Bug 1304623 - Create a pref to control the default referrer policy - part 1. r=bkelly
authorThomas Nguyen <tnguyen@mozilla.com>
Thu, 05 Jan 2017 11:30:07 +0800
changeset 373100 a042126872f44ba3655f746cf5b78d6e59e01507
parent 373099 dc713109ebb1aca7de945f54b87bbc7367906140
child 373101 73d0bfecc06b03d8a161a8e73e4eb8d07b8242ae
push id6996
push userjlorenzo@mozilla.com
push dateMon, 06 Mar 2017 20:48:21 +0000
treeherdermozilla-beta@d89512dab048 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbkelly
bugs1304623
milestone53.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1304623 - Create a pref to control the default referrer policy - part 1. r=bkelly MozReview-Commit-ID: 6R7kLB6jvhP
dom/base/test/referrer_helper.js
dom/base/test/referrer_testserver.sjs
dom/fetch/FetchDriver.cpp
dom/fetch/InternalRequest.cpp
dom/tests/mochitest/fetch/mochitest.ini
dom/tests/mochitest/fetch/test_fetch_user_control_rp.html
dom/workers/ScriptLoader.cpp
dom/workers/WorkerPrivate.cpp
--- a/dom/base/test/referrer_helper.js
+++ b/dom/base/test/referrer_helper.js
@@ -71,16 +71,20 @@ var tests = (function*() {
   // enable referrer attribute
   yield SpecialPowers.pushPrefEnv({"set": [['network.http.enablePerElementReferrer', true]]}, advance);
   yield SpecialPowers.pushPrefEnv({"set": [['security.mixed_content.block_active_content', false]]}, advance);
   yield SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], advance);
 
   var iframe = document.getElementById("testframe");
 
   for (var j = 0; j < testCases.length; j++) {
+    if (testCases[j].PREFS) {
+      yield SpecialPowers.pushPrefEnv({"set": testCases[j].PREFS}, advance);
+    }
+
     var actions = testCases[j].ACTION;
     var tests = testCases[j].TESTS;
     for (var k = 0; k < actions.length; k++) {
       var actionString = actions[k];
       for (var i = 0; i < tests.length; i++) {
         yield resetState();
         var searchParams = new URLSearchParams();
         searchParams.append("ACTION", actionString);
--- a/dom/base/test/referrer_testserver.sjs
+++ b/dom/base/test/referrer_testserver.sjs
@@ -186,16 +186,35 @@ function createLinkPageUsingRefferer(aMe
              <body>
                 <script>
                   ${changeString}
                 </script>
              </body>
            </html>`;
 }
 
+function createFetchUserControlRPTestCase(aName, aSchemeFrom, aSchemeTo) {
+  var srcUrl = createTestUrl("", "test", aName, "iframe", aSchemeFrom, aSchemeTo);
+
+  return `<!DOCTYPE HTML>
+          <html>
+          <head>
+          <meta charset="utf-8">
+          <title>Test user control referrer policies</title>
+          </head>
+          <body>
+          <script>
+            fetch("${srcUrl}", {referrerPolicy: ""}).then(function (response) {
+              window.parent.postMessage("childLoadComplete", "http://mochi.test:8888");
+            });
+          </script>
+          </body>
+          </html>`;
+}
+
 function buildLinkString(aPolicy, aName, aRelString, aSchemeFrom, aSchemeTo, aTestType) {
   var result;
   var href = '';
   var onChildComplete = `window.parent.postMessage("childLoadComplete", "http://mochi.test:8888");`
   if (!aTestType) {
     href = `href=${createTestUrl(aPolicy, "test", aName, "link_element", aSchemeFrom, aSchemeTo)}`;
   }
   if (!aPolicy) {
@@ -208,16 +227,18 @@ function buildLinkString(aPolicy, aName,
 }
 
 function handleRequest(request, response) {
   var params = new URLSearchParams(request.queryString);
   var action = params.get("ACTION");
   var schemeFrom = params.get("SCHEME_FROM") || "http";
   var schemeTo = params.get("SCHEME_TO") || "http";
 
+  response.setHeader("Access-Control-Allow-Origin", "*", false);
+
   if (action === "resetState") {
     setSharedState(SHARED_KEY, "{}");
     response.write("");
     return;
   }
   if (action === "get-test-results") {
     // ?action=get-result
     response.setHeader("Cache-Control", "no-cache", false);
@@ -381,11 +402,16 @@ function handleRequest(request, response
     response.write(_getLinkPage("setAttribute"));
     return;
   }
   if (action === "generate-link-policy-test-property") {
     response.write(_getLinkPage("property"));
     return;
   }
 
