author | Ed Morley <emorley@mozilla.com> |
Mon, 18 Nov 2013 10:59:01 +0000 | |
changeset 155156 | beddd6d4bcdfe624010f0c321f4b0903872a54e5 |
parent 155155 | 8c20a3bb8b818680e4b8851c67bc67ec4af8f0d8 |
child 156004 | 70c5061b0fb9747d0455cd57a7f47924c98f4590 |
child 156012 | 411915ff3c7fcbfcdb8984104aece01f741961e6 |
child 156047 | 6df57406a9dfd7b79353795d6f4dd952f5eb41b9 |
child 156111 | 777db6243c9acf1f412ba4004480f6cf50dfdbb7 |
push id | 25665 |
push user | emorley@mozilla.com |
push date | Mon, 18 Nov 2013 10:59:17 +0000 |
treeherder | mozilla-central@beddd6d4bcdf [default view] [failures only] |
perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
bugs | 927196, 939269 |
milestone | 28.0a1 |
backs out | e6a9c98d62d05f35dd4c5c03b5024fd1a6721c8c |
first release with | nightly linux32
beddd6d4bcdf
/
28.0a1
/
20131118030203
/
files
nightly linux64
beddd6d4bcdf
/
28.0a1
/
20131118030203
/
files
nightly mac
beddd6d4bcdf
/
28.0a1
/
20131118030203
/
files
nightly win32
beddd6d4bcdf
/
28.0a1
/
20131118030203
/
files
nightly win64
beddd6d4bcdf
/
28.0a1
/
20131118030203
/
files
|
last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
releases | nightly linux32
28.0a1
/
20131118030203
/
pushlog to previous
nightly linux64
28.0a1
/
20131118030203
/
pushlog to previous
nightly mac
28.0a1
/
20131118030203
/
pushlog to previous
nightly win32
28.0a1
/
20131118030203
/
pushlog to previous
nightly win64
28.0a1
/
20131118030203
/
pushlog to previous
|
--- a/browser/extensions/shumway/content/shumway.js +++ b/browser/extensions/shumway/content/shumway.js @@ -37087,17 +37087,17 @@ var BinaryFileReader = function binaryFi } complete(xhr.response); } }; xhr.send(null); }, readAsync: function (ondata, onerror, onopen, oncomplete, onhttpstatus) { var xhr = new XMLHttpRequest({ - mozAnon: true, mozSystem: true + mozSystem: true }); var url = this.url; xhr.open(this.method || 'GET', url, true); var isNotProgressive; try { xhr.responseType = 'moz-chunked-arraybuffer'; isNotProgressive = xhr.responseType !== 'moz-chunked-arraybuffer'; } catch (e) {
--- a/content/base/src/nsXMLHttpRequest.cpp +++ b/content/base/src/nsXMLHttpRequest.cpp @@ -378,17 +378,17 @@ nsXMLHttpRequest::InitParameters(bool aA // Check for permissions. nsCOMPtr<nsPIDOMWindow> window = do_QueryInterface(GetOwner()); if (!window || !window->GetDocShell()) { return; } // Chrome is always allowed access, so do the permission check only // for non-chrome pages. - if (!IsSystemXHR() && aSystem) { + if (!IsSystemXHR()) { nsCOMPtr<nsIDocument> doc = window->GetExtantDoc(); if (!doc) { return; } nsCOMPtr<nsIPrincipal> principal = doc->NodePrincipal(); nsCOMPtr<nsIPermissionManager> permMgr = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID);
--- a/content/base/src/nsXMLHttpRequest.h +++ b/content/base/src/nsXMLHttpRequest.h @@ -193,21 +193,16 @@ public: nsCOMPtr<nsIGlobalObject> global = do_QueryInterface(aGlobal.GetAsSupports()); nsCOMPtr<nsIScriptObjectPrincipal> principal = do_QueryInterface(aGlobal.GetAsSupports()); if (!global || ! principal) { aRv.Throw(NS_ERROR_FAILURE); return nullptr; } - if (!aParams.mMozAnon && aParams.mMozSystem) { - aRv.Throw(NS_ERROR_DOM_SECURITY_ERR); - return nullptr; - } - nsRefPtr<nsXMLHttpRequest> req = new nsXMLHttpRequest(); req->Construct(principal->GetPrincipal(), global); req->InitParameters(aParams.mMozAnon, aParams.mMozSystem); return req.forget(); } static already_AddRefed<nsXMLHttpRequest> Constructor(const mozilla::dom::GlobalObject& aGlobal,
--- a/content/base/test/file_restrictedEventSource.sjs +++ b/content/base/test/file_restrictedEventSource.sjs @@ -1,16 +1,18 @@ function handleRequest(request, response) { if ((request.queryString == "test=user1_xhr" && request.hasHeader("Authorization") && request.getHeader("Authorization") == "Basic dXNlciAxOnBhc3N3b3JkIDE=") || (request.queryString == "test=user1_evtsrc" && request.hasHeader("Authorization") && - request.getHeader("Authorization") == "Basic dXNlciAxOnBhc3N3b3JkIDE=")) { + request.getHeader("Authorization") == "Basic dXNlciAxOnBhc3N3b3JkIDE=" && + request.hasHeader("Cookie") && + request.getHeader("Cookie") == "test=5c")) { response.setStatusLine(null, 200, "OK"); response.setHeader("Content-Type", "text/event-stream", false); response.setHeader("Access-Control-Allow-Origin", "http://mochi.test:8888", false); response.setHeader("Access-Control-Allow-Credentials", "true", false); response.setHeader("Cache-Control", "no-cache, must-revalidate", false); if (request.queryString == "test=user1_xhr") { response.setHeader("Set-Cookie", "test=5c", false); }
