Backed out 3 changesets (bug 1398229) for failing own browser-chrome browser/components/contextualidentity/test/browser/browser_saveLink.js. r=backout on a CLOSED TREE
authorSebastian Hengst <archaeopteryx@coole-files.de>
Wed, 15 Nov 2017 20:49:09 +0200
changeset 392041 b58d7dbfcf60e3dabbca270ff0c4c4d1b233edf0
parent 392040 0685df5dc52a30792f148fe883fdf59096663a7e
child 392042 b8067f9bf9a76fca35349c77ece7d5cd23cce145
push id32909
push usercbrindusan@mozilla.com
push dateWed, 15 Nov 2017 22:25:14 +0000
treeherdermozilla-central@f41930a869a8 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbackout
bugs1398229
milestone59.0a1
backs out5b3b0a38b2d1827f4fc9af6f32e9fb939789d6c8
a726fc7506ca26371b0df3a523bd489f4620206a
53dae7764e58db6288d1f03e7b8b4909b32a85c8
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out 3 changesets (bug 1398229) for failing own browser-chrome browser/components/contextualidentity/test/browser/browser_saveLink.js. r=backout on a CLOSED TREE Backed out changeset 5b3b0a38b2d1 (bug 1398229) Backed out changeset a726fc7506ca (bug 1398229) Backed out changeset 53dae7764e58 (bug 1398229)
browser/base/content/nsContextMenu.js
browser/components/contextualidentity/test/browser/browser.ini
browser/components/contextualidentity/test/browser/browser_saveLink.js
browser/components/contextualidentity/test/browser/saveLink.sjs
dom/base/nsContentPolicyUtils.h
dom/base/nsIContentPolicy.idl
dom/cache/DBSchema.cpp
dom/fetch/InternalRequest.cpp
dom/fetch/InternalRequest.h
dom/security/nsContentSecurityManager.cpp
dom/security/nsMixedContentBlocker.cpp
--- a/browser/base/content/nsContextMenu.js
+++ b/browser/base/content/nsContextMenu.js
@@ -1148,21 +1148,24 @@ nsContextMenu.prototype = {
     function timerCallback() {}
     timerCallback.prototype = {
       notify: function sLA_timer_notify(aTimer) {
         channel.cancel(NS_ERROR_SAVE_LINK_AS_TIMEOUT);
       }
     };
 
     // setting up a new channel for 'right click - save link as ...'
+    // ideally we should use:
+    // * doc            - as the loadingNode, and/or
+    // * this.principal - as the loadingPrincipal
+    // for now lets use systemPrincipal to bypass mixedContentBlocker
+    // checks after redirects, see bug: 1136055
     var channel = NetUtil.newChannel({
                     uri: makeURI(linkURL),
-                    loadingPrincipal: this.principal,
-                    contentPolicyType: Ci.nsIContentPolicy.TYPE_SAVEAS_DOWNLOAD,
-                    securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS,
+                    loadUsingSystemPrincipal: true
                   });
 