+  if (action === "generate-fetch-user-control-policy-test") {
+    response.write(createFetchUserControlRPTestCase(name, schemeFrom, schemeTo));
+    return;
+  }
+
   response.write("I don't know action " + action);
   return;
 }
--- a/dom/fetch/FetchDriver.cpp
+++ b/dom/fetch/FetchDriver.cpp
@@ -103,16 +103,18 @@ FetchDriver::Fetch(FetchDriverObserver* 
 }
 
 // This function implements the "HTTP Fetch" algorithm from the Fetch spec.
 // Functionality is often split between here, the CORS listener proxy and the
 // Necko HTTP implementation.
 nsresult
 FetchDriver::HttpFetch()
 {
+  MOZ_ASSERT(NS_IsMainThread());
+
   // Step 1. "Let response be null."
   mResponse = nullptr;
   nsresult rv;
 
   nsCOMPtr<nsIIOService> ios = do_GetIOService(&rv);
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsAutoCString url;
@@ -272,17 +274,19 @@ FetchDriver::HttpFetch()
     if (mRequest->ReferrerPolicy_() == ReferrerPolicy::_empty) {
       mRequest->SetReferrerPolicy(net_referrerPolicy);
     }
     // Step 7 of
     // https://fetch.spec.whatwg.org/#main-fetch
     // If request’s referrer policy is the empty string,
     // then set request’s referrer policy to "no-referrer-when-downgrade".
     if (mRequest->ReferrerPolicy_() == ReferrerPolicy::_empty) {
-      mRequest->SetReferrerPolicy(net::RP_No_Referrer_When_Downgrade);
+      net::ReferrerPolicy referrerPolicy =
+        static_cast<net::ReferrerPolicy>(NS_GetDefaultReferrerPolicy());
+      mRequest->SetReferrerPolicy(referrerPolicy);
     }
 
     rv = FetchUtil::SetRequestReferrer(mPrincipal,
                                        mDocument,
                                        httpChan,
                                        mRequest);
     NS_ENSURE_SUCCESS(rv, rv);
 
--- a/dom/fetch/InternalRequest.cpp
+++ b/dom/fetch/InternalRequest.cpp
@@ -77,17 +77,17 @@ InternalRequest::Clone()
 }
 InternalRequest::InternalRequest(const nsACString& aURL,
                                  const nsACString& aFragment)
   : mMethod("GET")
   , mHeaders(new InternalHeaders(HeadersGuardEnum::None))
   , mContentPolicyType(nsIContentPolicy::TYPE_FETCH)
   , mReferrer(NS_LITERAL_STRING(kFETCH_CLIENT_REFERRER_STR))
   , mReferrerPolicy(ReferrerPolicy::_empty)
-  , mEnvironmentReferrerPolicy(net::RP_Default)
+  , mEnvironmentReferrerPolicy(net::RP_Unset)
   , mMode(RequestMode::No_cors)
   , mCredentialsMode(RequestCredentials::Omit)
   , mResponseTainting(LoadTainting::Basic)
   , mCacheMode(RequestCache::Default)
   , mRedirectMode(RequestRedirect::Follow)
   , mAuthenticationFlag(false)
   , mForceOriginHeader(false)
   , mPreserveContentCodings(false)
@@ -116,17 +116,17 @@ InternalRequest::InternalRequest(const n
                                  ReferrerPolicy aReferrerPolicy,
                                  nsContentPolicyType aContentPolicyType,
                                  const nsAString& aIntegrity)
   : mMethod(aMethod)
   , mHeaders(aHeaders)
   , mContentPolicyType(aContentPolicyType)
   , mReferrer(aReferrer)
   , mReferrerPolicy(aReferrerPolicy)
-  , mEnvironmentReferrerPolicy(net::RP_Default)
+  , mEnvironmentReferrerPolicy(net::RP_Unset)
   , mMode(aMode)
   , mCredentialsMode(aRequestCredentials)
   , mResponseTainting(LoadTainting::Basic)
   , mCacheMode(aCacheMode)
   , mRedirectMode(aRequestRedirect)
   , mIntegrity(aIntegrity)
   , mAuthenticationFlag(false)
   , mForceOriginHeader(false)
--- a/dom/tests/mochitest/fetch/mochitest.ini
+++ b/dom/tests/mochitest/fetch/mochitest.ini
@@ -26,32 +26,35 @@ support-files =
   !/dom/xhr/tests/file_XHR_pass1.xml
   !/dom/xhr/tests/file_XHR_pass2.txt
   !/dom/xhr/tests/file_XHR_pass3.txt
   !/dom/xhr/tests/file_XHR_pass3.txt^headers^
   !/dom/xhr/tests/responseIdentical.sjs
   !/dom/xhr/tests/temporaryFileBlob.sjs
   !/dom/html/test/form_submit_server.sjs
   !/dom/security/test/cors/file_CrossSiteXHR_server.sjs
+  !/dom/base/test/referrer_helper.js
+  !/dom/base/test/referrer_testserver.sjs
 