--- a/content/base/test/mochitest.ini +++ b/content/base/test/mochitest.ini @@ -516,17 +516,16 @@ support-files = [test_bug869006.html] [test_bug876282.html] [test_bug890580.html] [test_bug894874.html] [test_bug895239.html] [test_bug895974.html] [test_bug902847.html] [test_bug907892.html] -[test_bug927196.html] [test_caretPositionFromPoint.html] [test_classList.html] [test_copypaste.html] [test_copypaste.xhtml] [test_createHTMLDocument.html] [test_declare_stylesheet_obsolete.html] [test_domparser_null_char.html] [test_domparsing.html]
--- a/content/base/test/test_XHR_parameters.html +++ b/content/base/test/test_XHR_parameters.html @@ -48,21 +48,22 @@ function runTests() { try { xhr = new XMLHttpRequest(value); } catch (ex) { ok(false, "Got unexpected exception: " + ex); return; } ok(xhr instanceof XMLHttpRequest, "passed " + JSON.stringify(value)); - // If the page doesnt have privileges to create a system XHR, - // this flag will always be false no matter what is passed. - let expectedAnon = Boolean(value && value.mozAnon); + // If the page doesnt have privileges to create a system or anon XHR, + // these flags will always be false no matter what is passed. + let expectedAnon = false; let expectedSystem = false; if (havePrivileges) { + expectedAnon = Boolean(value && value.mozAnon); expectedSystem = Boolean(value && value.mozSystem); } is(xhr.mozAnon, expectedAnon, "testing mozAnon"); is(xhr.mozSystem, expectedSystem, "testing mozSystem"); } function testInvalidParameter(value) { let expectedError; @@ -78,20 +79,21 @@ function runTests() { } // Run the tests once without API privileges... validParameters.forEach(testValidParameter); invalidParameters.forEach(testInvalidParameter); // ...and once with privileges. havePrivileges = true; - SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], function() { - validParameters.forEach(testValidParameter); - invalidParameters.forEach(testInvalidParameter); + SpecialPowers.addPermission("systemXHR", true, document); - SimpleTest.finish(); - }); + validParameters.forEach(testValidParameter); + invalidParameters.forEach(testInvalidParameter); + SpecialPowers.removePermission("systemXHR", document); + + SimpleTest.finish(); } </script> </pre> </body> </html>
--- a/content/base/test/test_XHR_system.html +++ b/content/base/test/test_XHR_system.html @@ -21,17 +21,17 @@ const PROTECTED_URL = "file:///etc/passw const REDIRECT_URL = window.location.protocol + "//" + window.location.host + "/tests/content/base/test/file_XHR_system_redirect.html"; const CROSSSITE_URL = "http://example.com/tests/content/base/test/test_XHR_system.html"; tests.push(function test_cross_origin() { // System XHR can load cross-origin resources. is(window.location.hostname, "mochi.test", "correct origin"); - let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + let xhr = new XMLHttpRequest({mozSystem: true}); is(xhr.mozSystem, true, ".mozSystem == true"); xhr.open("GET", CROSSSITE_URL); xhr.onload = function onload() { is(xhr.status, 200, "correct HTTP status"); ok(xhr.responseText != null, "HTTP response non-null"); ok(xhr.responseText.length, "HTTP response not empty"); runNextTest(); }; @@ -40,17 +40,17 @@ tests.push(function test_cross_origin() runNextTest(); } xhr.send(); }); tests.push(function test_file_uri() { // System XHR is not permitted to access file:/// URIs. - let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + let xhr = new XMLHttpRequest({mozSystem: true}); is(xhr.mozSystem, true, ".mozSystem == true"); xhr.open("GET", PROTECTED_URL); let error; try { xhr.send(); } catch (ex) { error = ex; } @@ -59,17 +59,17 @@ tests.push(function test_file_uri() { is(error.message, "Access to restricted URI denied"); runNextTest(); }); tests.push(function test_redirect_to_file_uri() { // System XHR won't load file:/// URIs even if an HTTP resource redirects there. - let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + let xhr = new XMLHttpRequest({mozSystem: true}); is(xhr.mozSystem, true, ".mozSystem == true"); xhr.open("GET", REDIRECT_URL); xhr.onload = function onload() { ok(false, "Should not have loaded"); runNextTest(); }; xhr.onerror = function onerror(event) { ok(true, "Got an error event: " + event);