     if (linkDownload)
       channel.contentDispositionFilename = linkDownload;
     if (channel instanceof Ci.nsIPrivateBrowsingChannel) {
       let docIsPrivate = PrivateBrowsingUtils.isBrowserPrivate(gBrowser.selectedBrowser);
       channel.setPrivate(docIsPrivate);
     }
--- a/browser/components/contextualidentity/test/browser/browser.ini
+++ b/browser/components/contextualidentity/test/browser/browser.ini
@@ -25,12 +25,8 @@ tags = openwindow
 tags = openwindow
 [browser_serviceworkers.js]
 [browser_broadcastchannel.js]
 [browser_blobUrl.js]
 [browser_middleClick.js]
 [browser_imageCache.js]
 [browser_count_and_remove.js]
 [browser_relatedTab.js]
-[browser_saveLink.js]
-support-files =
-  saveLink.sjs
-  !/toolkit/content/tests/browser/common/mockTransfer.js
deleted file mode 100644
--- a/browser/components/contextualidentity/test/browser/browser_saveLink.js
+++ /dev/null
@@ -1,148 +0,0 @@
-"use strict";
-
-const BASE_ORIGIN = "https://example.com";
-const URI = BASE_ORIGIN +
-  "/browser/browser/components/contextualidentity/test/browser/saveLink.sjs";
-
-const { Downloads } = Cu.import("resource://gre/modules/Downloads.jsm", {});
-
-let MockFilePicker = SpecialPowers.MockFilePicker;
-MockFilePicker.init(window);
-
-add_task(async function setup() {
-  // make sure userContext is enabled.
-  await SpecialPowers.pushPrefEnv({"set": [
-    ["privacy.userContext.enabled", true]
-  ]});
-});
-
-add_task(async function test() {
-  info("Let's create a temporary dir");
-  let tempDir = createTemporarySaveDirectory();
-
-  let downloadList = await Downloads.getList(Downloads.ALL);
-  let all = await downloadList.getAll();
-  is(all.length, 0, "No pending downloads!");
-
-  info("Let's open a new window");
-  let win = await BrowserTestUtils.openNewBrowserWindow();
-
-  info("Opening tab with UCI: 1");
-  let tab = BrowserTestUtils.addTab(win.gBrowser, URI + "?UCI=1", {userContextId: 1});
-
-  // select tab and make sure its browser is focused
-  win.gBrowser.selectedTab = tab;
-  tab.ownerGlobal.focus();
-
-  info("Waiting to load content");
-  let browser = gBrowser.getBrowserForTab(tab);
-  await BrowserTestUtils.browserLoaded(browser);
-
-  let path = await new Promise(resolve => {
-    info("Register to handle popupshown");
-    win.document.addEventListener("popupshown", event => {
-      info("Context menu opened");
-
-      let destFile = tempDir.clone();
-
-      MockFilePicker.displayDirectory = tempDir;
-      MockFilePicker.showCallback = fp => {
-        info("MockFilePicker showCallback");
-        let fileName = fp.defaultString;
-        info("fileName: " + fileName);
-        destFile.append(fileName);
-        MockFilePicker.setFiles([destFile]);
-        MockFilePicker.filterIndex = 1; // kSaveAsType_URL
-        info("MockFilePicker showCallback done");
-      };
-
-      MockFilePicker.afterOpenCallback = () => {
-        info("MockFilePicker afterOpenCallback");
-
-        function resolveOrWait() {
-          downloadList.getAll().then(downloads => {
-            if (downloads.length) {
-              is(downloads.length, 1, "We were expecting 1 download only.");
-              ok(downloads[0].source.url.indexOf("saveLink.sjs") != -1, "The path is correct");
-
-              downloads[0].whenSucceeded().then(() => {
-                win.close();
-                resolve(destFile.leafName);
-              });
-              return;
-            }
-
-            let timer = Cc["@mozilla.org/timer;1"].createInstance(Ci.nsITimer);
-            timer.initWithCallback(() => resolveOrWait, 500, Ci.nsITimer.TYPE_ONE_SHOT);
-          });
-        }
-
-        resolveOrWait();
-      };
-
-      // Select "Save Link As" option from context menu
-      let saveLinkCommand = win.document.getElementById("context-savelink");
-      info("saveLinkCommand: " + saveLinkCommand);
-      saveLinkCommand.doCommand();
-
-      event.target.hidePopup();
-      info("popup hidden");
-    }, {once: true});
-
-    BrowserTestUtils.synthesizeMouseAtCenter("#fff", {type: "contextmenu", button: 2},
-                                             win.gBrowser.selectedBrowser);
-    info("Right clicked!");
-  });
-
-  ok(path, "File downloaded correctly: " + path);
-
-  let savedFile = tempDir.clone();
-  savedFile.append(path);
-  ok(savedFile.exists(), "We have the file");
-
-  let content = readFile(savedFile);