 [test_headers.html]
 [test_headers_sw_reroute.html]
 [test_headers_mainthread.html]
 [test_fetch_basic.html]
 [test_fetch_basic_sw_reroute.html]
 [test_fetch_basic_sw_empty_reroute.html]
 [test_fetch_basic_http.html]
 [test_fetch_basic_http_sw_reroute.html]
 [test_fetch_basic_http_sw_empty_reroute.html]
 [test_fetch_cors.html]
 skip-if = toolkit == 'android' && debug # Bug 1210282
 [test_fetch_cors_sw_reroute.html]
 skip-if = toolkit == 'android' && debug # Bug 1210282
 [test_fetch_cors_sw_empty_reroute.html]
 skip-if = toolkit == 'android' && debug # Bug 1210282
+[test_fetch_user_control_rp.html]
 [test_formdataparsing.html]
 [test_formdataparsing_sw_reroute.html]
 [test_request.html]
 [test_request_context.html]
 [test_request_sw_reroute.html]
 [test_response.html]
 [test_response_sw_reroute.html]
 [test_temporaryFileBlob.html]
new file mode 100644
--- /dev/null
+++ b/dom/tests/mochitest/fetch/test_fetch_user_control_rp.html
@@ -0,0 +1,97 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>Test fetch user control referrer policy Bug 1304623</title>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+    <script type="application/javascript;version=1.7">
+  const SJS = "://example.com/tests/dom/base/test/referrer_testserver.sjs?";
+  const PARAMS = ["SCHEME_FROM", "SCHEME_TO"];
+
+  const testCases = [
+    {ACTION: ["generate-fetch-user-control-policy-test"],
+      PREFS: [['network.http.referer.userControlPolicy', 0]],
+      TESTS: [
+         // 0. No referrer.
+        {NAME: 'default-policy-value-no-referrer-https-http',
+         DESC: 'default-policy-value-no-referrer-https-http',
+         SCHEME_FROM: 'https',
+         SCHEME_TO: 'http',
+         RESULT: 'none'},
+        {NAME: 'default-policy-value-no-referrer-https-https',
+         DESC: 'default-policy-value-no-referrer-https-https',
+         SCHEME_FROM: 'https',
+         SCHEME_TO: 'https',
+         RESULT: 'none'}],
+    },
+    {ACTION: ["generate-fetch-user-control-policy-test"],
+      PREFS: [['network.http.referer.userControlPolicy', 1]],
+      TESTS: [
+         // 1. Same origin.
+        {NAME: 'default-policy-value-same-origin-https-http',
+         DESC: 'default-policy-value-same-origin-https-http',
+         SCHEME_FROM: 'https',
+         SCHEME_TO: 'http',
+         RESULT: 'none'},
+        {NAME: 'default-policy-value-same-origin-http-https',
+         DESC: 'default-policy-value-same-origin-http-https',
+         SCHEME_FROM: 'http',
+         SCHEME_TO: 'https',
+         RESULT: 'none'},
+        {NAME: 'default-policy-value-same-origin-https-https',
+         DESC: 'default-policy-value-same-origin-https-https',
+         SCHEME_FROM: 'https',
+         SCHEME_TO: 'https',
+         RESULT: 'full'}],
+    },
+    {ACTION: ["generate-fetch-user-control-policy-test"],
+      PREFS: [['network.http.referer.userControlPolicy', 2]],
+      TESTS: [
+         // 2. strict-origin-when-cross-origin.
+        {NAME: 'default-policy-value-strict-origin-when-cross-origin-https-http',
+         DESC: 'default-policy-value-strict-origin-when-cross-origin-https-http',
+         SCHEME_FROM: 'https',
+         SCHEME_TO: 'http',
+         RESULT: 'none'},
+        {NAME: 'default-policy-value-strict-origin-when-cross-origin-http-https',
+         DESC: 'default-policy-value-strict-origin-when-cross-origin-http-https',
+         SCHEME_FROM: 'http',
+         SCHEME_TO: 'https',
+         RESULT: 'origin'},
+        {NAME: 'default-policy-value-strict-origin-when-cross-origin-https-https',
+         DESC: 'default-policy-value-strict-origin-when-cross-origin-https-https',
+         SCHEME_FROM: 'https',
+         SCHEME_TO: 'https',
+         RESULT: 'full'}],
+    },
+    {ACTION: ["generate-fetch-user-control-policy-test"],
+      PREFS: [['network.http.referer.userControlPolicy', 3]],
+      TESTS: [
+         // 3. Default no-referrer-when-downgrade.
+        {NAME: 'default-policy-value-no-referrer-when-downgrade-https-http',
+         DESC: 'default-policy-value-no-referrer-when-downgrade-https-http',
+         SCHEME_FROM: 'https',
+         SCHEME_TO: 'http',
+         RESULT: 'none'},
+        {NAME: 'default-policy-value-no-referrer-when-downgrade-http-https',
+         DESC: 'default-policy-value-no-referrer-when-downgrade-http-https',
+         SCHEME_FROM: 'http',
+         SCHEME_TO: 'https',
+         RESULT: 'full'},
+        {NAME: 'default-policy-value-no-referrer-when-downgrade-https-https',
+         DESC: 'default-policy-value-no-referrer-when-downgrade-https-https',
+         SCHEME_FROM: 'https',
+         SCHEME_TO: 'https',
+         RESULT: 'full'}],
+    },
+  ];
+
+  </script>
+  <script type="application/javascript;version=1.7" src="/tests/dom/base/test/referrer_helper.js"></script>
+
+</head>
+<body onload="tests.next();">
+  <iframe id="testframe"></iframe>
+</body>
+</html>
--- a/dom/workers/ScriptLoader.cpp
+++ b/dom/workers/ScriptLoader.cpp
@@ -201,17 +201,17 @@ ChannelFromScriptURL(nsIPrincipal* princ
                        aLoadFlags,
                        ios);
   }
 
