the parent/main process (false)
 - name: extensions.webextensions.remote
   type: RelaxedAtomicBool
   value: false
   mirror: always
 
 # Whether to expose the MockExtensionAPI test interface in tests.
--- a/toolkit/components/extensions/schemas/web_request.json
+++ b/toolkit/components/extensions/schemas/web_request.json
@@ -7,18 +7,17 @@
     "namespace": "manifest",
     "types": [
       {
         "$extend": "OptionalPermissionNoPrompt",
         "choices": [{
           "type": "string",
           "enum": [
             "webRequest",
-            "webRequestBlocking",
-            "webRequestFilterResponse.serviceWorkerScript"
+            "webRequestBlocking"
           ]
         }]
       }
     ]
   },
   {
     "namespace": "webRequest",
     "description": "Use the <code>browser.webRequest</code> API to observe and analyze traffic and to intercept, block, or modify requests in-flight.",
--- a/toolkit/components/extensions/webrequest/ChannelWrapper.cpp
+++ b/toolkit/components/extensions/webrequest/ChannelWrapper.cpp
@@ -452,54 +452,16 @@ already_AddRefed<Element> ChannelWrapper
     RefPtr<Element> elem;
     if (NS_SUCCEEDED(ctxt->GetTopFrameElement(getter_AddRefs(elem)))) {
       return elem.forget();
     }
   }
   return nullptr;
 }
 
-bool ChannelWrapper::IsServiceWorkerScript() const {
-  nsCOMPtr<nsIChannel> chan = MaybeChannel();
-  return IsServiceWorkerScript(chan);
-}
-
-// static
-bool ChannelWrapper::IsServiceWorkerScript(const nsCOMPtr<nsIChannel>& chan) {
-  nsCOMPtr<nsILoadInfo> loadInfo;
-
-  if (chan) {
-    chan->GetLoadInfo(getter_AddRefs(loadInfo));
-  }
-
-  if (loadInfo) {
-    // Not a script.
-    if (loadInfo->GetExternalContentPolicyType() !=
-        ExtContentPolicy::TYPE_SCRIPT) {
-      return false;
-    }
-
-    // Service worker main script load.
-    if (loadInfo->InternalContentPolicyType() ==
-        nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER) {
-      return true;
-    }
-
-    // Service worker import scripts load.
-    if (loadInfo->InternalContentPolicyType() ==
-        nsIContentPolicy::TYPE_INTERNAL_WORKER_IMPORT_SCRIPTS) {
-      nsLoadFlags loadFlags = 0;
-      chan->GetLoadFlags(&loadFlags);
-      return loadFlags & nsIChannel::LOAD_BYPASS_SERVICE_WORKER;
-    }
-  }
-
-  return false;
-}
-
 static inline bool IsSystemPrincipal(nsIPrincipal* aPrincipal) {
   return BasePrincipal::Cast(aPrincipal)->Is<SystemPrincipal>();
 }
 
 bool ChannelWrapper::IsSystemLoad() const {
   if (nsCOMPtr<nsILoadInfo> loadInfo = GetLoadInfo()) {
     if (nsIPrincipal* prin = loadInfo->GetLoadingPrincipal()) {
       return IsSystemPrincipal(prin);
--- a/toolkit/components/extensions/webrequest/ChannelWrapper.h
+++ b/toolkit/components/extensions/webrequest/ChannelWrapper.h
@@ -192,20 +192,16 @@ class ChannelWrapper final : public DOME
   int64_t FrameId() const;
 
   int64_t ParentFrameId() const;
 
   void GetFrameAncestors(
       dom::Nullable<nsTArray<dom::MozFrameAncestorInfo>>& aFrameAncestors,
       ErrorResult& aRv) const;
 
-  bool IsServiceWorkerScript() const;
-
-  static bool IsServiceWorkerScript(const nsCOMPtr<nsIChannel>& aChannel);
-
   bool IsSystemLoad() const;
 
   void GetOriginURL(nsCString& aRetVal) const;
 
   void GetDocumentURL(nsCString& aRetVal) const;
 
   already_AddRefed<nsIURI> GetOriginURI() const;
 
--- a/toolkit/components/extensions/webrequest/StreamFilterParent.cpp
+++ b/toolkit/components/extensions/webrequest/StreamFilterParent.cpp
@@ -1,21 +1,19 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "StreamFilterParent.h"
 
-#include "mozilla/ExtensionPolicyService.h"
 #include "mozilla/Unused.h"
 #include "mozilla/dom/ContentParent.h"
 #include "mozilla/net/ChannelEventQueue.h"
-#include "mozilla/StaticPrefs_extensions.h"
 #include "nsHttpChannel.h"
 #include "nsIChannel.h"
 #include "nsIInputStream.h"
 #include "nsITraceableChannel.h"
 #include "nsProxyRelease.h"
 #include "nsQueryObject.h"
 #include "nsSocketTransportService2.h"
 #include "nsStringStream.h"
@@ -121,29 +119,16 @@ auto StreamFilterParent::Create(dom::Con
   nsCOMPtr<nsITraceableChannel> channel =
       webreq.GetTraceableChannel(aChannelId, addonId, aContentParent);
 
   RefPtr<mozilla::net::nsHttpChannel> chan = do_QueryObject(channel);
   if (!chan) {
     return ChildEndpointPromise::CreateAndReject(false, __func__);
   }
 