-  is(content, "cookie-present-UCI=1", "Correct file content: -" + content + "-");
-
-  info("Removing the temporary directory");
-  tempDir.remove(true);
-
-  info("Closing the window");
-  await BrowserTestUtils.closeWindow(win);
-});
-
-/* import-globals-from ../../../../../toolkit/content/tests/browser/common/mockTransfer.js */
-Services.scriptloader.loadSubScript("chrome://mochitests/content/browser/toolkit/content/tests/browser/common/mockTransfer.js", this);
-
-function readFile(file) {
-  let inputStream = Cc["@mozilla.org/network/file-input-stream;1"]
-                      .createInstance(Ci.nsIFileInputStream);
-  inputStream.init(file, -1, 0, 0);
-  try {
-    let scrInputStream = Cc["@mozilla.org/scriptableinputstream;1"]
-                           .createInstance(Ci.nsIScriptableInputStream);
-    scrInputStream.init(inputStream);
-    try {
-      // Assume that the file is much shorter than 1 MiB.
-      return scrInputStream.read(1048576);
-    } finally {
-      // Close the scriptable stream after reading, even if the operation
-      // failed.
-      scrInputStream.close();
-    }
-  } finally {
-    // Close the stream after reading, if it is still open, even if the read
-    // operation failed.
-    inputStream.close();
-  }
-}
-
-function createTemporarySaveDirectory() {
-  let saveDir = Services.dirsvc.get("TmpD", Ci.nsIFile);
-  saveDir.append("testsavedir");
-  if (!saveDir.exists()) {
-    info("create testsavedir!");
-    saveDir.create(Ci.nsIFile.DIRECTORY_TYPE, 0o755);
-  }
-  info("return from createTempSaveDir: " + saveDir.path);
-  return saveDir;
-}
deleted file mode 100644
--- a/browser/components/contextualidentity/test/browser/saveLink.sjs
+++ /dev/null
@@ -1,37 +0,0 @@
-const HTTP_ORIGIN = "http://example.com";
-const HTTPS_ORIGIN = "https://example.com";
-const URI_PATH = "/browser/browser/components/contextualidentity/test/browser/saveLink.sjs";
-
-Components.utils.importGlobalProperties(["URLSearchParams"]);
-
-function handleRequest(aRequest, aResponse) {
-  var params = new URLSearchParams(aRequest.queryString);
-
-  // This is the first request, where we set the cookie.
-  if (params.has("UCI")) {
-    aResponse.setStatusLine(aRequest.httpVersion, 200);
-    aResponse.setHeader("Set-Cookie", "UCI=" + params.get("UCI"));
-    aResponse.write("<html><body><a href='" + HTTPS_ORIGIN + URI_PATH + "?redirect=1' id='fff'>this is a link</a></body></html>");
-    return;
-  }
-
-  // Second request. This is the save-as content, but we make a redirect to see
-  // if we are able to follow it.
-  if (params.has("redirect")) {
-    aResponse.setStatusLine(aRequest.httpVersion, 302, "Found");
-    aResponse.setHeader("Location", HTTP_ORIGIN + URI_PATH, false);
-    aResponse.write("Redirect!");
-    return;
-  }
-
-  // This is the 3rd request where we offer the content to be saved.
-  if (aRequest.hasHeader("Cookie")) {
-    aResponse.setStatusLine(aRequest.httpVersion, 200);
-    aResponse.write("cookie-present-" + aRequest.getHeader("Cookie"));
-    return;
-  }
-
-  // We should not be here!
-  aResponse.setStatusLine(aRequest.httpVersion, 500);
-  aResponse.write("ERROR!!!");
-}
--- a/dom/base/nsContentPolicyUtils.h
+++ b/dom/base/nsContentPolicyUtils.h
@@ -109,17 +109,16 @@ NS_CP_ContentTypeName(uint32_t contentTy
     CASE_RETURN( TYPE_MEDIA                       );
     CASE_RETURN( TYPE_WEBSOCKET                   );
     CASE_RETURN( TYPE_CSP_REPORT                  );
     CASE_RETURN( TYPE_XSLT                        );
     CASE_RETURN( TYPE_BEACON                      );
     CASE_RETURN( TYPE_FETCH                       );
     CASE_RETURN( TYPE_IMAGESET                    );
     CASE_RETURN( TYPE_WEB_MANIFEST                );
-    CASE_RETURN( TYPE_SAVEAS_DOWNLOAD             );
     CASE_RETURN( TYPE_INTERNAL_SCRIPT             );
     CASE_RETURN( TYPE_INTERNAL_WORKER             );
     CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER      );
     CASE_RETURN( TYPE_INTERNAL_EMBED              );
     CASE_RETURN( TYPE_INTERNAL_OBJECT             );
     CASE_RETURN( TYPE_INTERNAL_FRAME              );
     CASE_RETURN( TYPE_INTERNAL_IFRAME             );
     CASE_RETURN( TYPE_INTERNAL_AUDIO              );
--- a/dom/base/nsIContentPolicy.idl
+++ b/dom/base/nsIContentPolicy.idl
@@ -177,21 +177,16 @@ interface nsIContentPolicy : nsISupports
   const nsContentPolicyType TYPE_IMAGESET = 21;
 