   NS_ENSURE_SUCCESS(rv, rv);
 
   if (nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(channel)) {
     mozilla::net::ReferrerPolicy referrerPolicy = parentDoc ?
-      parentDoc->GetReferrerPolicy() : mozilla::net::RP_Default;
+      parentDoc->GetReferrerPolicy() : mozilla::net::RP_Unset;
     rv = nsContentUtils::SetFetchReferrerURIWithPolicy(principal, parentDoc,
                                                        httpChannel, referrerPolicy);
     if (NS_WARN_IF(NS_FAILED(rv))) {
       return rv;
     }
   }
 
   channel.forget(aChannel);
@@ -1228,17 +1228,17 @@ private:
           NS_ENSURE_SUCCESS(rv, rv);
 
           mWorkerPrivate->SetCSP(csp);
           mWorkerPrivate->SetEvalAllowed(evalAllowed);
           mWorkerPrivate->SetReportCSPViolations(reportEvalViolations);
 
           // Set ReferrerPolicy, default value is set in GetReferrerPolicy
           bool hasReferrerPolicy = false;
-          uint32_t rp = mozilla::net::RP_Default;
+          uint32_t rp = mozilla::net::RP_Unset;
           rv = csp->GetReferrerPolicy(&rp, &hasReferrerPolicy);
           NS_ENSURE_SUCCESS(rv, rv);
 
 
           if (hasReferrerPolicy) { //FIXME bug 1307366: move RP out of CSP code
             mWorkerPrivate->SetReferrerPolicy(static_cast<net::ReferrerPolicy>(rp));
           }
         }
--- a/dom/workers/WorkerPrivate.cpp
+++ b/dom/workers/WorkerPrivate.cpp
@@ -1606,17 +1606,17 @@ TimerThreadEventTarget::IsOnCurrentThrea
   return NS_OK;
 }
 
 NS_IMPL_ISUPPORTS(TimerThreadEventTarget, nsIEventTarget)
 
 WorkerLoadInfo::WorkerLoadInfo()
   : mWindowID(UINT64_MAX)
   , mServiceWorkerID(0)
-  , mReferrerPolicy(net::RP_Default)
+  , mReferrerPolicy(net::RP_Unset)
   , mFromWindow(false)
   , mEvalAllowed(false)
   , mReportCSPViolations(false)
   , mXHRParamsAllowed(false)
   , mPrincipalIsSystem(false)
   , mStorageAllowed(false)
   , mServiceWorkersTestingInWindow(false)
 {
@@ -3496,17 +3496,17 @@ WorkerPrivateParent<Derived>::SetPrincip
 
   aPrincipal->GetCsp(getter_AddRefs(mLoadInfo.mCSP));
 
   if (mLoadInfo.mCSP) {
     mLoadInfo.mCSP->GetAllowsEval(&mLoadInfo.mReportCSPViolations,
                                   &mLoadInfo.mEvalAllowed);
     // Set ReferrerPolicy
     bool hasReferrerPolicy = false;
-    uint32_t rp = mozilla::net::RP_Default;
+    uint32_t rp = mozilla::net::RP_Unset;
 
     nsresult rv = mLoadInfo.mCSP->GetReferrerPolicy(&rp, &hasReferrerPolicy);
     NS_ENSURE_SUCCESS_VOID(rv);
 
     if (hasReferrerPolicy) {
       mLoadInfo.mReferrerPolicy = static_cast<net::ReferrerPolicy>(rp);
     }
   } else {