--- a/content/base/test/test_bug338583.html +++ b/content/base/test/test_bug338583.html @@ -459,18 +459,18 @@ https://bugzilla.mozilla.org/show_bug.cg ok(gEventSourceObj5_b.hits['fn_onmessage'] == 0, "Test 5.b failed"); gEventSourceObj5_b.close(); setTestHasFinished(test_id); }, parseInt(3000*stress_factor)); } function doTest5_c(test_id) { - // credentials using the auth cache - var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + // credentials using the auth cache and cookies + var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true}); xhr.withCredentials = true; // also, test mixed mode UI xhr.open("GET", "https://example.com/tests/content/base/test/file_restrictedEventSource.sjs?test=user1_xhr", true, "user 1", "password 1"); xhr.send(); xhr.onloadend = function() { ok(xhr.status == 200, "Failed to set credentials in test 5.c"); gEventSourceObj5_c = new EventSource("https://example.com/tests/content/base/test/file_restrictedEventSource.sjs?test=user1_evtsrc", @@ -489,17 +489,17 @@ https://bugzilla.mozilla.org/show_bug.cg gEventSourceObj5_c.close(); doTest5_d(test_id); }, parseInt(3000*stress_factor)); }; } function doTest5_d(test_id) { - var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true}); xhr.withCredentials = true; xhr.open("GET", "https://example.com/tests/content/base/test/file_restrictedEventSource.sjs?test=user2_xhr", true, "user 2", "password 2"); xhr.send(); xhr.onloadend = function() { ok(xhr.status == 200, "Failed to set credentials in test 5.d"); gEventSourceObj5_d = new EventSource("https://example.com/tests/content/base/test/file_restrictedEventSource.sjs?test=user2_evtsrc"); ok(!gEventSourceObj5_d.withCredentials, "Wrong withCredentials in test 5.d"); @@ -516,18 +516,18 @@ https://bugzilla.mozilla.org/show_bug.cg gEventSourceObj5_d.close(); setTestHasFinished(test_id); }, parseInt(3000*stress_factor)); }; } function doTest5_e(test_id) { - // credentials using the auth cache - var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + // credentials using the auth cache and cookies + var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true}); xhr.withCredentials = true; xhr.open("GET", "http://example.org/tests/content/base/test/file_restrictedEventSource.sjs?test=user1_xhr", true, "user 1", "password 1"); xhr.send(); xhr.onloadend = function() { ok(xhr.status == 200, "Failed to set credentials in test 5.e"); gEventSourceObj5_e = new EventSource("http://example.org/tests/content/base/test/file_restrictedEventSource.sjs?test=user1_evtsrc", { get withCredentials() { return true; } } ); @@ -545,17 +545,17 @@ https://bugzilla.mozilla.org/show_bug.cg gEventSourceObj5_e.close(); doTest5_f(test_id); }, parseInt(5000*stress_factor)); }; } function doTest5_f(test_id) { - var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true}); xhr.withCredentials = true; xhr.open("GET", "http://example.org/tests/content/base/test/file_restrictedEventSource.sjs?test=user2_xhr", true, "user 2", "password 2"); xhr.send(); xhr.onloadend = function() { ok(xhr.status == 200, "Failed to set credentials in test 5.f"); gEventSourceObj5_f = new EventSource("http://example.org/tests/content/base/test/file_restrictedEventSource.sjs?test=user2_evtsrc", { });
--- a/content/base/test/test_bug426308.html +++ b/content/base/test/test_bug426308.html @@ -17,17 +17,17 @@ https://bugzilla.mozilla.org/show_bug.cg <pre id="test"> <script class="testbody" type="text/javascript"> /** Test for Bug 426308 **/ const SJS_URL = "http://example.org:80/tests/content/base/test/bug426308-redirect.sjs"; function startTest() { - var req = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + var req = new XMLHttpRequest({mozAnon: false, mozSystem: true}); req.open("GET", SJS_URL + "?" + window.location.href, false); req.send(null); is(req.status, 200, "Redirect did not happen"); SimpleTest.finish(); }
--- a/content/base/test/test_bug431701.html +++ b/content/base/test/test_bug431701.html @@ -46,17 +46,17 @@ function frameDoc(id) { function createDoc() { return document.implementation.createDocument('', 'html', null); } function xhrDoc(idx) { return function() { // Defy same-origin restrictions! - var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true}); xhr.open("GET", docSources[idx], false); xhr.send(); return xhr.responseXML; }; } // Each row has the document getter function, then the characterSet, // inputEncoding expected for that document.