   /**
    * Indicates a web manifest.
    */
   const nsContentPolicyType TYPE_WEB_MANIFEST = 22;
 
   /**
-   * Indicates an save-as link download from the front-end code.
-   */
-  const nsContentPolicyType TYPE_SAVEAS_DOWNLOAD = 43;
-
-  /**
    * Indicates an internal constant for scripts loaded through script
    * elements.
    *
    * This will be mapped to TYPE_SCRIPT before being passed to content policy
    * implementations.
    */
   const nsContentPolicyType TYPE_INTERNAL_SCRIPT = 23;
 
--- a/dom/cache/DBSchema.cpp
+++ b/dom/cache/DBSchema.cpp
@@ -306,17 +306,16 @@ static_assert(nsIContentPolicy::TYPE_INV
               nsIContentPolicy::TYPE_MEDIA == 15 &&
               nsIContentPolicy::TYPE_WEBSOCKET == 16 &&
               nsIContentPolicy::TYPE_CSP_REPORT == 17 &&
               nsIContentPolicy::TYPE_XSLT == 18 &&
               nsIContentPolicy::TYPE_BEACON == 19 &&
               nsIContentPolicy::TYPE_FETCH == 20 &&
               nsIContentPolicy::TYPE_IMAGESET == 21 &&
               nsIContentPolicy::TYPE_WEB_MANIFEST == 22 &&
-              nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD == 43 &&
               nsIContentPolicy::TYPE_INTERNAL_SCRIPT == 23 &&
               nsIContentPolicy::TYPE_INTERNAL_WORKER == 24 &&
               nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER == 25 &&
               nsIContentPolicy::TYPE_INTERNAL_EMBED == 26 &&
               nsIContentPolicy::TYPE_INTERNAL_OBJECT == 27 &&
               nsIContentPolicy::TYPE_INTERNAL_FRAME == 28 &&
               nsIContentPolicy::TYPE_INTERNAL_IFRAME == 29 &&
               nsIContentPolicy::TYPE_INTERNAL_AUDIO == 30 &&
--- a/dom/fetch/InternalRequest.cpp
+++ b/dom/fetch/InternalRequest.cpp
@@ -319,19 +319,16 @@ InternalRequest::MapContentPolicyTypeToR
     context = RequestContext::Fetch;
     break;
   case nsIContentPolicy::TYPE_IMAGESET:
     context = RequestContext::Imageset;
     break;
   case nsIContentPolicy::TYPE_WEB_MANIFEST:
     context = RequestContext::Manifest;
     break;
-  case nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD:
-    context = RequestContext::Internal;
-    break;
   default:
     MOZ_ASSERT(false, "Unhandled nsContentPolicyType value");
     break;
   }
   return context;
 }
 
 // static
--- a/dom/fetch/InternalRequest.h
+++ b/dom/fetch/InternalRequest.h
@@ -48,17 +48,17 @@ namespace dom {
  * font              | TYPE_FONT
  * form              |
  * frame             | TYPE_INTERNAL_FRAME
  * hyperlink         |
  * iframe            | TYPE_INTERNAL_IFRAME
  * image             | TYPE_INTERNAL_IMAGE, TYPE_INTERNAL_IMAGE_PRELOAD, TYPE_INTERNAL_IMAGE_FAVICON
  * imageset          | TYPE_IMAGESET
  * import            | Not supported by Gecko
- * internal          | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER, TYPE_SAVEAS_DOWNLOAD
+ * internal          | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER
  * location          |
  * manifest          | TYPE_WEB_MANIFEST
  * object            | TYPE_INTERNAL_OBJECT
  * ping              | TYPE_PING
  * plugin            | TYPE_OBJECT_SUBREQUEST
  * prefetch          |
  * script            | TYPE_INTERNAL_SCRIPT, TYPE_INTERNAL_SCRIPT_PRELOAD
  * sharedworker      | TYPE_INTERNAL_SHARED_WORKER
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@@ -475,22 +475,16 @@ DoContentSecurityChecks(nsIChannel* aCha
     }
 
     case nsIContentPolicy::TYPE_WEB_MANIFEST: {
       mimeTypeGuess = NS_LITERAL_CSTRING("application/manifest+json");
       requestingContext = aLoadInfo->LoadingNode();
       break;
     }
 
-    case nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD: {
-      mimeTypeGuess = EmptyCString();
-      requestingContext = aLoadInfo->LoadingNode();
-      break;
-    }
-
     default:
       // nsIContentPolicy::TYPE_INVALID
       MOZ_ASSERT(false, "can not perform security check without a valid contentType");
   }
 
   int16_t shouldLoad = nsIContentPolicy::ACCEPT;
   rv = NS_CheckContentLoadPolicy(internalContentPolicyType,
                                  uri,
--- a/dom/security/nsMixedContentBlocker.cpp
+++ b/dom/security/nsMixedContentBlocker.cpp
@@ -571,23 +571,16 @@ nsMixedContentBlocker::ShouldLoad(bool a
       return NS_OK;
     // Creating insecure websocket connections in a secure page is blocked already
     // in the websocket constructor. We don't need to check the blocking here
     // and we don't want to un-block
     case TYPE_WEBSOCKET:
       *aDecision = ACCEPT;
       return NS_OK;
 
-    // Creating insecure connections for a save-as link download is acceptable.
-    // This download is completely disconnected from the docShell, but still
-    // using the same loading principal.
-    case TYPE_SAVEAS_DOWNLOAD:
-      *aDecision = ACCEPT;
-      return NS_OK;
-
     // Static display content is considered moderate risk for mixed content so
     // these will be blocked according to the mixed display preference
     case TYPE_IMAGE:
     case TYPE_MEDIA:
     case TYPE_OBJECT_SUBREQUEST:
       classification = eMixedDisplay;
       break;