-  nsCOMPtr<nsIChannel> genChan(do_QueryInterface(channel));
-  if (!StaticPrefs::extensions_filterResponseServiceWorkerScript_disabled() &&
-      ChannelWrapper::IsServiceWorkerScript(genChan)) {
-    RefPtr<extensions::WebExtensionPolicy> addonPolicy =
-        ExtensionPolicyService::GetSingleton().GetByID(aAddonId);
-
-    if (!addonPolicy ||
-        !addonPolicy->HasPermission(
-            nsGkAtoms::webRequestFilterResponse_serviceWorkerScript)) {
-      return ChildEndpointPromise::CreateAndReject(false, __func__);
-    }
-  }
-
   // Disable alt-data for extension stream listeners.
   nsCOMPtr<nsIHttpChannelInternal> internal(do_QueryObject(channel));
   internal->DisableAltDataCache();
 
   return chan->AttachStreamFilter(aContentParent ? aContentParent->OtherPid()
                                                  : base::GetCurrentProcId());
 }
 
--- a/toolkit/components/extensions/webrequest/WebRequest.jsm
+++ b/toolkit/components/extensions/webrequest/WebRequest.jsm
@@ -28,21 +28,16 @@ XPCOMUtils.defineLazyModuleGetters(this,
 // the apiManager.global being initialized.
 XPCOMUtils.defineLazyGetter(this, "tabTracker", () => {
   return ExtensionParent.apiManager.global.tabTracker;
 });
 XPCOMUtils.defineLazyGetter(this, "getCookieStoreIdForOriginAttributes", () => {
   return ExtensionParent.apiManager.global.getCookieStoreIdForOriginAttributes;
 });
 
-// URI schemes that service workers are allowed to load scripts from (any other
-// scheme is not allowed by the specs and it is not expected by the service workers
-// internals neither, which would likely trigger unexpected behaviors).
-const ALLOWED_SERVICEWORKER_SCHEMES = ["https", "http", "moz-extension"];
-
 // Classes of requests that should be sent immediately instead of batched.
 // Covers basically anything that can delay first paint or DOMContentLoaded:
 // top frame HTML, <head> blocking CSS, fonts preflight, sync JS and XHR.
 const URGENT_CLASSES =
   Ci.nsIClassOfService.Leader |
   Ci.nsIClassOfService.Unblocked |
   Ci.nsIClassOfService.UrgentStart |
   Ci.nsIClassOfService.TailForbidden;
@@ -82,42 +77,16 @@ function parseExtra(extra, allowed = [],
   }
   return result;
 }
 
 function isThenable(value) {
   return value && typeof value === "object" && typeof value.then === "function";
 }
 
-// Verify a requested redirect and throw a more explicit error.
-function verifyRedirect(channel, redirectUri, finalUrl, addonId) {
-  const { isServiceWorkerScript } = channel;
-
-  if (
-    isServiceWorkerScript &&
-    channel.loadInfo?.internalContentPolicyType ===
-      Ci.nsIContentPolicy.TYPE_INTERNAL_SERVICE_WORKER
-  ) {
-    throw new Error(
-      `Invalid redirectUrl ${redirectUri?.spec} on service worker main script ${finalUrl} requested by ${addonId}`
-    );
-  }
-
-  if (
-    isServiceWorkerScript &&
-    channel.loadInfo?.internalContentPolicyType ===
-      Ci.nsIContentPolicy.TYPE_INTERNAL_WORKER_IMPORT_SCRIPTS &&
-    !ALLOWED_SERVICEWORKER_SCHEMES.includes(redirectUri?.scheme)
-  ) {
-    throw new Error(
-      `Invalid redirectUrl ${redirectUri?.spec} on service worker imported script ${finalUrl} requested by ${addonId}`
-    );
-  }
-}
-
 class HeaderChanger {
   constructor(channel) {
     this.channel = channel;
 
     this.array = this.readHeaders();
   }
 
   getMap() {
@@ -1046,19 +1015,17 @@ HttpObserverManager = {
           }
           return;
         }
 
         if (result.redirectUrl) {
           try {
             const { redirectUrl } = result;
             channel.resume();
-            const redirectUri = Services.io.newURI(redirectUrl);
-            verifyRedirect(channel, redirectUri, finalURL, opts.addonId);
-            channel.redirectTo(redirectUri);
+            channel.redirectTo(Services.io.newURI(redirectUrl));
             ChromeUtils.addProfilerMarker(
               "Extension Redirected",
               { category: "Network" },
               `${kind} ${finalURL} redirected to ${redirectUrl} by ${opts.addonId} (chanId: ${chanId})`
             );
             if (opts.policy) {
               let properties = channel.channel.QueryInterface(
                 Ci.nsIWritablePropertyBag
--- a/xpcom/ds/StaticAtoms.py
+++ b/xpcom/ds/StaticAtoms.py
@@ -1954,17 +1954,16 @@ STATIC_ATOMS = [
     Atom("moz_extension", "moz-extension"),
     Atom("all_urlsPermission", "<all_urls>"),
     Atom("clipboardRead", "clipboardRead"),
     Atom("clipboardWrite", "clipboardWrite"),
     Atom("debugger", "debugger"),
     Atom("mozillaAddons", "mozillaAddons"),
     Atom("tabs", "tabs"),
     Atom("webRequestBlocking", "webRequestBlocking"),
-    Atom("webRequestFilterResponse_serviceWorkerScript", "webRequestFilterResponse.serviceWorkerScript"),
     Atom("http", "http"),
     Atom("https", "https"),
     Atom("proxy", "proxy"),
     Atom("privateBrowsingAllowedPermission", "internal:privateBrowsingAllowed"),
     Atom("svgContextPropertiesAllowedPermission", "internal:svgContextPropertiesAllowed"),
     # CSS Counter Styles
     Atom("decimal_leading_zero", "decimal-leading-zero"),
     Atom("arabic_indic", "arabic-indic"),