--- a/content/base/test/test_bug804395.html +++ b/content/base/test/test_bug804395.html @@ -14,41 +14,41 @@ https://bugzilla.mozilla.org/show_bug.cg <p id="display"></p> <div id="content" style="display: none"> </div> <pre id="test"> <script type="application/javascript"> function test200() { - var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true}); xhr.open('GET', 'jar:http://example.org/tests/content/base/test/file_bug804395.jar!/foo.bar', true); xhr.onreadystatechange = function() { if (xhr.readyState == 4) { ok(xhr.status == 200, "Existing file must have Status 200!"); runTests(); } } xhr.send(null); } function test404() { - var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true}); xhr.open('GET', 'jar:http://example.org/tests/content/base/test/file_bug804395.jar!/foo.do_not_exist', true); xhr.onreadystatechange = function() { if (xhr.readyState == 4) { ok(xhr.status == 404, "Non existing file must have Status 404!"); runTests(); } } xhr.send(null); } function test0() { - var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true}); xhr.open('GET', 'jar:http://example.org/tests/content/base/test/file_bug804395.jar!/foo.bar', true); ok(xhr.status == 0, "Not Sent request must have status 0"); runTests(); } var tests = [ test200, test404, test0 ]; function runTests() { if (!tests.length) {
deleted file mode 100644 --- a/content/base/test/test_bug927196.html +++ /dev/null @@ -1,64 +0,0 @@ -<!DOCTYPE HTML> -<html> -<!-- -https://bugzilla.mozilla.org/show_bug.cgi?id=426308 ---> -<head> - <title>Test for Bug 426308</title> - <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> - <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> -</head> -<body> -<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=927196">Mozilla Bug 927196</a> -<p id="display"></p> -<div id="content" style="display: none"> - -</div> -<pre id="test"> -<script class="testbody" type="text/javascript"> - -/** Test for Bug 927196 **/ - -function startTest() { - try { - req = new XMLHttpRequest({mozSystem: true}); - ok(false, "Should not be reached"); - } catch(e) { - is(e.name, "SecurityError", "XMLHttpRequest should not be mozSystem"); - } - - req = new XMLHttpRequest({mozAnon: true}); - is(req.mozAnon, true, "XMLHttpRequest should be mozAnon"); - is(req.mozSystem, false, "XMLHttpRequest should not be mozSystem"); - - req = new XMLHttpRequest({mozAnon: true, mozSystem: true}); - is(req.mozAnon, true, "XMLHttpRequest should be mozAnon"); - is(req.mozSystem, true, "XMLHttpRequest should be mozSystem"); - - try { - req = new XMLHttpRequest({mozAnon: false, mozSystem: true}); - ok(false, "Should not be reached"); - } catch(e) { - is(e.name, "SecurityError", "XMLHttpRequest should throw SecurityError"); - } - - SimpleTest.finish(); -} - -SimpleTest.waitForExplicitFinish(); - -var req = new XMLHttpRequest({mozAnon: true}); -is(req.mozAnon, true, "XMLHttpRequest should be mozAnon"); -is(req.mozSystem, false, "XMLHttpRequest should not be mozSystem"); - -req = new XMLHttpRequest({mozAnon: true, mozSystem: true}); -is(req.mozAnon, false, "XMLHttpRequest should be mozAnon"); -is(req.mozSystem, false, "XMLHttpRequest should not be mozSystem"); - -addLoadEvent(function() { - SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], startTest); -}); -</script> -</pre> -</body> -</html>
--- a/content/base/test/test_xhr_forbidden_headers.html +++ b/content/base/test/test_xhr_forbidden_headers.html @@ -65,17 +65,17 @@ function startTest() { value = channel.getRequestHeader(headers[i]); } catch(e) {} isnot(value, "test" + i, "Setting " + headers[i] + " header in unprivileged context"); } // Try setting headers in privileged context - request = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + request = new XMLHttpRequest({mozAnon: false, mozSystem: true}); request.open("GET", window.location.href); for (i = 0; i < headers.length; i++) request.setRequestHeader(headers[i], "test" + i); // Read out headers var channel = SpecialPowers.wrap(request).channel.QueryInterface(SpecialPowers.Ci.nsIHttpChannel); for (i = 0; i < headers.length; i++) { var value = channel.getRequestHeader(headers[i]);
--- a/dom/permission/tests/test_systemXHR.html +++ b/dom/permission/tests/test_systemXHR.html @@ -12,17 +12,17 @@ https://bugzilla.mozilla.org/show_bug.cg <body> <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=815105">Mozilla Bug 815105 </a> <p id="display"></p> <div id="content" style="display: none"></div> <pre id="test"> <script type="application/javascript;version=1.8" src="file_framework.js"></script> <script type="application/javascript;version=1.8"> function verifier(success, failure) { - var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + var xhr = new XMLHttpRequest({mozSystem: true}); if (xhr.mozSystem === true) { success("systemXHR"); } else { failure("Couldn't create systemXHR"); } } var gData = [
--- a/dom/workers/XMLHttpRequest.cpp +++ b/dom/workers/XMLHttpRequest.cpp @@ -1494,21 +1494,16 @@ already_AddRefed<XMLHttpRequest> XMLHttpRequest::Constructor(const GlobalObject& aGlobal, const MozXMLHttpRequestParameters& aParams, ErrorResult& aRv) { JSContext* cx = aGlobal.GetContext(); WorkerPrivate* workerPrivate = GetWorkerPrivateFromContext(cx); MOZ_ASSERT(workerPrivate); - if (!aParams.mMozAnon && aParams.mMozSystem) { - aRv.Throw(NS_ERROR_DOM_SECURITY_ERR); - return nullptr; - } - nsRefPtr<XMLHttpRequest> xhr = new XMLHttpRequest(workerPrivate); if (workerPrivate->XHRParamsAllowed()) { xhr->mMozAnon = aParams.mMozAnon; xhr->mMozSystem = aParams.mMozSystem; } return xhr.forget();
--- a/dom/workers/test/test_xhr_system.html +++ b/dom/workers/test/test_xhr_system.html @@ -21,32 +21,34 @@ function message(event) { else if(event.data.test == 'is') is(event.data.a, event.data.b, event.data.event); else if(event.data.test == 'finish') { run(); } }; function test1() { + // ...and once with privileges. + SpecialPowers.addPermission("systemXHR", true, document); var worker = new Worker("test_xhr_system.js"); worker.onmessage = message; worker.postMessage(true); } var tests = [ test1 ]; function run() { if (!tests.length) { + SpecialPowers.removePermission("systemXHR", document); SimpleTest.finish(); return; } var func = tests.shift(); func(); } SimpleTest.waitForExplicitFinish(); - -SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], run); +run(); </script> </pre> </body> </html>
--- a/dom/workers/test/test_xhr_system.js +++ b/dom/workers/test/test_xhr_system.js @@ -6,19 +6,19 @@ function is(a, b, msg) { postMessage({ event: msg, test: 'is', a: a, b: b }); } self.onmessage = function onmessage(event) { // An XHR with system privileges will be able to do cross-site calls. const TEST_URL = "http://example.com/tests/content/base/test/test_XHR_system.html"; - is(location.hostname, "mochi.test", "hostname should be mochi.test"); + is(location.hostname, "mochi.test", "hostname"); - var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true}); + var xhr = new XMLHttpRequest({mozSystem: true}); is(xhr.mozSystem, true, ".mozSystem == true"); xhr.open("GET", TEST_URL); xhr.onload = function onload() { is(xhr.status, 200); ok(xhr.responseText != null); ok(xhr.responseText.length); postMessage({test: "finish"}); };
--- a/testing/mochitest/manifest.webapp +++ b/testing/mochitest/manifest.webapp @@ -22,16 +22,17 @@ "camera":{}, "geolocation":{}, "wifi-manage":{}, "wifi":{}, "desktop-notification":{}, "idle":{}, "network-events":{}, "embed-apps":{}, + "systemXHR":{}, "audio-channel-content":{}, "audio-channel-alarm":{} }, "locales": { "en-US": { "name": "Mochitest", "description": "Mochitests" }